Monday, December 19, 2022

Peering into the Email Quarantine

ITS makes use of Gmail's compliance rules (that are defined by our Google Workspace administrators) to automatically quarantine incoming or outgoing emails.

A recent phishing trend is not to use any visible text in the message body and instead use an image contained within a hyperlink that directs to a malicious login page.

Actual phishing image claiming that the recipient's Manhattan University Outlook account's settings need to be updated for Privacy Policy Action compliance. Also the image claims that the user's inbox is limited to 2GB.

Thankfully all of these phishing emails were never delivered to inboxes, spam folders, etc. They matched an existing email compliance rule and were delivered in our organization's email quarantine.