I opted to add a content compliance rule to prepend the subject of external emails with [EXTERNAL]. I explained to users that they should be wary of any emails that appear to come from someone in the district and are tagged with that flag. This does make subjects longer and users may become numb to it eventually, but it does make it easier to notice a phishing attempt like this.
To add the content compliance rule:
- In the Google Admin Console, go to Apps > G Suite > Settings for Gmail > Advanced Settings.
- Add a content compliance rule that matches the following. Substitute your own internal domains. We use cbrsd.org for staff and cbrsdk12.org for students, so I added both:
One thing to note: The first rule looks at the subject for any existing [EXTERNAL] flag. I did this to prevent successive replies from building up many flags in the subject. The rules will work without it, but you'll see subjects like this:
[EXTERNAL] Re: [EXTERNAL] Re: [EXTERNAL] Subject
No comments:
Post a Comment