Information about Email services for University of Edinburgh staff and students.
Phishing is a serious security threat to the University of Edinburgh. If Personally identifiable information, which is the primary target of phising attacks, falls into the wrong hands then it can cause both financial and reputational damage to the University and its employees. Phishing attacks are often launched by including malicious attachments or links in an email. When recipients open these malicious attachments or click on links, it can spark an attack.
Email orginating from outside our University should be approached cautiously, especially messages containing information on password changes, email quotas, pay/benefits changes, and more. A high percentage of phishing attempts targeted towards the University often comprise these topics.
As part of our continual efforts to mitigate against phishing scams, we plan to add an advisory warning banner on all incoming email messages from external senders that contain web links. The banner will appear on emails University wide from mid-July.
The banner appears as a horizontal strip of text. It is clearly visible and a constant reminder of the risks associated with clicking links in emails.
The following sample illustrates how the banner will appear in email messages:
Should I ignore messages with the warning banner?
Messages including the warning banner does not mean the email is malicious, only that recipients should take caution. Do not click on links or open attachments in messages with which you are unfamiliar. All email originating from outside the university, except for approved services, will be tagged with this message.
Where can I find advice about dealing with email phishing?
Some phishing emails have an appearance of a trusted sender, so you should always be vigilant. If you're ever unsure, you can do some basic checks yourself.
- Clicking to expand sender details in the 'From' field
- Hovering over a web link or copying it into a text file to inspect where the link goes
Our colleagues in InfoSec offer helpful tips and further advice about ways in which you can detect malicious email:
The update is brought to you jointly by Information Security and the Email Service Working Group who continually work in partnership to help make email messaging safer.
Please provide your feedback and let us know how you rate this change at:
Guidance is available about the two email platforms currently operated as part of the University's Email Service this page is intended to sign-post you to the relevant guidance for the platform hosting your University mailbox.
The guidance linked shows you how to access your University email on a web browser, computer or mobile device and includes a variety of useful FAQs.
Office 365 Email (for all students and the *majority of staff)
Microsoft's email platform provided with The University's Office 365 subscription at no additional cost. As well as emails, Office 365 brings into view your meetings, chat conversations, notes and files across your devices. This service also integrates student timetables and shifts for frontline workers.
*All staff (inc. postgraduate researchers) employed in Informatics before September 2018 should use Staffmail guidance linked below.
*All staff (inc. postgraduate researchers) employed in Physics before May 2019 should use Staffmail guidance linked below.
Staffmail (*some staff in Informatics and Physics)
A legacy email platform used by staff in Informatics before September 2018 and staff in Physics before May 2019.
*Informatics staff (inc. postgraduate researchers) already migrated or joining after September 2018 should use the Office 365 guidance.
Still need help?
If you're still unsure about which guidance to use above, you can check the *Mail Service record in your profile linked below.
Email directory and other related services
Search the directory of email address contacts, get added to the directory or opt-out, see the directory policy.
Create mailing lists to reach out to your target user group audience with a single mailshot.
Advice about services which generate email, safe delivery of email, rejection errors explained and more.