Phishing

What is phishing?

Phishing is a form of theft where someone attempts to steal your sensitive personal information by pretending to be a trustworthy party in an electronic communication (usually by email). Phishing messages are designed to confuse you by making the messages look like they are from a trusted business, bank, government agency or even the University of Manitoba. 

Falling victim to a phishing message could leave you vulnerable to identity theft and severe financial losses.

How to protect yourself against phishing attacks: 

The best way to protect yourself is to learn how to recognize them. Most phishing messages usually share some common traits. Learn how to spot them:

  1. Phishing attempts tend to immediately try to bring out an emotional reaction from you like greed, curiosity and fear. Phishing attempts also often sound urgent.
    Fake payment confirmation phishing email example.
  2. Odd tone, bad grammar and spelling or unfamiliar email signatures or sender addresses are clear signs of phishing.
    Bad grammar in phishing email example.
  3. Beware of phishing email elements like attachments or links to unfamiliar login pages.
    Suspicious attachment in phishing email example.

Don’t fall prey to fishing attacks. For the latest news in phishing attempts, check our security alerts page.

Spam

What is spam?

Spam is unsolicited junk email normally with sales or advertising content. Spam email messages use methods similar to phishing messages to draw you in.

Although spam is annoying, it can also be a security threat. For example, a spam email can disguise itself as an advertisement for a trusted company or organization when it is actually trying to trick you into entering your personal information or downloading a harmful program.

What is the university doing about phishing and spam?

The university employs an email security solution called Ironport. However, no spam or email filter is perfect, so we advise everyone to be aware of best practices and remain vigilant when opening email from unfamiliar sources and clicking suspicious links.

Spam quarantine notification email messages

The University of Manitoba uses Microsoft Defender for Office 365 as its email security solution. Below is information about what it is and how you can use it.

What is Microsoft Defender for Office 365?

Microsoft Defender for Office 365 is a security email service that protects UM accounts from malicious phishing campaigns, marketing spam, malware and more. Using Microsoft’s machine learning and artificial intelligence (AI), MS Defender will provide greater email security and protect you from the latest email threats.

How to get started with Microsoft Defender

MS Defender allows each user to directly modify and fine tune their own email experience.

Malicious emails

Any email believed to be "malicious" - meaning email believed to be phishing or another threat - is placed in a security quarantine. You will be emailed a daily quarantine report notifying you of messages delivered to your quarantine. You should check these reports regularly to ensure that legitimate emails were not marked malicious. See the "How to Release Legitimate Email from Quarantine" section below for more details.

Spam emails

Spam emails - meaning unsolicited advertisements, newsletters, or other messages sent in bulk will be sent to your Junk folder within Office 365. If you receive spam email to your inbox, you can block these emails in the future by reporting it as Junk.

Graymail emails

Graymail emails - meaning solicited bulk email messages that do not fit the definition of email spam (e.g. the recipient "opted into" receiving them) will be sent to your Junk folder within Office 365. If you opt-into any newsletters, advertisements, or any other email that fits the definition above, you will need to select “It’s not junk” on the message in your Junk Email folder.

Missing emails

If you have not received an expected email, check both your Junk Email folder and your Quarantine to see if the email was identified incorrectly.

IronPort email spam filter information

Check your Junk Email folder regularly

Messages identified by Defender as spam or greymail emails will go to your Junk Mail folder.

It is important to check your Junk Email folder regularly because Outlook will delete junk email 30 days after you receive it.

How to check your junk email
  1. Look for a folder called “Junk Email” in Outlook.
  2. Scan through the messages in your Junk Email folder and look for any that seem relevant or interesting to you.
  3. If you find a message that you want to keep, you can move it to your Inbox by selecting It’s not Junk at the top of the message.

Spam quarantine notification email messages

The university uses Microsoft Defender as its email security solution for spam email filtering. However, no spam or email filter is perfect. We advise everyone to be aware of best practices and remain vigilant when opening emails from unfamiliar sources and clicking suspect links.

All users will receive emails from Microsoft 365 Security (quarantine@messaging.microsoft.com) notifying you of incoming messages that have been marked as malicious. Check these messages regularly, as they may be blocking emails that you were expecting to receive. At any time, you may review any messages being held in quarantine by going to https://security.microsoft.com/quarantine.

How to release legitimate email from quarantine

To release falsely held emails from quarantine:

  1. Open a web browser and navigate to https://security.microsoft.com/quarantine or you can click the "Review" button in the quarantine report that you receive in your inbox.
  2. Once there, sign into MS Defender using your UM email address and password (Doing so will result in a prompt from Entra MFA).
  3. Once signed in, you can then select the messages that you wish to release and click the "Request Release" option.

What does “Request Release” mean?

Email classified as malicious with high confidence will require an administrative approval prior to releasing the email. You will need to click the “Request Release” button to notify our Security Operations Center to review your request and approve it if the detection is considered a false positive. If you have specific questions about your release request, please email spam@umanitoba.ca.

MS Defender keeping emails in quarantine

Defender keeps quarantined emails for 30 days from the received date, and then the message is deleted. Once emails have been deleted from quarantine, they cannot be retrieved.

MS Defender safelisting or blocklisting

Safelists ensure that email addresses added to this list do not have their messages filtered by anti-spam scanning. Blocklists ensure that messages from addresses added to this list are not sent to your inbox.

The Safe Senders and Domains list has a limit of 1024 total entries. The Blocked Senders and Domains list has a limit of 500 total entries. This limit cannot be increased.

Spammers will often change the email address they are using to send spam or spoof the email address they are using. As a result, adding an email address to your blocklist may not stop future spam.

Using the reporting buttons in Outlook

Microsoft's integrated email security system includes Outlook buttons to report phishing or spam messages.

Different reporting options in Outlook

Report phishing/Report junk – Choosing these options will move the message from your inbox to your Junk Email folder. A copy of the message may be sent to Microsoft to help update spam/phishing filters.

When you report a message in your inbox as junk/phishing, it will add that specific email address to your personal blocked list.

To block all messages from a specific domain, go to Settings > Mail > Junk Emailin Outlook and Add the domain to the Blocked senders and domains list.

It’s not junk – Choosing this option when a message has incorrectly been sent to the Junk Email folder will move the message back to your inbox and update Microsoft to make sure you receive messages from this address in the future.

If you report a message as not junk from the Junk Email folder, Defender will make sure you receive emails from this specific email address more often.

Checking your spam quarantine and email quota in Outlook

Malware or spyware

What is malware or spyware?

Malware or spyware is an umbrella term for malicious software or programs that access your data discreetly by infecting your technology. They almost always do harm.

In email, malware or spyware can be obtained through clicking suspicious links within the body of the email or opening and downloading harmful program attachments (especially .exe files).

Contact us

Call or chat
Monday to Friday, 8 a.m. to 8 p.m.
Call 204-474-8600 or Chat now
To report a critical system outage after hours or on weekends and holidays, call 204-474-8600 and press 2.

IST Service Desk walk-in service
123 Fletcher Argue
University of Manitoba, Fort Garry
Hours: Monday to Friday, 8 a.m. to 6 p.m.
Join the queue: Fort Garry WaitWell or text your name to 431-631-0844

230 Neil John Maclean Library
University of Manitoba, Bannatyne
Hours: Monday to Friday, 8 a.m. to 4:30 p.m.
Join the queue: Bannatyne WaitWell or text your name to 431-631-6555