External Email Banner

Overview

To enhance email security and help users better identify potential threats, we’re implementing external email banners. These banners will appear at the top of emails received from outside the University.

This update is part of our ongoing efforts to protect users and data from phishing, spoofing, and other forms of email-based attacks.

 

What Is an External Email Banner?

An external email banner is a notification that appears at the top of emails sent from outside our University. It is designed to remind recipients that the source of the email is external, thereby prompting extra caution when interacting with its content.

 

What to Expect

• The banner will appear only on emails from external senders. Internal communications will not be affected. If your internal email is being marked external due to the use of a third party app, please submit an External Email Banner Exemption Request.
• The presence of the banner does not mean the email is dangerous—only that it originated from outside the University.
• No banner doesn’t necessarily mean the email is safe-only that it originated from inside the organization.
• The banner will remain visible if you forward or reply to the message.

 

Common Mistakes to Avoid

1. Forgetting the banner means ‘external’, not ‘untrustworthy’: Some users may mistakenly assume that all bannered emails are harmful. The banner is simply a cautionary notice.
2. Overlooking attachments and links: Be especially cautious with files or links in external emails, even if they appear to come from a known sender. When in doubt, verify the request through another method (e.g., a phone call).
3. Assuming internal addresses won’t be spoofed: If an external sender spoofs a University email address, it may still bypass the banner. Always check the full email address if something seems off.
4. Copying and pasting the banner into replies: This occasionally happens when users quote the full email in a reply. The banner will be seen by the recipient, but it’s not harmful but it is redundant.

Why Is This Being Implemented?

External email banners provide a visual reminder that a message came from our trusted internal network. This is important because many phishing attacks and email scams come from external addresses that try to look like legitimate contacts.

Key benefits include:

• Increased awareness of email origin.
• Improved ability to detect impersonation attempts.
• Reduced likelihood of sharing sensitive information with the wrong party.

 

Purpose and Benefits

The primary goal of implementing these banners is to strengthen our University’s defenses against phishing, spoofing, and other email-based threats. By clearly labeling external emails, we encourage a more thoughtful review of all links, attachments, and requests for sensitive information. This additional awareness is similar to adhering to a security protocol—it is a precautionary measure aimed at safeguarding both individual users and the University as a whole.

 

Common Questions

Q: Why am I seeing this banner on emails from trusted contacts such as other departments or University vendors?
A: The banner is uniformly applied to all external emails to maintain a consistent security standard. Even trusted contacts can have their email systems compromised, so the banner serves as a reminder that any external email should be reviewed with caution.

Q: Can I disable the banner?
A: No. The banner is deployed centrally and cannot be disabled by individual users. This uniform implementation is critical for ensuring that all employees receive the same level of alert.

Q: Does an external banner indicate that an email is unsafe?
A: Not necessarily. The banner’s purpose is to indicate that the email is from an external source, not to label the content as harmful. It acts as a prompt for careful review.

Q: Why have we introduced this feature at this time?
A: With the evolving landscape of cybersecurity threats, it has become essential to equip our workforce with clear, consistent signals that help identify potential risks. The external email banner is one component of our broader security strategy.

 

Summary

The implementation of external email banners is a simple, effective way to help you recognize when an email is coming from outside the organization. This small change plays a big role in reducing risk and protecting both users and company data.