Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Help deciding on phishing message when it's from a reliable source Outlook 2010

Posted on 2016-07-20
4
Medium Priority
?
322 Views
Last Modified: 2016-07-21
We have been receiving this message from emails of people that we trust.  They are professionals that we assume they will not place any spam or spyware in emails the sent us.  That said, the message is: "this might be a phishing message and is potentially unsafe ... outlook blocked... unsafe attachments" (see pix below)

phishing
Question:

How can we determine if their email is safe (beside calling them)?
0
Comment
Question by:rayluvs
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 11

Expert Comment

by:Clark Kent
ID: 41722178
Hello

You can refer to the following kb article which discusses the same issue faced by you.

https://support.office.com/en-us/article/Enable-or-disable-links-and-functionality-in-phishing-email-messages-f157f978-c8ed-410b-a9e3-a15a3e65cbf3

Hope this resolves your problem.


Thanks & Regards
Clark Kent
0
 
LVL 65

Accepted Solution

by:
btan earned 2000 total points
ID: 41722952
We may trust the user by themselves but not the machine itself totally as the email can still be from their (compromised) account or machine is infected and unknown to the sender. For assurance check, the attachment can be send out to Virustotal online (https://www.virustotal.com/) to scan. There’ is no foolproof way to know for sure whether a file is actually a false positive.

We can do best to gather evidence for e.g. indicator compromise from
a) Scan using other antivirus scanner,
b) Check the email header (using "Message Header Analyzer" -https://technet.microsoft.com/library/dn133083(v=exchg.80).aspx) whether from any unknown email relay,
c) Check sender’s domain if it has Sender Policy Framework (SPF) record configured/set up in the domain’s registrar - email as potential fraud since it was forwarded from 3rd party IPs.

Before making our best guess on the email trustworthiness, you may also consider preventive measures setup early to
- Block email spam using spam filter block lists
- Block bulk mail with transport rules or the spam filter
- Block IP addresses with a connection filter (check
- Avoid false negatives and junk mail by telling your sender to add the spam sender address to their blocked sender list in Outlook or Outlook Web App. Likewise, you can tell them to add sender addresses to their safe sender list.
- Good to ask sender to send signed or even encrypted email and that will really help your future verification of their emails https://www.signfiles.com/manuals/DigitalSignatureEncryptionOutlook.pdf
0
 

Author Comment

by:rayluvs
ID: 41723075
btan, u always give more than expected!! Thanx!!
0
 
LVL 65

Expert Comment

by:btan
ID: 41723261
thanks for sharing
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes how to import Lotus Notes Contacts into Outlook 2016, 2013, 2010 and 2007 etc. with a few manual steps. You can easily export and migrate Lotus Notes contacts into Microsoft Outlook without having to use any third party tools.
The core idea of this article is to make you acquainted with the best way in which you can export Exchange mailbox to PST format.
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question