Information Technology

Email Disclaimers FAQ

Starting in November 2019, Marshall email recipients will begin to see disclaimers inserted into certain email messages. These disclaimers are designed to make the recipient aware that the message they received came from outside the organization and could be malicious.

 

Below is an example of what the disclaimer will look like:

The disclaimer is for your information only. It is simply a reminder to be extra careful when responding to the message, clicking links within the message, or opening any attachments. Messages with the disclaimer came from outside the organization and could be from a sender who is misrepresenting who they are or the message could contain malicious content.

We ask that you use extra caution with the message. Do not reply, click on any links, or open any attachments unless you are sure the message is authentic. If you’re unsure  whether the message truly came from the sender in the signature, we recommend verifying with the person by calling their office phone or simply stopping by their office to ask if they sent the message.

Are you expecting this message? One of the best ways to spot a fraudulent message is to ask yourself if you were expecting it, even when you know the sender.

Do you know the sender? Verify the email address, not just the display name. For example:

Gilbert, Jerome <imthepresident@gmail.com>

Microsoft Office365 <microsoft@homestarinc.com>

Is the message written with a sense of urgency? For example:

  • Your account will be deactivated if you don’t act soon!
  • A server has been updated and your account information needs verified.
  • Important message!” (Especially when from an important person, such as president of the university.)
  • Important document to view!

Does the message have typos or other anomalies?

Hover your mouse over links (without clicking) to reveal the URL.

    1. Is the URL what you would expect?  https://www.goodsite.com
    2. Is the URL a shortened link, such as bit.ly, tinyurl.com, or goo.gl?
    3. Is the URL the legitimate website of the organization sending the message?
      (For example, if a message is claiming to come from an office of Marshall University, does the URL you are being asked to click begin with https://www.marshall.edu?)

When in doubt, ASK US! – Forward the message to phishing@marshall.edu. If you would like a reply, please be sure to ask a specific question when you forward a suspicious message. We receive many phishing reports per day and do not reply to all of them, but are happy to answer any questions you have!

Below are some examples of phishing scams with clues that indicate this might not be a legitimate message:

IT Service Desk

Contact
In person – Drinko Library 141
304-696-3200
Live Chat available on our pages

Desk Hours
Monday – Thursday 7:00 AM – 11:30 PM
Friday 7:00 AM – 5:00 PM
Saturday 10:00 AM – 6:00 PM
Sunday 1:00 PM – 11:30 PM

Blackboard Status