Email Security Best Practices

We wanted to provide some helpful best practices for email security as provided by our partners and security awareness experts, KnowBe4.  

ALWAYS:

• Check the email 'From' field to validate the sender. This 'From' address may be spoofed.
• Check for so-called 'double-extended' scam attachments. A text file named 'safe.txt' is safe, but a file called 'safe.text.exe.' is not.
• Report all suspicious emails to your IT help desk.
• Note that www.microsoft.com and www.support.microsoft.software.com are two different domains (and only the first is real).

NEVER:

• Open any email attachments that end with: .exe., .scr, .bat, .com, or other executable files you do not recognize.
• "Unsubscribe." It is easier to delete the e-mail than to deal with the security risks.  
• Ever click embedded links in messages without hovering your mouse over them first to check the URL. 
• Respond or reply to spam in any way. Use the delete button.