To help ensure proper delivery of emails to your K-State Inbox, Information Technology Services (ITS) maintains an Approved or Safe Sender whitelist. A whitelist is a list of email addresses, domains, and IP addresses which will not be blocked by K-State’s spam filters.
Whitelisting introduces additional cybersecurity risks. Spammers take advantage of whitelisting which makes our K-State inboxes more susceptible to spam, phishing scams, and viruses. Spammers create spoofed emails from whitelisted email addresses, domains, and IP addresses, which will make their way to your Inbox. When you click on the spoofed emails and links, you will unknowingly expose the K-State network to viruses and harm.
Previously, email from K-State LISTSERV lists were whitelisted. Now, LISTSERV emails will go through the Spam check in Office 365, and will not be whitelisted. ITS will only whitelist emails that have a business need. The goal is to reduce K-State’s exposure to spam and allow the spam protections in Office 365 to do their job.
The whitelisting change will go into effect Oct. 2. After this date, periodically check your Junk Email folder to make sure you are not losing important, safe emails. If you are losing important emails, fill out this form to request a global settings change that will move those emails into your Inbox instead. Requests will be considered on a case-by-case basis for approval.
If you have questions, contact Greg Dressman, director of Enterprise Server Technologies, firstname.lastname@example.org.
To help combat spam, malware, and phishing attacks, Microsoft has implemented a feature called Email Safety Tips.
If a message includes a safety tip, it is displayed at the top of your email. The messages have four color-coded categories:
Red – Suspicious safety level messages are either a known phishing message, have failed sender authentication, are a suspected spoofing message or have met some other criteria that Microsoft has flagged as fraudulent. Be cautious in reviewing the message. There is a chance that it could be a legitimate email and mismarked. Otherwise delete the email.
Yellow – Unknown safety level messages are marked as spam. You can click the It’s not spam link in the yellow bar of a junk mail item to move the message to your inbox.
Green – Trusted safety level messages are from domains identified by Microsoft as being safe.
Gray – Safe safety level messages are messages not filtered for spam because it is either considered Safe by the user’s organization, is on the user’s safe senders list or Microsoft marked the message as junk but the user moved it out of the junk folder to the inbox. The gray safety bar also appears when images within the message have been disabled.
You will see all four types of Safety Tips when using Outlook on the web. However, Outlook clients will only show the Suspicious saftey tip.
If you have any questions, contact the IT Help Desk (email@example.com or 532-7722.)
Since Jan. 1, Information Technology Services reported and blocked more than 2,100 phishing scams. However, before the blocks were in place, nearly 1,000 K-Staters shared their eID passwords.
Remember: You are responsible and the best line of defense to protect your identity, personal information and university resources. K-State will never ask for your eID password over the phone or in an email.
Attention: ITS staff will change the way K-State filters email on Thursday, Oct. 27. Specifically, email coming through k-state.edu or ksu.edu domains will be run through an email filtering process to reduce the amount of spam and phishing scams reaching your inbox. With the number of spam emails and phishing scams coming through to ksu.edu and k-state.edu addresses, we all need to change our practices.
“Locky” is a new “crypto-ransomware” type of malware that locks up your computer files and requires a monetary payment to unlock them. Locky is delivered via email as an invoice in a Word attachment.
Details from one ransomware email are shown below; this may be one of many variations.
Subject line: ATTN: Invoice J-98223146
Message: Please see the attached invoice (Microsoft Word Document) and remit payment according to the terms listed at the bottom of the invoice.
If you click on the attachment, you are encouraged to “enable macros”. If you comply and enable macros, malicious code is installed and the malware attack begins. The malware will begin to encrypt your files and attach the “Locky” extension. A ransom note is then left in every directory that has been infected, informing you to make a payment in order to unlock your files.
If you receive a ransomware email, do NOT click on the attachment. Send the original email with full Internet headers to firstname.lastname@example.org, and delete the email. How to include full email headers is at k-state.edu/its/security/report/getheaders.html.
Information Technology Services will perform scheduled maintenance on Office 365 beginning at 10 p.m. Saturday, Feb. 13, through 10 a.m. Sunday, Feb. 14. Office 365 may not be accessible during this time period, but no email will be lost. Thank you to campus for your patience as we work to maintain our ITS systems. Continue reading “Office 365 maintenance scheduled Feb. 13-14”→
Students who are graduating or simply leaving K-State for new adventures can keep their K-State email accounts, as well as their email address. Read on for details, including tech tips to manage your K-State email and other IT resources. Also see these: