Most email scams begin with messages from an external email system. As part of the University of Iowa's effort to reduce phishing and other email scams, these external email messages will now receive an [External] tag in the message subject.

Internal Message Subject Example:

"Meeting today at 3:00pm"

 

External Message Subject Example:

"[External] Meeting today at 3:00pm"

 

Phishing emails are getting more sophisticated and compelling. The email subject might be worded in a very compelling way. The text itself includes threats of lost access, requests to change your password, or even IRS fines. The sender’s email address can be a clever fake, or can even be “spoofed” to appear like someone you know. Don’t believe it!

Many safe and legitimate email messages come from external email systems. The [External] tag does not mean the message is a scam, but it does provide additional information about the message source. The [External] tag is there to help. The [External] tag means you need to stop and think about this email:

  • Is it from a sender you know? Were you expecting the email? Verify with your friend or co-worker over the phone if you are unsure or if the email seems a bit off.
  • If there is a link in the message, Don’t click it!  Instead, visit the Phishing Examples page to see if it has been reported. If it is a known phishing message, delete it. If the message is not listed and seems suspicious, please attach the message and send the email to ui-phishing@uiowa.edu for review.  For more information on identifying spam and phishing see How to Recognize and Avoid a Phishing Scam
  • Does the message make sense? A legitimate message would not ask you to provide your credentials to maintain your account access.
  • No [External] tag, but still a bit suspicious? Internal users can have their account compromised and be used to send out additional phishing emails. Visit this site updated by the ITS Help Desk to see if it has been reported.

This new feature will help protect your account from possibly being compromised as well as protect the University.  If your account gets compromised, the spammers may gain access to University systems and confidential information.  

Note:  External to Office365 email senders with DMARC compliant uiowa.edu subdomains should not need exemptions to external tagging.  [External] tagging will not be added if both the following two conditions are met:

  1. The sender address is .uiowa.edu
  2. The Authentication-Results email header has dmarc=pass in it.

No, [External] tagging is added to all University of Iowa email accounts to help signify email from unknown sources.

Some University of Iowa services use cloud systems which are not physically located on campus. In some cases it may be appropriate for these systems to be exempted from the [External] tagging because they are a trusted source. Guidelines for this process:

  • Service is specific to the University of Iowa
  • Service is a campus standard platform used across several units

Submit requests to ITS Help Desk at its-helpdesk@uiowa.edu.

Not all [External] messages are dangerous. Many legitimate messages come from external sources. However, a common phishing technique is spoofing our University of Iowa email addresses. The [External] tag is one more signal to determine authenticity.

No additional scanning, filtering or sorting is performed. If the message origin is a non-University of Iowa system then [External] is added to the beginning of the email message subject.

To filter mailings from [External] sources, create a rule using these instructions and a Subject line filter for “[External]”.

Article number: 
114496
Last updated: 
April 15, 2019
Service: