Phishing attacks are the top cybersecurity attacks in recent days. According to the Egress report, 85% of Microsoft 365 organizations reported phishing attacks last year.
In phishing attacks, malicious actors send messages/emails pretending to be trusted persons or organizations. Employees are the first line of cyber defense. So, Office 365 admins should take the necessary steps to upskill their users.
Since most scam emails originate from external sources, it’s better to create awareness among users before opening the external emails. With the ‘External email tagging’ feature, an “External” tag can be added to the external emails. It helps Outlook users handle those emails with extra attention.
Why we should Add External Tag in Outlook?
There is no silver button solution with cyber security, a layered defense is the only viable solution.
-James Scott
Earlier, admins used to prepend “EXTERNAL” in the external emails’ subject, which makes previewing the email subject hard. So, Microsoft introduced the ‘External tag’ feature. Adding an external email warning tag helps in the following cases.
- To prevent users from clicking malicious links and attachments sent by external users.
- Even if your organization enabled SPF, DKIM, and DMARC, sometimes it failed to prevent phishing and spam emails.
How to Enable External Email Tagging in Exchange Online?
Office 365 admins can enable external email tagging through PowerShell.
Step 1: Connect to Exchange Online PowerShell.
Connect-ExchangeOnline
Step 2: Enable external tag by running the below cmdlet.
Set-ExternalInOutlook –Enabled $true
If you want to exclude specific domains from external tagging, you can add those domains through ‘AllowList’.
Set-ExternalInOutlook -AllowList @{Add="contoso.com", "microsoft.com"}
Now, emails received from external domains such as Contoso and Microsoft will not have the external tag.
To view external email tagging settings, run the following cmdlet.
Get-ExternalInOutlook
How External Email Tagging Works?
After configuring external email tagging, you should wait up to 48 hours. After that, emails from external domains are tagged with ‘External.’ It won’t take action on older emails.
Sometimes, the email from the external user looks like an internal email (John@conteso.com instead of John@contoso.com). But not! In that case, external tagging assists users from being compromised.
Conclusion:
Be suspicious of any unexpected email attachments, even if they appear to be from someone you know. If you are unsure about the person who is sending you an email, be very careful about opening the email and any files attached.
Have you experienced any email scams? Share your experience through the comment section.
