KI 2939 How do we protect emails at UiB?
(updated )
- 494,509 emails delivered into UiB
- 84,354 emails sent out from UiB
- 159,383 internal emails delivered
A lot of the blocking work is done by Microsoft (who provide our email services) without anyone at UiB being actively involved. Microsoft use their massive scale to detect and respond to threats faster and with more intelligence than we ever could.
Of course there are many spam or malicious emails that do make it through these defences. To protect you further, we have a number of automated and manual processes that we run each day to try and detect and stop the further spread of email risks:
- Each week we identify the highest risk accounts and ask Microsoft to apply additional controls to these accounts that make it harder to impersonate these people
- Daily, we review emails sent to UiB that have the same display name as our key users but are not sent from the UiB email address. We review these and block the senders whenever we find malicioius emails
- We review all emails delivered to see if they are from addresses trying to appear to be UiB but are in fact external to UiB
- We run a check to make sure our users are only using known email domains and we are not the source of SPAM for other organisations
- We continually check our email domains against the haveIBeenPwned service
- We read all of the SPAM/phishing/malware alerts that our users have told us about through Outlook and take appropriate actions
- We review all emails that are made to look like they're from VIPPS, remove and block them if they aren't genuine
- We review and contribute to alerts from other Norwegian universities - this way we share our knowledge and protect those across the sector
- Block the email address (sometimes the whole domain) from being able to send email to UiB (currently there are over 1700 email addresses and domains that are unable to send email to UiB)
- Remove messages that have already been delivered to mailboxes so that the malicious messages are no longer available to our users
The basic rules for dealing with email haven't changed for some time and can be summarised as:
- For any email you're unsure about, check the sender details on a computer - it's easier to see the real from address than on a mobile phone
- Don't click on links or open attachments that you're not expecting
- If something looks too good to be true, it probably is
- You don't have a long lost relative who wants to give you money
- Your colleague doesn't need you to buy them an Apple gift card
- You won't be asked to wire money to a company out of the blue without a valid purchase order
The best thing you can do is to be skeptical of the emails that you receive.
Next, if you think you have been sent a malicious email of any sort, report it to us. You can do this directly in Outlook by using the "Report" button and choosing either "Junk" (for email that is simply unwanted like emails from shops you no longer want) or "Phishing" for emails that are asking you to login to a website, send money or do something else that is out of the ordinary.
We review all reports that you make and take action that is necessary.
Do we read your email?
No. We comply with all current regulations with regard to access to employees (and students) emails, computers and storage areas.
Who should I contact if I have questions about email security?
You can contact the information security team by creating a topdesk case with a subject of "email security".