As more information goes online, cyber threats are increasing across industries, including higher education. One particularly prevalent form of cyber threat is "phishing," fraudulent email that attempts to trick email recipients into revealing private identifying or financial information in order to use the information for illicit or illegal purposes. Malware can also be introduced through email.
How to Review and Release Quarantined Messages
To improve email security and protect account holders from cyber scams and malware, Instructional Innovation and Technology (IIT) continues to increase security in the university's email system by adding the following tools.
Verifying Email Addresses: If a legitimate email, sent from an @gsu.edu or @student.gsu.edu email address or from a contracted university vendor is not being delivered to recipients, the system or email address may need to be verified by our security team. Submit the Email Address for Verification Form
A banner now marks messages that come from senders outside the university in the Office 365 faculty and staff email system. The banner is visible at the bottom of email messages and can help you verify a sender's identity. If a message claims to be from a sender at the university but shows this banner, double check the message is from an expected email address or contact the sender.
A new Microsoft Quarantine service will soon begin filtering email that could be fraudulent, may contain malware or otherwise poses a security risk to prevent it from reaching your inbox. Messages the service determines may pose a risk will be separated and held in a protected area rather than directly delivered to your account. Once the service is enabled, you will get a nightly email listing which emails have been filtered so that you can safely preview and release messages you know are secure if a message is filtered in error. You can check the list of your quarantined messages at any time by logging into: www.gsu.edu/quarantine.
How to Review and Release Quarantined Messages | Reporting Junk and Phishing Emails
The Domain-Based Message Authentication, Reporting & Conformance (DMARC) policy requires verification of email messages claiming to come from the university if the messages are sent from systems outside of the university's official Office 365 Faculty/Staff Email System or the PantherMail Student Email system. Salesforce, MailChimp and Constant Contact are systems that can be used additionally, but require verification. When users are set up to send in Salesforce, verification is taken care of by the support team. Follow these instructions for MailChimp and Constant Contact. To make sure a system is verified to send as a legitimate university email address sender, submit:
Form to Submit an Email Address for Verification
Email the Cybersecurity Team: