From: YCOE ITS COMMUNICATION <ycoe-ITSfirstname.lastname@example.org>
Subject: Phishing/Spear Phishing Spam Email Update
To: All YCOE Employees
From: Information & Technology Services Department, YCOE
Subject: Phishing/Spear Phishing Spam Update
NOTICE: If you receive external email originating outside YCOE you will now see the word [External] before a sender's name or email address. This is a way to flag or “tag” email sent from non-YCOE email servers.
However, If you see the word [External] in the subject field of a YCOE employee’s message, then please use extra caution. Messages sent from YCOE employees using the YCOE email system will not include this tag and this may be an attempt at what’s referred to as a “Spear Phishing.”.
Phishing is an attempt to compromise an organisation through email impersonation. Spear Phishing is a targeted attempt to compromise a specific organization using publicly available information (e.g. an employees name and title). Several employees have received this type of “spear phishing” email message over the past few weeks appearing to be sent from a supervisor but was in fact sent from an unknown external sender asking them to purchase gift cards. From now on you will be able to more easily determine if this is a fraudulent email message if it looks to be from a YCOE employee but has the [external] tag in their name field. Please note that this tag will be included in all messages originating from outside YCOE mail servers. That is an intended descriptor. You only have to be concerned if it is present in the sender field of an email appearing to be from a YCOE employee.
If in doubt or if you feel your account has been compromised, please contact the ITS Networking Group at (530) 668-3739 or by sending an email to email@example.com.
For more information on how to recognize and avoid phishing scams visit the FTC CTC website at:
or download the infographic here:
Information & Technology Services, YCOE
ITS Support Portal
Communication • Respect • Transparency • Celebration