Overview
Texas A&M Technology Services is adding External Sender tags to all incoming email messages delivered to Texas A&M University that are sent from an external source. External Sender tags provide additional information to help campus members determine if a message should be trusted.
Why are External Sender tags being added to my email?
Universities are increasingly targeted by cybercriminals. Many of these scams begin with email messages coming from outside the university that are impersonating a Texas A&M employee or entity. External sender tags are being applied to messages originating from outside of Texas A&M University to call attention to messages that may be phishing attempts or may contain links to malware.
What is an External Sender tag?
Messages sent to a Texas A&M email address that originate from email accounts outside the university will have an External Sender tag added to the top of the message. This tag will allow you to quickly identify messages from outside the university.
There are four types of External Sender tags that may be applied to messages.
External Sender
The external sender tag will be attached to any email message that originates outside of the Texas A&M network, including mailing lists not hosted by Texas A&M or mail sent by a third-party email service like Mail Chimp.
Imposter
An imposter warning tag means the message is potentially from someone impersonating someone you know. Look carefully at the sender’s address to decide if it is safe to open or before clicking any links. Remember, the use of a private email account for university business is prohibited by https://rules-saps.tamu.edu/PDFs/29.01.03.M0.07.pdf.
Fake Website
The fake website tag will be applied to a message if the system detects that a URL or link in the message may be malicious and could potentially harm your computer or network. Examine all URLs in the message carefully, and only click them if you are familiar with the website they link to.
Potentially Harmful Website
The potentially harmful website tag will be applied to a message if the email domain it is being sent from is very new. Very new email domains are often created as part of phishing scams.
What email messages won't have an External Sender tag?
Email messages that originate from the Texas A&M University email network will not have the external sender tag applied.
The following Texas A&M affiliates are considered internal:
- Texas A&M University
- Texas A&M Galveston
- Texas A&M Qatar
- Texas A&M System Office
- Texas A&M Foundation
Frequently Asked Questions
I received a message marked as an External Sender, but it shouldn't be. What do I do?
Some messages sent from Texas A&M University units through a third-party email tool like Constant Contact or Emma may be flagged as an External Sender. If you receive an email that is marked as an External Sender and shouldn't be, please contact your local IT office. Forward the email as an attachment and include an explanation of why you feel the message should not be marked as an external sender. Be sure to include the name of your third-party messaging service and the sender address of your email. Your IT office will contact Texas A&M Technology Services with a request on your behalf.
Only affiliates of Texas A&M will be considered for exemption, and all requests will be reviewed by the office of the Chief Information Security Officer (CISO).
How do I report a suspicious email?
Report any suspicious email by sending the email as an attachment to helpdesk@tamu.edu for investigation.
Can I opt-out of having the external sender tag applied to my email?
Students, faculty, and staff email accounts may not opt out of External Sender tags. Texas A&M Technology Services is working to provide the safest email environment possible and External Sender tags provide additional information to help you determine if a message should be trusted.
Why am I receiving emails with the external sender tag but the original email is attached as an eml file?
This behavior happens if the external sender tag can not be added to the message. This can happen due to several reasons:
- The original message contains invalid CSS code.
- The message is entirely plain text with no formatting at all.
- The message is only an image with no text.
- The message is blank and has no content
So far, this has been just under 1% of all inbound mail. Presently, there is no way to turn this on or off.