• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 536
  • Last Modified:

Help deciding on phishing message when it's from a reliable source Outlook 2010

We have been receiving this message from emails of people that we trust.  They are professionals that we assume they will not place any spam or spyware in emails the sent us.  That said, the message is: "this might be a phishing message and is potentially unsafe ... outlook blocked... unsafe attachments" (see pix below)


How can we determine if their email is safe (beside calling them)?
  • 2
1 Solution
Clark KentCommented:

You can refer to the following kb article which discusses the same issue faced by you.


Hope this resolves your problem.

Thanks & Regards
Clark Kent
btanExec ConsultantCommented:
We may trust the user by themselves but not the machine itself totally as the email can still be from their (compromised) account or machine is infected and unknown to the sender. For assurance check, the attachment can be send out to Virustotal online (https://www.virustotal.com/) to scan. There’ is no foolproof way to know for sure whether a file is actually a false positive.

We can do best to gather evidence for e.g. indicator compromise from
a) Scan using other antivirus scanner,
b) Check the email header (using "Message Header Analyzer" -https://technet.microsoft.com/library/dn133083(v=exchg.80).aspx) whether from any unknown email relay,
c) Check sender’s domain if it has Sender Policy Framework (SPF) record configured/set up in the domain’s registrar - email as potential fraud since it was forwarded from 3rd party IPs.

Before making our best guess on the email trustworthiness, you may also consider preventive measures setup early to
- Block email spam using spam filter block lists
- Block bulk mail with transport rules or the spam filter
- Block IP addresses with a connection filter (check
- Avoid false negatives and junk mail by telling your sender to add the spam sender address to their blocked sender list in Outlook or Outlook Web App. Likewise, you can tell them to add sender addresses to their safe sender list.
- Good to ask sender to send signed or even encrypted email and that will really help your future verification of their emails https://www.signfiles.com/manuals/DigitalSignatureEncryptionOutlook.pdf
rayluvsAuthor Commented:
btan, u always give more than expected!! Thanx!!
btanExec ConsultantCommented:
thanks for sharing
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Easily manage email signatures in Office 365

Managing email signatures in Office 365 can be a challenging task if you don't have the right tool. CodeTwo Email Signatures for Office 365 will help you implement a unified email signature look, no matter what email client is used by users. Test it for free!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now