Warning banner to alert users of email from non-Purdue sources 

To combat email spear phishing and other cyber-attacks, emails sent to personal Purdue email accounts from external sources will soon appear with a warning banner designed to remind the recipient to use caution when opening links or attachments.  

The banner, which reads “External Email: Use caution with attachments, links or sharing data,” does not appear on outgoing email and does not impact delivery or affect the content of the email. Instead, it helps protect the recipient from “spear phishing” attempts, which is the fraudulent practice of sending emails appearing to be from a known or trusted sender to induce targeted individuals to reveal confidential information.  

The warning banner will be placed on all email from external sources starting on June 1, but anyone can request to have their account receive bannered emails now by filling out this request form 

Although spear phishing attempts are not new, individuals with ill intent have increased the use of the tactic as security measures like multi-factor authentication have made phishing less successful. At Purdue, ITaP is seeing a rise in attacks from external addresses impersonating Purdue staff or faculty. Recent examples involve individuals creating email accounts using services such as Gmail with an address, display name, and signature that impersonate Purdue personnel. The attackers then send targeted messages to individuals in the same department requesting information from the recipient. 

To combat phishing attacks, all email users should be on alert for any unusual emails or texts, especially from new or unknown individuals. Suspicious emails or discussions you did not initiate should be treated with caution.  

How will the banner email affect your communication to the campus community? 

By default, only @purdue.edu addresses will not have the banner applied. Any exemptions for external senders will need to be requested by the service owner and then vetted by Purdue System Security. To do so, send the following information to security@purdue.edu: 

  • Service name (e.g., SuccessFactors) 
  • Sender address (e.g. system@successfactors.com) 
  • Justification (e.g., Authorized University affiliate) 

 

Spear phishing attacks, where the sender impersonates the email of a known person to get sensitive information, are on the rise.   ITaP is implementing a new warning banner on all externally generated email arriving in campus inboxes.  The warning reads:  "External Email: Use caution with attachments, links, or sharing data"

Spear phishing attacks, where the sender impersonates the email of a known person to get sensitive information, are on the rise. ITaP is implementing a new warning banner on all externally generated email arriving in campus inboxes. The warning reads: "External Email: Use caution with attachments, links, or sharing data"

Protect your University account and assets 

  • Use a strong password or passphrase for all accounts and do not reuse passwords on multiple accounts. 
    Enable Microsoft MFA. Purdue University requires multi-factor authentication (MFA) for most systems. To learn more, visit itap.purdue.edu/mfa.  
  • Report phishing attempts. Suspicious emails to your Purdue account should be reported by forwarding the message to abuse@purdue.edu 
  • Change your password. If you ever are concerned that you might have shared your password, change it as soon as possible. ITaP also will send an email alert automatically to faculty and staff whenever there is a change to their career account or direct deposit banking information.  
  • Call for help. If you or someone you know has been a victim of this type of email attack, please contact the ITaP Customer Service Center at 765-494-4000 or by emailing itap@purdue.edu.   

Last updated: 4/4/2022