Marshall University Information Technology is introducing an updated email security solution provided by Microsoft in January 2021. In addition to antivirus and anti-spam protection, the Microsoft Defender for Office 365 service improves security for both incoming and outgoing mail. This will provide advanced protection against fraudulent email for our students, faculty, and staff. Key Benefits: Review quarantined messages: Ensure no legitimate messages are flagged as spam. A spam notification will be sent periodically with a list of quarantined messages. This notification will contain links that allow you to view, block, or release the message to your inbox. Identify approved senders: Adjust filtering settings so that desired messages, which have been incorrectly identified as spam, will not be flagged as such in the future Secure and protect your email inbox from: Unwanted mass mailings (spam) Messages with malicious payloads (viruses) Messages with links that will steal information or download malicious software (phishing) Frequently Asked Questions What do I need to do? No action needs to be taken on your part. Just keep an eye out for Spam Notifications which will come from firstname.lastname@example.org. You might receive an email periodically notifying you of messages that are in quarantine. If you do not receive these notifications, it means you have no email in your quarantine. What do the Spam Notifications look like? The new Spam Notifications will come from email@example.com with the Subject “Spam Notifications: [x] New Messages” Below is a screenshot of what a Spam Notification will look like in Microsoft Outlook: How can I view my quarantined messages? By default, Spam Notifications will be emailed to you no more than once daily. To view a quarantined message using the notification, click Review. This will open your browser and direct you to https://protection.office.com where you can view all messages in your quarantine for the last 30 days. To login, use your MUNet credentials and follow the prompts. Only click Release if you are sure the message is safe. Releasing the message will remove the message from the quarantine and deliver it to your email inbox. Once logged in to your Office 365 account, you can view a message by clicking on it, then going to Preview Message. You can also Release message from quarantine, View message header to see delivery metadata of the message, or Remove from quarantine. How long do I have to view my quarantined messages? A quarantined message will remain viewable for 30 days. After 30 days, the message will not be accessible. Can I view my blocked messages? There is currently no way to view a blocked message. If you know a legitimate email was sent to you and you are not receiving it, please contact the IT Service Desk at firstname.lastname@example.org or (304)696-3200. They will ask for the sender, date/time the message was sent, and any other details you know about the message. What’s the difference between quarantined emails and blocked emails? The main difference is visibility; you receive notifications that email has been quarantined, but are not notified of blocked email. When an email is quarantined, it does not go to your email inbox, but does go to a “quarantine inbox.” When this happens, you’ll receive a notification to your email inbox which allows you to view or deliver the message. Blocked messages are not delivered to your email inbox, and you do not receive a notification of them. There can be dozens of blocked messages daily, so it would be overwhelming to be notified of all of your blocked messages. Remember, when a message is blocked, it is because Microsoft Defender for Office 365 has marked it to be unwanted or fraudulent for a reason. Can I turn off or change the frequency of my Spam Notifications? There is currently no way to edit the frequency of the Spam Notifications. If you are receiving more than 1 per day, please open a support ticket with the IT Service Desk at email@example.com or (304)696-3200. Are emails I send filtered through Defender for Office 365? Yes. There are measures in place to detect any fraudulent activity coming from a Marshall email address. This helps MUIT discover and remediate compromised accounts. Any email you send to an external email address (a non-Marshall address) will be filtered through Defender for Office 365. If an account begins to send fraudulent email, an administrator will be alerted. How do I edit my Allow List and Block List? To edit Blocked and Safe Senders, login at https://outlook.office365.com with your MUNet credentials. Go to the Settings gear at the top-right and click View All Outlook Settings at the bottom of the menu. In the Settings window, go to Mail > Junk Email. Here, you can add email addresses and domains to your Blocked Senders and Safe Senders lists by clicking Add. Remove them by clicking the trashcan icon to the right of the entry. You can also edit the entry by clicking the pencil icon. Be sure to click Save at the bottom to save your changes. You can also edit your Safe and Blocked Senders list in the Microsoft Outlook application by right-clicking any message and going to Junk > Junk Email Options… What is the difference between phishing/fraudulent and spam/junk? Phishing is any fraudulent email designed to trick the recipient into taking an action that will compromise sensitive data. Bad actors who send phishing messages usually try to capture credentials, personal, business or banking information. Most phishing messages direct a victim to a webpage that looks like a familiar login page, such as Marshall’s Single Sign On. Others can infect a victim’s device with malware which can ultimately assist bad actors in collecting the data they are after. Some fraudulent messages are designed to impersonate a VIP of the university and trick an unsuspecting employee into sending account details or purchasing gift cards (also known as “whaling”). Spam is unsolicited emails aimed at selling goods or services, that the recipient did not subscribe to. Spam messages are not aimed at stealing information. While bothersome, spam is not as dangerous as phishing emails. It is important to know the difference between phishing/fraudulent email and spam/junk email when reporting unwanted messages. How do I report a message as Phishing or Junk? What happens when I report a message? It is important to know the difference between phishing/fraudulent email and spam/junk email when reporting unwanted messages. Before reporting a message as Junk or Phishing, please see the section above “What is the difference between phishing/fraudulent and spam/junk?” To report a message using the Outlook webUI at https://outlook.office365.com, click the ellipsis […] icon at the top-right of an unwanted message. Go to Report Message > Junk or Report Message > Phishing. Try to categorize the message appropriately. Messages reported as Phishing are sent to the MU Information Security team for further analysis, which aids in identifying and blocking future attacks. Spam messages misreported as Phishing are ignored and discarded; only phishing/fraudulent messages are analyzed by the MU InfoSec team. Messages reported as Junk (spam) are sent to Microsoft for further analysis to assist the research and improvement of their email protection technologies. When you report a message as Junk, the sender’s email address is also added to your Blocked Sender’s list. How do I send an encrypted email? Please visit https://www.marshall.edu/it/departments/it-service-desk/howdoi/encrypted-email/. What happened to Barracuda Essentials email protection? Marshall University Information Technology is phasing out the use of Barracuda Essentials. If you have any questions, please contact the IT Service Desk at firstname.lastname@example.org or (304)696-3200.