Security Tip: Updated Security Setting for Email

stopthinkprotect


National Cybersecurity Awareness Month may be over, but phishing is always SHSU’s number one cybersecurity threat. Phishing is the process of sending fake emails to convince the recipient to provide their personal information, such as login credentials for their bank account. To minimize the threat of phishing at SHSU, we are enabling a new Microsoft security feature, SafeLinksthis month to help you keep yourself and the university protected.  

Orange Icons-12How does SafeLinks work?
As Microsoft detects a link in an email, SafeLinks will automatically scan the content of the website from the link. If malicious content is discovered, SafeLinks will block the site and prevent you from accessing it. The IT@Sam security team can also block a malicious link manually using Safelinks to keep you and the university protected. 

Orange Icons-07But remember, no technology is 100%...
That is why we depend on you to continue using safe email practices. You should only think of it as a backup. When you receive an email, follow the below tips before opening an attachment or clicking a link.

  1. BE WARY of messages that sound too good to be true or have a sense of urgency.
  2. DO NOT CLICK links or open attachments from unknown senders.
  3. REVIEW EMAILS for simple signatures and/or no contact information.

Orange Icons-24What if I click a link and the website is suspicious?
If you click on a link that wasn’t blocked, but the site seems malicious or suspicious, simply stop and forward the email to the IT@Sam security team at abuse@shsu.edu so they can investigate. 

Take a look below for more information about how SafeLinks works and what a SafeLink looks like:

  • SafeLinks

    As Microsoft sees a link in email it will scan the URL for malicious content and then block the site if it does detect malicious content and block you from going there. Many times, the email client will display the original URL in the email; however, sometimes the email client may display the link as a rewritten link. A rewritten link is how SafeLink converts the original link to check it for malicious content. Links might appear longer than usual and include text such as safelinks.protection.outlook.com in the link.

    Wrapped Link

    Note: If you receive this link anywhere other than in an email, the link will not have a recipient’s email inside of it. 

    If SafeLinks deems the website you clicked on to be malicious, you may receive the notification similar to the one below.

    Malicious Website Warning

For additional questions regarding SafeLinks, contact the IT@Sam Service Desk or take a look at our IT@Sam Security Technology Tutorials.