Write Verifiable Emails from Your Department

During National Cyber Security Awareness Month, the IT Services Security Team reminds you that it’s important not only to protect yourself from online risks, but also to help prevent others from falling for phishing scams and other attacks. By sending verifiable emails to students, faculty, and staff, you can help users identify real emails from phishing scams.

A legitimate email can easily be disregarded as a potential scam, creating a problem when important information that requires follow-up on the part of the recipient is ignored. The IT Services Security Team regularly receives inquiries about emails that users suspect are phishing that actually come from legitimate on-campus sources. When on-campus offices send non-verifiable email that looks too similar to phishing scams, it makes actual phishing scams look real by comparison.

By following a few simple guidelines for writing verifiable form emails, university departments can better ensure their messages are received. For example, include a contact person with a phone number and email address in the signature block and/or as a separate paragraph in the body of the email to allow the reader to verify that the email is legitimate. Specific guidelines and examples of verifiable emails are available at http://techarticles.uark.edu/security/verifiable_email.