Inbound Email Disclaimer

 

Emory Is Adding An Inbound Disclaimer For All Emails Sent From External Senders

 

When receiving an email that comes from outside Emory, you will now receive an email with the following prefix disclaimer:

external

All email coming inbound to Emory will be labeled with this.  There are no exclusions to this.

 

This banner does not indicate the email is malicious or bad, nor does it indicate the email is safe.  It also does not affect junk email (whitelisting) determination.  The email could be legitimate and could end up in your Inbox or Junk email folder. 

However, since it was not sent from within Emory:

  1. Check to make sure the sender looks legitimate (example: would the sender email you from Gmail, if they’re an Emory vendor)?
  2. Is the sender someone you know, and is a subject matter you expect from them (example: Would the Emory President request you to go buy gift cards)?
  3. Does the email body / message content look suspicious?
  4. Does the email request you to logon someplace that’s not normal?

 

Background / History on why this is being implemented:

Emory has become a target of malicious actors attempting to commit fraud via email.  While Duo MFA has helped protect many of our authenticated systems, malicious actors are still attempting to gain access to information. 

 

In most cases the externally sent emails will be the name of someone or a Department you know.

 

From:  Emory Office of the President -  president.sterk @ somedomain.com

From:  Emory Human Resources -  emory.human.resources @ somedomain.com

 

When in busy times or using mobile devices, it can be very easy to miss that the email is not really from within Emory.  This banner is to serve as a reminder that this is not from within Emory’s environment.  While it may be safe, you should exercise caution and common sense prior to opening attachments or clicking on URL’s.