Information Services

Email

Information about Email services for University of Edinburgh staff and students.

Phishing is a serious security threat to the University of Edinburgh.  Phishing attacks target personally identifiable information, and if this falls into the wrong hands it can cause both financial and reputational damage to the University and its employees. These attacks are often launched by including malicious links or attachments in an email. When recipients open these attachments or click links, it can spark an attack.

Universities are regularly targeted by phishing attacks that look like official communications about password changes, email quotas, pay/benefits changes, etc. Some are quite convincing and it can be difficult for staff and students to spot these malicious emails.

As part of our efforts to protect against phishing scams, we have added an advisory warning banner on all incoming email messages from external senders.

The banner appears as a horizontal strip of text. It is clearly visible and a constant reminder of the risks associated with clicking links in emails.

The following sample illustrates how the banner appears in email messages:  

 

This email was sent to you by someone outside of the University.
This email was sent to you by someone outside of the University. You should only click on links or attachments if you are certain that the email is genuine and the content is safe

 

Are all messages with the warning banner dangerous?

The warning banner does not mean the email is malicious, only that recipients should exercise caution. Do not click on links or open attachments in messages with which you are unfamiliar. All email originating from outside the university will be tagged with this message.  

 

If I reply to the email, will the banner be visible to the recipient?

The banner will be visible unless you choose to manually delete it before you send the reply. An increasing number of Universities and other organisations are using similar banners, so the banner will not necessarily cause offence.

 

Can I opt out of the warning banner?

No, users may not opt out of the warning banner.

 

Where can I find advice about dealing with email phishing?

Some phishing emails have an appearance of a trusted sender, so you should always be vigilant. If you're ever unsure, you can do some basic checks yourself.

For example:

  • Clicking to expand sender details in the 'From' field  
  • Hovering over a web link or copying it into a text file to inspect where the link goes

Our colleagues in InfoSec offer helpful tips and further advice about ways in which you can detect malicious email:

About Phishing

 

The update is brought to you jointly by Information Security and the Email Service Working Group who continually work in partnership to help make your email messaging safer.  You can rate or comment this change here

 

Guidance is available about the two email platforms currently operated as part of the University's Email Service this page is intended to sign-post you to the relevant guidance for the platform hosting your University mailbox. 

The guidance linked shows you how to access your University email on a web browser, computer or mobile device and includes a variety of useful FAQs.

Office 365 Email (for all students and the *majority of staff)

Microsoft's email platform provided with The University's Office 365 subscription at no additional cost.   As well as emails, Office 365 brings into view your meetings, chat conversations, notes and files across your devices.   This service also integrates student timetables and shifts for frontline workers. 

Office 365

*All staff (inc. postgraduate researchers) employed in Informatics before September 2018 should use Staffmail guidance linked below.

*All staff (inc. postgraduate researchers) employed in Physics before May 2019  should use Staffmail guidance linked below. 

 

Staffmail (*some staff in Informatics and Physics)

A legacy email platform used by staff in Informatics before September 2018 and staff in Physics before May 2019.

Staffmail

*Informatics staff (inc. postgraduate researchers) already migrated or joining after September 2018 should use the Office 365 guidance. 

*Physics staff (inc. postgraduate researchers) already migrated or joining after May 2019 should use the Office 365 guidance.

Still need help? 

If you're still unsure about which guidance to use above, you can check the *Mail Service record in your profile linked below.

 
*The mail service check linked above requires that you're signed in so you may be prompted for your University login credentials.

Email directory and other related services

Mail directories

Search the directory of email address contacts, get added to the directory or opt-out, see the directory policy.

Mailing lists 

Create mailing lists to reach out to your target user group audience with a single mailshot. 

Email delivery & relay services

Advice about services which generate email, safe delivery of email, rejection errors explained and more.