Updates to JCU Email Security

Updates to JCU Email Security

Key points

  • JCU has implemented safety measures to ensure your email (and your personal information) is secure.
  • You will notice safe links implemented on all emails coming into your inbox that contain hyperlinks.
  • Attachments will also be scanned to ensure they do not contain malicious content.
  • If you can't access a website or attachment you think you should be able to, contact the Central Service Desk.

Improving Email Safety at JCU

Email attacks are increasing, and the most common way in which JCU accounts are compromised is when we click on a malicious link in an email.

From 01 June 2020, JCU will make changes to all JCU Student email accounts to improve email safety in the form of Microsoft Office Advanced Threat Protection (ATP).

What is ATP?

ATP is a service from Microsoft that protects users from malicious threats posed by email messages, URL links and collaboration tools.

The protections cover three areas (though JCU is implementing Safe-Links and Safe-Attachments in Phase One of the ATP deployment):

  • Safe-Links – protects against malicious URLs embedded in your received emails by scanning and re-writing the URL. This helps prevent phishing attacks.
  • Safe-Attachments – protects you against zero-day malware which cannot be detected by traditional anti-virus tools.
  • Protection for Sharepoint/OneDrive – extends the above protection to Sharepoint, OneDrive and Teams.

What do ATP Safe-Links look like?

In emails you receive, hyperlinks will be rewritten by Safe-Links and may appear different than the original.  If you hover over a link in an email, you will notice the hyperlink URL begins with the Microsoft ATP proxy server eg:   apc01.safelinks.protection.outlook.com:

When you click on one of these links and the webpage is deemed malicious, you will see a warning message that prompts you to navigate away from the site.

What will Safe-Links do?

Safe-Links rewrites every URL found in an incoming email in order to determine if the URL is safe to view.

  • When a URL in an email is clicked, Safe Links performs a scan to determine if the link is malicious.
  • Safe-Links also scans any documents available on that link at the time of click to prevent malicious file downloads to your system.
  • If the link is determined to be safe, you will proceed as expected; if the link is determined to contain malicious content, you will be redirected to a warning page.

Only links in incoming email are rewritten, so any emails that you create and send to someone outside of JCU won't be altered.

What will Safe-Attachments do?

Safe-Attachments will scan any email attachment sent to you, and if malicious content is detected the email will be quarantined at an admin level. As the user you won't be able to retrieve the attachment.

ATP Warning Messages

The URL is in an email message that seems similar to other email messages that are considered suspicious. We recommend that you double-check the email message before proceeding to the site.

message when a suspicious email link is clicked on

The URL is in an email message that has been identified as a phishing attack. As a result, all URLs in the email message are blocked. We recommend that you do not proceed to the site.

message when a link is identified as phishing

The URL points to a site that has been identified as malicious.  We recommend that you do not proceed to the site.

message when link is identified as malicious

The URL is blocked by JCU. There are several reasons why a URL might be blocked.

message when site is blocked by JCU.

Frequently asked questions

What do I do if I see a malicious or phishing email?

When you see a suspicious email, you should contact the Central Service Desk and report the incident, they will walk you through what to do next.

What do I do if I am blocked from accessing a legitimate website?

If you are trying to access a familiar and legitimate web site please contact the Central Service Desk to request assistance.