New External Email Warning

As UBC moves to the enterprise application Workday to manage many of our logistical processes, it is highly likely that cyber criminals will attempt to take advantage of the high volume of communication associated with this change by sending malicious phishing emails crafted to look legitimate. With this in mind, it is more important than ever that the UBC community is prepared and ready to combat phishing attacks.

We have a number of activities to help try and protect our data, but the highest risk is with human behavior, and unfortunately, we need to go beyond technical means to build further awareness and to try to change behavior. On September 28, 2020 UBC implemented a warning tag on external email messages received from non-UBC sources. This banner is fairly common practice across all industries including education, and they are helpful in helping people figure out if an email is real. For example spoofed emails that are from the President or your Dean would be noticeable if they had an external email notification, and this is intended to assist recipients in verifying the authenticity of external email before clicking on links or opening any attachments. Legitimate Workday emails do not have the external email security warning tag typically associated with emails that originated from outside of UBC.

Learn more about our UBC-wide Self-phishing initiative.

These anti-phishing measures are important to protect UBC’s confidential data, and we need to balance risk with the ability to operate effectively.

Visit the Privacy Matters pages on how to recognize phishing emails, and how to identify legitimate versus fraudulent Workday notifications.