Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 444
  • Last Modified:

Help deciding on phishing message when it's from a reliable source Outlook 2010

We have been receiving this message from emails of people that we trust.  They are professionals that we assume they will not place any spam or spyware in emails the sent us.  That said, the message is: "this might be a phishing message and is potentially unsafe ... outlook blocked... unsafe attachments" (see pix below)

phishing
Question:

How can we determine if their email is safe (beside calling them)?
0
rayluvs
Asked:
rayluvs
  • 2
1 Solution
 
Clark KentCommented:
Hello

You can refer to the following kb article which discusses the same issue faced by you.

https://support.office.com/en-us/article/Enable-or-disable-links-and-functionality-in-phishing-email-messages-f157f978-c8ed-410b-a9e3-a15a3e65cbf3

Hope this resolves your problem.


Thanks & Regards
Clark Kent
0
 
btanExec ConsultantCommented:
We may trust the user by themselves but not the machine itself totally as the email can still be from their (compromised) account or machine is infected and unknown to the sender. For assurance check, the attachment can be send out to Virustotal online (https://www.virustotal.com/) to scan. There’ is no foolproof way to know for sure whether a file is actually a false positive.

We can do best to gather evidence for e.g. indicator compromise from
a) Scan using other antivirus scanner,
b) Check the email header (using "Message Header Analyzer" -https://technet.microsoft.com/library/dn133083(v=exchg.80).aspx) whether from any unknown email relay,
c) Check sender’s domain if it has Sender Policy Framework (SPF) record configured/set up in the domain’s registrar - email as potential fraud since it was forwarded from 3rd party IPs.

Before making our best guess on the email trustworthiness, you may also consider preventive measures setup early to
- Block email spam using spam filter block lists
- Block bulk mail with transport rules or the spam filter
- Block IP addresses with a connection filter (check
- Avoid false negatives and junk mail by telling your sender to add the spam sender address to their blocked sender list in Outlook or Outlook Web App. Likewise, you can tell them to add sender addresses to their safe sender list.
- Good to ask sender to send signed or even encrypted email and that will really help your future verification of their emails https://www.signfiles.com/manuals/DigitalSignatureEncryptionOutlook.pdf
0
 
rayluvsAuthor Commented:
btan, u always give more than expected!! Thanx!!
0
 
btanExec ConsultantCommented:
thanks for sharing
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now