Email security
UQ has added an enhanced email threat detection service to the Microsoft M365 mail platform for UQ staff and students.
The service provides enhanced email filtering with increased resiliency to emerging scams and integrates with the existing Phish Alert (staff only) and Microsoft (students) buttons.
UQ staff and students continue to be faced with targeted email-based scams and threats. The complexity of these scams and their threat to the UQ community only continues to grow, requiring proactive action to mitigate these threats and allow staff and students to work safely.
What's changed
The new service automatically filters malicious emails and can recognise a variety of common email threats. It might move a message to your junk or recoverable deleted folder. The service, including the filtering, only functions on the Microsoft M365 platforms.
You might notice potentially unwanted emails being sent to your junk folder and threats sent directly to your recoverable deleted folder.
If you believe you're missing an email, please check the junk or recoverable deleted folders. If you believe an item is incorrectly placed in junk or recoverable deleted, then you can simply move it back to the appropriate folder.
If the email isn't in one of these locations, you can submit an IT request.
Report a suspicious email
The filtering service integrates with the existing Phish Alert (staff only) and Microsoft (students) buttons, so you can still report suspicious messages in the same way.
Reporting suspicious emails allows the service to continue to strengthen its ability to identify unwanted and malicious messages.
If you don't have a button to report an email, the process remains unchanged.
What to report
Occasionally, the service may miss an email that should have been moved to the junk or recoverable deleted folders. Reporting these missed emails allows the service to strengthen its ability to identify unwanted and malicious messages; and continues to keep UQ safe by identifying an emerging threat.
Emails that should be reported using the buttons include:
- Phishing – a message that is designed to extract personal information from a recipient.
- Impersonation (spoofing) – a message from an illegitimate sender, that has assumed the identity of a legitimate person or organisation. Impersonation messages commonly seek to make a connection or extract valuable information from a recipient, e.g. financial payments, personal data.
- Social engineering – when a scammer seeks to gain trust (either through making a connection or presenting themselves as legitimate) and inducing the recipient to disclose information, for financial or another form of benefit.
- Extortion – a message that seeks to make financial or other benefit by using threats or other means of intimidation. Recent cases of extortion have particularly targeted international students.
- Tech support scam – a message from an illegitimate sender that has assumed the identity of a legitimate organisation that provides technical products (e.g. software) support to users. Reporting tech support scams are also particularly important, as they pose as legitimate individuals and organisations within our digital landscape.
- Malware – a software package that damages, gives unauthorised access to, or disrupts the regular workflow of a device. Malware packages can pose as a variety of files, including PDF attachments to emails.
- Current event scam – a message that seeks to leverage current events to fraudulently extract personal information or money. This includes emails that promise government assistance in response to Covid-19.
- Prohibited activity – a message that seeks involvement in activities that contravene UQ Codes of Conduct. This includes emails that promote contract cheating and ghostwriting services. Reporting messages that promote prohibited activities are particularly important, as this assists in preserving the integrity of UQ, students and staff.
- Predatory journals – a message that requests submissions to an academic journal and asks contributors to pay, without providing peer-review or editing services. Reporting predatory journal messages are particularly important, as it protects staff, students, UQ and other organisations against theft and damage.
What not to report
Reporting buttons within Outlook are to protect the UQ community against malicious activity. They are not intended to be used to report activity on personal email addresses, or to report marketing messages from legitimate means.
Emails that should not be reported using the buttons include:
- Greymail – bulk email that you may have subscribed to in the past or is otherwise distributed directly to you via a legitimate means.
- Personal communications –messages that are unrelated to work activities.
- Spam – unsolicited messages from an illegitimate source, or one that seeks to ‘flood’ a recipient’s mailbox with a similar or same message.
If you receive emails from an unwanted sender, you can block them.