Product: Email (Google)

Audience: Technology Systems Team

Overview

The process used by Technology when the Phishing Alert Button (PAB) is used.  This may also be followed when an email is reported as spam in Google mail by an end user.
 

Tools/Equipment Needed

- Phishing Alert Button

- Google Admin Console

Process

Review Alert

The first thing Technology will do is to look at the email(s) in question to verify if they are in fact a phishing attempt.  We will look at the following to help determine the legitimacy:

• Email Address
• Domain
• Content (attachments, links or unknown sender)

(See handbook document here on review process)

Mark as Spam

Once an email is confirmed as a phishing attempt or spam, the message is marked as spam to Google, giving them the “learning” tools to help keep further messages from arriving.

Remove From Mailboxes

The next step is to remove all attempts from staff and student mailboxes.  Using the Google Admin Console and the Investigation Tool, a search is completed through our entire domain for all matching messages.  Once discovered, they are removed so no further question is made of existing, reviewed messages.

Compliance Rule

Using the Google Admin console, a compliance rule is then either created or updated to catch further phishing attempts or spam with the new information gathered from the current alert.

 

Conclusion

With the help of staff and students in submitting phishing attempts, Technology can mitigate the threat by removing existing threats and creating or updating existing rules to catch further attempts to gain information from our users or harm them or their devices.

For instructional/pedagogical questions, please contact your Building Administrator or Student Growth & Experience (SG&E) Level Coordinator. 

For technical questions, please contact your building SPOC.