With the threat of cyberattacks increasing everyday, and phishing still being one of the biggest threats to schools and businesses alike, here is a quick tip to help protect your network by prepending a warning message on external emails.
Although this is just a simple message, it will hopefully make your users think twice before clicking links. It will also help users differentiate between real and spoofed emails, with common phishing attempts using the names of your colleagues/bosses, pretending to be them in order to extract money or data from users.
To begin simply head over to the exchange admin centre in Microsoft 365 > Mail flow > Rules
Add new rule and choose ‘Apply Disclaimers‘
Give your rule a name and choose Apply rule if – “sender is located” and Outside the organisation
Scroll don to the bottom of the window and click ‘More Options‘ this is important as you will not see the settings until you do so.
Under ‘Do the following‘ change the ‘append the disclaimer’ to ‘prepend the disclaimer‘
Click ‘Enter Text‘ and enter the message you wish to prepend to your emails.
This can be whatever you like, however to make it stand out to users, i recommend using HTML to add a background colour, the following code is what I use in my organisation.
<div style="background-color:#ffd3b7; border:0px dotted #003333; padding:.2em; "><div style="font-size:10pt; font-family: sans-serif; font-style:normal; font-weight:bold; padding:.2em"><strong>Warning! </strong>This email originated from outside of Your Organisation. Use caution when clicking links or attachments as they could open malicious web sites or files.</div> </div>For the and fall back to action section choose ‘Wrap‘.
Hit Save and that’s it, you should now start to receive a warning message on any external emails, this normally works within a few minutes.
#EdTech Network Manager, experienced in Microsoft 365, Server 2019, Intune, SCCM and anything inbetween.
Great article. Straight forward and easy to follow. Thanks