We all get phishing scam e-mails. Cornell tries its best to block what they can, whilst still allowing legitimate e-mails into our Inboxes. But what can we do on our end?
#1 – We can check the Cornell Phishbowl to see if this particular phishing e-mail in our Inbox is already listed: https://it.cornell.edu/phish-bowl
#2 – We can educate ourselves on how to spot a phishing e-mail or malicious website:
- https://it.cornell.edu/security-and-policy/spot-fraudulent-emails-phishing?cat=2&tip=78
- https://it.cornell.edu/security-and-policy
#3 – We can forward the scam e-mails to security-services@cornell.edu so the Cornell IT helpdesk is aware of the e-mails we are getting (to better block them in the future).
#4 – We can create Outlook rules to filter out additional scam e-mails that have common sender e‑mail addresses or phrases within them.
A couple of Outlook rules you can apply now:
- Send any @GMX e-mails to your Junk folder or Deleted Items folder
Watch how-to video: https://www.screencast.com/t/N0iecustMYmI (no audio with video)- Many phishing e-mails have been coming from e-mail addresses that end with @gmx.net or @gmx.de. (A Germany based e-mail service provider that offers free e-mail addresses.) Since most of us don’t correspond with anyone with this type of e-mail address, we can easily create an Outlook rule to send them right to our Junk folder or to our Deleted Items folder.
- “Validate your e-mail”… “Kindly update your Mailbox”… “Your student portal”… “account will be deleted permanently”… “restore your mailbox”
Watch how-to video to create rule for filtering text in e-mail message: https://www.screencast.com/t/Zp0P4d5hosv (no audio with video)- Any of those phrases sound familiar? Unfortunately phishing e-mails tend to be worded differently (or they misspell words!) so it’s hard to catch them all but if you see a common phrase that you don’t typically see in legitimate e-mails – go ahead and set up an Outlook rule to send those to your Junk folder. (It’s a good idea to go to your Junk folder once in a while to double check that nothing within is legitimate.)
- Remember:
- You can also create rules to filter common scam e-mail phrases found in e-mail subject lines.
- You can always go back to a rule you’ve created to add more phrases to filter into your Junk! Click on Rule and then “Manage Rules & Alerts” to edit your existing rules.