For a better experience, click the Compatibility Mode icon above to turn off Compatibility Mode, which is only for viewing older websites.

Technology Update - Office 365: Email and Security

August 16, 2017

Table of Contents:

Phishing Increase and Response
New Sign-In Process for Office 365 in Testing
"
Missing" Emails and Focused Inbox


Phishing Increase and Response

Recently, we've seen a marked uptick in the volume of "phishing" emails that ask you to provide your password to "verify your account" or "pick up a file." The best defense against phishing is to understand what it is so that you don't fall victim to it.

DREXEL DOES NOT ASK YOU TO CLICK EMAIL LINKS TO VERIFY, UPDATE, OR EXTEND AN ACCOUNT. SUCH MESSAGES ARE PHISHING FOR PASSWORDS AND SHOULD BE DELETED.

WHAT IS PHISHING?

Phishing is an attempt to trick you into providing your password (and sometimes other private information) to an unauthorized person so that they can use it to attack you and others or commit fraud. It's done when someone sends you a message that seems legitimate, but isn't, and asks you to "sign in" to a website that looks legitimate, but isn't. If you do sign in, you’ve unwittingly given away your password.

REDUCING PHISHING EMAIL

To reduce the damage caused by phishing messages, Drexel activated Email Advanced Threat Protection (ATP). The Safe Links feature of ATP tests links in messages for suspicious behavior or content, and blocks those that fail. (If a site's safety has only recently been compromised, Safe Links might not yet recognize it, so remain cautious.)

Links in messages sent from one Drexel account to another aren't yet checked. Drexel IT is taking additional steps to quickly detect and disable compromised accounts to prevent them from sending large volumes of phishing messages. If you’ve clicked a phishing link and later find your account inaccessible, contact the IT Help Desk at 215.895.2020.

YOUR ROLE IN REDUCING PHISHING

While ATP and automatic account-locking help, human judgment is still necessary. When you receive a message with any link, even if you recognize the sender, pay due attention to the link before clicking it. More importantly, don't be tricked into clicking a link because of any claim that something bad will happen unless you act now—time pressure and threats are hallmarks of phishing messages.

Many phishing messages claim to be from well-known organizations (e.g., Drexel, Verizon, TD Bank, and more). Rather than using links contained in such messages, it is a best practice to access the website of the organization using your existing bookmark for it or by searching for their website. This way, you'll know you didn't follow a link to a look-alike website designed to trick you into giving away your password.

Be aware that email links can be masked; a link that shows one address in the message can take you to a completely different one when clicked. You can see where it really goes by hovering your mouse over the link (without clicking it!)–the address behind the link will be shown near the mouse or in the bottom corner of some browsers. For example, this sentence has a link that says that it goes to http://portal.office.com, but it doesn't. Can you tell where it really goes?

Note: You might see some links that contain "safelinks.protection.outlook.com." This means ATP will check these links when you click them.

You can help Drexel IT identify phishing messages:

  1. Address a message to mailabuse@drexel.edu with the subject "Phishing"
  2. Drag the phishing message from the mail list to the body of the new message
  3. Click "Send"

If you already clicked a link, provided your password, and later suspect you've been phished, change your password immediately by going to the Drexel accounts management page at accounts.drexel.edu. (Given what you learned above, you know to type that address into a browser instead of trusting without question a link embedded in an email message!)


New Sign-In Process for Office 365 in Testing

The sign-in process for Office 365 will soon change. Microsoft is currently testing a new sign-in process for Office 365 that prompts for your account name on one page and your password on a second page. During this testing, you might see a popup box that offers you a chance to try the new method. Whether you use the old or new methods is a matter of your personal preference and does not affect services once you are signed in, and you may revert to the old method after trying the new.


"Missing" Emails and Focused Inbox

Earlier in 2017, Office 365 began offering an email feature called Focused Inbox. For many Outlook users, Focused Inbox is already active. If you don't know that it splits your Inbox, some of your messages might appear to be missing.

Microsoft states that Focused Inbox "separates your Inbox into two tabs—Focused and Other. Emails that matter most to you are in the Focused tab, while the rest remain easily accessible—but out of the way in the Other tab."

Focused Inbox is already turned on in Outlook on the Web, the Outlook apps for iOS or Android, the Windows 10 Mail app, and some versions of Outlook 2016 for Mac; Focused Inbox will come to Outlook 2016 for Windows later this summer.

With Focused Inbox turned on, you'll see new information above your messages:

Focused Inbox Screenshot

  1. These tabs appear above your messages; you can switch between your Focused and Other messages here
  2. If messages were sorted to the Other tab, a bar summarizes what was moved

If you like the idea of sorting your messages e.g. according to importance, senders, content, or relevancy, work with Focused Inbox for a while to help it learn what you want to appear where. If it improperly sorts a message, move it from one tab to the other to "teach" it how you want certain messages sorted. Over time and with continued usage, sorting behavior will improve.

If you don't want your mail presorted, turn off Focused Inbox. If you use multiple computers or devices, you'll need to turn off Focused Inbox for each. For more information about Focused Inbox, and how it works, see the Microsoft site.