Visit our Healthy Campus website for all COVID-19 and Monkeypox information and resources.
On this page:
Unsolicited commercial email, also known as spam, has become an increasing problem at the university. To reduce the amount of time involved with managing spam, CaTS is now offering a new anti-spam service called Proofpoint, which is available to faculty, staff, students, and alumni with CaTS based email accounts (@wright.edu). Proofpoint provides the most sophisticated spam evaluation system, and has very few errors when determining whether or not a message is spam. Check out the FAQs below for more information on Proofpoint and how to use it. You can also view the document below for a quick overview of using the service.
Proofpoint User Cheat Sheet (PDF)
Email spam, also known as unsolicited bulk email (UBE) or unsolicited commercial email (UCE), is the practice of sending unwanted email messages, frequently with commercial content, in large quantities to an indiscriminate set of recipients (Definition copied from the spam entry on wikipedia.com).
Proofpoint is a spam blocking service that inspects all incoming messages to the university and uses rules to determine whether or not a message is spam. Once examined, legitimate messages are sent on to the recipient's inbox, while suspected spam is quarantined. Each morning, users receive an email, called the End User Digest, that contains links to each of the quarantined messages. The digest allows the user to further manage their junk email. The success rate of spam blocking is very high with Proofpoint.
After evaluating numerous anti-spam products, Wright State found that Proofpoint was the most successful at blocking spam entering the university's email system. It also had the fewest amount of errors when determining whether or not an email is spam.
All incoming and outgoing email is filtered by the Proofpoint Protection Server. Depending upon Proofpoint Protection Server rules and policies, messages that contain a virus or inappropriate content can either be deleted or "scored." In the case of spam, the message score indicates the probability that the message is spam. So, a message scoring 100 would have a 100% chance of being spam (definite spam) and a message scoring 0 would have 0% chance of being spam. Messages scoring high enough to probably be spam are quarantined by the system. You can find the "score" of a message under the Score column in the End User Digest.
If you want to log in to Proofpoint to change setting and view quarantined messages, follow the steps below:
Below is a screenshot of the Proofpoint login screen.
By default, Proofpoint's spam filter is already enabled for all faculty, staff, students, and alumni.
Although not recommended, you can disable, or opt out of, Proofpoint's spam filter. To do so, follow these steps:
Yes, you can! The Proofpoint system has various ways that allow you to choose what to do with the spam that comes to your account. Below is a screenshot of the My Settings screen (accessed after you login to the spam filter at https://antispam.wright.edu). The screen shows six ways you can select to choose what happens to your mail. Below the screenshot, each option is explained.
An End User Digest is a summary e-mail that you receive daily from the Proofpoint server. The digest contains a listing of the suspected spam that has been filtered from your account in the previous 24 hours. After review, you can delete the digest just like any other email. Messages left in quarantine will be deleted automatically by Proofpoint after 14 days. See the screenshot below for a sample End User Digest.
Yes, digest messages can be disabled. Your daily digest email contains a link called Manage My Account. Click this link, and then select the Settings button on the left side. You will now be on the My Settings page. To disable the digest only when there are no spam message in your quarantine, uncheck the box at the top for Send digest even when I have no messages in my End User Digest. To disable the digest even when you have messages in your quarantine, uncheck the box at the top for Send digest with new messages in End User Digest.
You can request a digest at any time by clicking the link for Request New End User Digest within your current End User Digest email. A new digest will be sent to your email address, showing any new messages that have been quarantined since your last digest was sent.
The End User Digest is delivered to your email inbox at 7 a.m. each morning.
If Proofpoint does not block or find any spam messages for your inbox within a 24 hour period, you will not receive an End User Digest.
Safelists are lists of email addresses (usually defined by the user) that tells the anti-spam system to deliver any message that comes from those particular addresses directly to the user's inbox. Blocklists are lists of email addresses (usually defined by the user) that tells the anti-spam system to quarantine any message that comes from those particular addresses.
To add a sender to a safelist, follow these steps:
To add a sender to a blocklist, follow these steps:
Within the End User Digest email, there are links available that let you quickly access other features of your account. These options, listed above and to the right of the message listings, are described below.
Although the End User Digest shows the messages that are in your quarantine, the email is not directly connected to your quarantine area on the Proofpoint server. For security reasons, you must still log on to the Proofpoint server when going to it from the End User Digest.
Generally, there isn't much that you'll need to do to monitor spam filtering through Proofpoint. By default, spam filtering is turned on, and predefined levels are already set. However, you can do a few things to make sure you stay on top of what Proofpoint is filtering as spam.
You cannot block foreign languages. The Proofpoint systems uses a large number of variables to determine whether a message is spam, and these variables are far more effective than simply blocking foreign languages.
When you receive a copy of your End User Digest, and find that there is a message marked as spam that you would like to unjunk, you can do so by using the tools listed beside each message. These tools are described below.
The Quarantine is a location on the Proofpoint server where email messages that are suspected to be spam are stored temporarily so that they can be reviewed and retrieved, if necessary, by the user. You may review and take action on your quarantined email through the End User Digest, or through the Quarantine option located on the left side of the screen after logging into the Proofpoint Server. Messages left in the Quarantine will be deleted automatically after 14 days.
Quarantined messages do not count toward your e-mail quota. They are stored separately on the WSU Proofpoint server.
There is no need to delete messages that have been quarantined, since the Proofpoint system automatically deletes them after 14 days.
Recently there has been a large number of phishing attempts targeting Wright State University students, faculty, and staff. These attempts appear in the form of an email sent to a university inbox, and tries to get the user to "verify account information" by sending their CAMPUS username and password in an email, or clicking on a link within the email.
CaTS has developed this page to provide you with tips on how to keep your information safe from phishing attempts, and to alert you to any attempts you may see in your inbox. Please take a moment to review the "Points to Remember" section on the right for tips on how to protect your account information. Then, review the examples below showing the many recent scams targeting Wright State. If you receive an email that looks like any of these, do not reply to it or click on any of the links in the message.
If you have reviewed the information on this webpage and are still unsure as to the authenticity of an email you have received, please do not hesitate to contact the Help Desk at 937-775-4827 or 1-888-775-4827, or by email at helpdesk@wright.edu. We will help in any way we can to validate the email you've received.
The Help Desk has recently seen an increase in email phishing scams that target Wright State members by attempting to impersonate Faculty or Staff.
Impersonation emails appear to be coming from a Wright State individual, but are actually coming from an outside email service such as Gmail.
Wright State recently made two-factor authentication mandatory for all faculty, staff, and students. This implementation improves our security posture, however as more and more companies implement this technology, hackers are developing methods to get by this security control.
There are currently two methods that are being used to get users to approve a fraudulent 2FA request. They are both similar in nature.
The Help Desk was recently notified of an email phishing scam that targets Wright State members with the subject line of "Covid-19 Benefits," and appears to come from a Wright State email address.
Please be aware that this is a scam. As always, do NOT click on any links or download any documents that may be contained in this email, and do not respond to this email with any personal information. If you have already clicked on a link and entered any personal information or your Wright State credentials, please reset your Campus "w" account password immediately.
CaTS has implemented an email protection program from Proofpoint called Targeted Attack Protection (TAP). TAP helps protect against emails that contain malicious URLs and attachments, and has been implemented as an enhancement to our existing spam filtering service.
With TAP, all URLs in an email message are rewritten as "proofpoint.com" addresses. When a user clicks a URL in an email message, the URL is redirected to Proofpoint's URL validation service. If the URL is not known to be malicious, the user will be redirected to the original URL. If the URL is malicious, the user will see a warning message and the site is blocked in the browser.
When a malicious URL is clicked on, the image below will appear:
If you click a URL and believe that the site is being blocked in error, call the CaTS Help Desk at 937-775-4827, or email helpdesk@wright.edu. The blocked URL will then be investigated further.
Along with TAP URL defense, CaTS has now implemented TAP Attachment Defense from Proofpoint. This system detects an email that contains a malicious attachment and strips the attachment to prevent phishing and targeted malware attacks. If you receive an email containing an infected attachment, Proofpoint will filter out the email to protect your account from being compromised. Please be aware that while the attachment is being analyzed for malicious content, there may be a delay in delivery of a few minutes.
This enhancement to TAP is being implemented to our existing spam filtering service. If you have questions about TAP, call the CaTS Help Desk at 937-775-4827, or email helpdesk@wright.edu.
