Malicious phishing and malware emails continue to target members of the college community. As part of the ongoing effort to combat these attacks, ITS has rolled out Microsoft’s Advanced Threat Protection (ATP) service and now flags external emails for all Pomona email accounts. ATP provides three-part protection to your email through safe links, safe attachments, and anti-impersonation enhancements. Below is a brief overview of how these changes improve the security of your inbox.
Microsoft ATP Protection
Safe Links help to protect you against unknowingly clicking on a malicious link by automatically scanning all emailed links for phishing scams, viruses and malware. You may notice that links in your email look different. In some messages, links might appear longer than usual, and include text such as “na01.safelinks.protection.outlook.com."
If you click a link that is still being scanned, you may have to wait a few moments to try the link again. If you click on a link that is suspicious, you will be redirected to a warning page (examples of warning page). We don't recommend clicking through to any web pages that trigger the appearance of the warning page.
Safe Attachments help to protect you against unknowingly opening a malicious email attachment or file. For many email messages, you won’t notice any changes. You will see the entire message body, and an icon for your attachments. But if Microsoft is still scanning your attachments, you will see a placeholder attachment which reads “ATP Scan in Progress.”
While attachments are being scanned, users can preview the file safely in safe mode. This preview feature supports most PDFs and office files. If no suspicious activity is detected, the attachment is released for delivery to the mailbox.
If suspicious activity is detected, the placeholder attachment will read “Unsafe Attachments Blocked.” If you were expecting an attachment and it was identified as being potentially malicious and therefore blocked by Safe Attachments, you should contact the sender to scan/clean the file(s) and resend them.
Impersonation is a commonly used technique in targeted phishing attacks. Anti-Impersonation Enhancements detect phishing attacks from lookalike email addresses. Attackers may use domain impersonation or user impersonation. The most prevalent scenario of user impersonation is when someone impersonates an influential executive’s email and requests a transfer of money. To help mitigate these phishing techniques, emails that impersonate users will automatically be sent to quarantine.
Automated Visual Flagging of Off-Campus Emails
Automated visual flagging of off campus emails makes it easier to see potentially spoofed emails. This service works by adding an automated visual indicator to email messages that originate from a non-Pomona address. You will see “[EXTERNAL EMAIL] Exercise caution before clicking on links or opening attachments” at the bottom of the email. This helps prevent clicking on suspect emails or spoofed email addresses.
As these changes take place, please keep in mind the following:
- The protection is automatic. These premium security features activate automatically for all Pomona College email accounts.
- These security features work regardless of how you access your Pomona College email. Microsoft implements these security features in the cloud, so you will be protected whether you're accessing your Pomona College email on the web, your phone, the Mail app, or any other email client.
- The protection applies to Pomona.edu and mymail.pomona.edu mailboxes only. These advanced security features do not apply to third-party email accounts such as Gmail and Yahoo Mail that are synced to an Outlook account.
Thanks for helping to keep our network, and our people, safe from these cyber threats!