For improved security related to emails received from senders outside of the university, the Office of Technology and Digital Innovation is enabling two new email security features on Monday, March 14.
Email Warning Banners
The first added security measure will be email warning banners. These banners are visual indicators added to the top of email messages that provide additional context to the origin or credibility of the sender. Email messages sent from sources outside of the university will include an email warning banner at the top of each message.
This email security enhancement can be helpful in identifying fake senders or those looking to impersonate a university employee or service. It also allows users to report a potential threat directly from the banner using the Report Suspicious button. Learn more about email warning banners in this job aid on Service Now (login with Ohio State credentials required to access Service Now).
Examples of warning banners in desktop and mobile format (below) display information that these messages may not be safe and recommend caution when interacting. In the case of the second image below, the message is from an Amazon imposter and should be reported through the Report Suspicious button.
Messages from external sources will arrive to your inbox with an external sender warning banner. This is an indication that the message originated from an external source. Some messages tagged with an external sender warning banner may attempt to impersonate university employees or services. Not all external sources are threats but if you suspect that a message is not genuine, you can report it at any time through the Report Suspicious button.
University Email Attachment Filter
The second email security enhancement is the expansion of the email attachment file type block list. Access the full list of blocked file types on Service Now (login with Ohio State credentials required to access Service Now). Expansion of this list is an important step in continuing to protect you from email threats and eliminates risks to university systems that may result in the unintended exposure of institutional data.