Have you ever clicked on an email thinking it was from a colleague or someone you know, only to realize later that it was from someone outside your organization. Email-based security threats like phishing attacks or business email compromise have been increasingly common lately.
In such attacks, the attacker poses as someone you know and requests a financial transaction, might include a link to a suspicious site, or contain a virus disguised as attachment.
Basically, the attackers try to trick you in sharing sensitive information or sending money by impersonating as a trusted figure such as an executive, and send a very convincing, real-looking email that appears like the person they are impersonating might send.
One effective way to stay alert is by adding a clear warning banner to the emails that you receive from outside your organization. Think of it as a friendly security guard who reminds you “Hey, this person is not from your building” every time you receive an email from someone outside your company.
While this banner might seem like a simple precaution, it is actually one of the effective first-line defense against phishing attempts that are becoming more prevalent these days. Let’s look at how external email warning banners can help protect your organization.
How Does External Email Warning Banners Help?
- A visual reminder before you initiate an external communication
- Alerts user when there is suspicious subject or content
- Reduces the risk of falling for email spoofing or phishing attempts
- Allows an extra moment to pause before acting on external emails
- Makes you mindful when you are handling requests from someone outside your organization that involve sensitive information or financial transactions
Things to Look Out for to Avoid Falling Trap to Phishing Attacks
- First things first, please check the sender address. They might have set the email name exactly as the person they are impersonating but the email address will be different. It can be something like abc@yourc0mpany.com instead of abc@yourcompany.com
- If the email requests immediate action such as purchases or wire transfers, be alert of such requests and confirm in-person or through a different channel with the concerned person before you proceed
- Look for unusual tone, sentence structure, or formats that suggests the email was written by a non-native speaker
- Be suspicious of requests about keeping things confidential or communicating with the sender only via email.
Now that you understand the importance of these protective warning banners and what to watch out for, let’s move on to setting up this rule in your M365 environment.
Guide to Setting Up External Email Warning Rule
While it may sound technical, it is super straightforward to set up external email warning rule in Microsoft 365 so that a caution message appears whenever anyone in your organization receives an email from an external sender.
Here’s how you can do it:
- First, you will need to log in to your M365 Admin Center with an admin account
- In the left-hand menu, go to Admin center > Exchange. This will lead you to the Exchange Admin Center (EAC) where you will find all your email-related settings.
- In the EAC, go to Mail flow > Rules. Now click the + (plus) button and go to “Create a new rule”.
- In the new rule window:
– Name the rule something descriptive, like ‘External Email Warning’.
– Under Apply this rule if, Choose The sender is located > Outside the organization.
– Under Do the following, select apply a disclaimer to the message > append a disclaimer and enter the text you want displayed in the warning message.
- (Optional) Exception: If there are any exceptions (e.g., trusted domains), you can exclude those by selecting Except if and specifying conditions (e.g., exclude emails from certain trusted external domains).
- Review the rule settings and then click Save.
Pro tip:
- Make sure the rule is assigned the appropriate priority within the mail flow rules, so it is executed before or after other rules as per your organization’s needs.
- It’s recommended to test the rule with a small group of users first to ensure it’s working as intended.
- Make sure to keep your warning message clear
This simple configuration helps warn users about external threats or potential phishing attempts by displaying a caution message at the top of emails that are received from outside the organization. The goal here is to help the team work more securely and confidently with external partners while staying alert to potential risks.
However, remember, implementing email warning banners is just one piece of a comprehensive security strategy. While the above guide helps you set up a basic defense rule, modern organizations need much more than this to approach organizational security.
If you are looking to strengthen organizational security beyond just warning banners, our suite of M365 security and compliance implementation services can help your secure your organization’s identity, apps, devices, and data.
Got any further questions? Feel free to drop us a line and we would be more than happy to answer.