SPAM Filtering

New Email Tags Provide Warning for Suspicious Messages

Email warning iconRecently, we updated the spam filters with the Microsoft Defender-based filtering platform. The platform now allows us to add warning labels to unverified messages. So, if you get a message from a new sender or from an email that is not verified, you will get a fair warning. Here are a few examples of the new notices in Outlook.

First Contact Safety Tip

Screenshot of the 'You don't often get email from…' warning in Outlook.
The ‘You don’t often get email from…’ warning in Outlook.

The first contact safety tip is displayed when it is the first time you get a message from a sender, or you don’t often get messages from the sender. This tip provides an extra layer of protection against a potential impersonation of a sender.

For example, if you see that the email appears to be coming from your supervisor but has the warning, you might want to question the validity of the message.

Spoof Intelligence Warning

Screenshot of the 'The identity of this sender has not been verified.' warning in Outlook 365.
The ‘The identity of this sender has not been verified’ warning.

You may get this warning message because the Spoof Intelligence from Microsoft 365 Advanced Threat Protection has marked it as a potential coming from a spoofed email address. In this case, the email address appears to be a user in one of SMU’s domains or a user in an external domain that sends emails to the University, but in reality, it is coming from another non-verified domain.

There are some legitimate scenarios where the email would be spoofing internal domains, such as third-party senders using your domain to send bulk mail to employees or an external company sending advertising or product updates. If you work with a vendor that will be sending these types of messages, SMU now requires authorization for campus partners who wish to send emails impersonating a domain.

‘Security Alert: This email could be dangerous’ warning

Screenshot of the 'Security Alert: This email could be dangerous' warning in Outlook 365.
The ‘This email could be dangerous’ warning.

The message has been flagged as containing a malicious link, and it would be best to just delete it, but if you believe the warning is in error and the message is valid, use your due diligence to determine whether this message is a phishing email. You can do this by hovering your mouse over all email addresses, links, and buttons to verify that the information looks valid before clicking on anything. Always use caution when interacting with an email labeled with the “Security Alert” warning.

Other Tips

Screenshot of selecting Phishing option in Outlook's Report Message menuIn addition, you can use the Report Message button in Outlook and Webmail to identify a message as unwanted (Junk) or malicious (Phishing). This helps our new filtering platform to update the filters, ensuring more effective protection against future attempts. Please see Your New Spam Filter: What to Expect for more information.

Remember that SMU OIT will NEVER ask you to verify your account information, provide your password, or any personal information via email. Do not respond to any emails requesting this information. If you are still unsure, contact the IT Help Desk ( or 214-768-HELP), and they will be happy to verify the legitimacy of the message.

Print Friendly, PDF & Email

Published by

Ian Aberle

Ian Aberle is an Adobe Creative Educator and the Senior IT Communications Specialist & Trainer for the Office of Information Technology (OIT). For over 25 years, he has helped the SMU community use technology and implement digital and web media through multiple roles with the Digital Commons, SMU STAR Program, and now OIT. Ian enjoys photography and road trips with his family in his free time.