this post was submitted on 28 May 2024
1 points (100.0% liked)

University of Wisconsin Madison

12 readers
1 users here now

UW Madison-related news, sports, events, and happenings. Not affiliated or endorsed by UW Madison or the Universities of Wisconsin.

founded 10 months ago
MODERATORS
 

Because phishing your own employees is dumb...

Create a Rule in Outlook Client

  • Open Outlook and, under the Home tab, click on the Rules button in the Move area.

  • Click Create Rule…

  • Click on the Advanced Options…button

  • Scroll down to the option that says with specific words in the message header and check the box.

  • Click on the specific words link

  • In the text box enter X-Phish and then click Add. Your search list should say “X-Phish” with the quotes. This is expected behavior and your screen should look like this:

  • Click OK to close the window.

  • Back on the Rules Wizard screen click Next.

Now you have a choice as to what to do with the message:

  • To assign it to a Phish category I select the assign it to the category category.

  • Then I click on the category link to assign it to a category "Phish" (renamed from something else).

  • Now when I receive a phishing email from UW System it flags it for me. I also have it flagged for follow-up in tasks.

  • You can further add an action to forward the message to [email protected] and then move it to the trash.

Caveats:

  • This rule will NOT flag all phishing emails and should not be used as a phishing identifying rule; it will however handle UW System-sponsored phishing emails if they do not change the custom header from the current one, X-Phish. Making this change would be tricky on their end, however, as it would break a lot of services. Maybe. Probably. It is unknown.

  • Outlook must be running for the rule to work. If you primarily use WiscMail Web (Outlook on the web) the rule will not apply unless Outlook is also running.

Source: https://support.knowbe4.com/hc/en-us/articles/360062090094-Identify-a-Phishing-Security-Test-PST

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here