SPAM – Frequently Asked Questions.

I’ve received an unwanted/SPAM email, what do I do?

  1. Is it a newsletter you signed up for and has an Unsubscribe/Manage option/instruction at the bottom?
    1. Use the options provided to remove yourself from their list.

      ...more

      Businesses in Canada and the EU/US are required to have some kind of ‘unsubscribe/removal’ option for business or marketing communications, that are not requisite for the operation of business being transacted between the parties or as part of customary or B2B interactions. Look at the bottom of the email message for some info on how to unsubscribe, its usually in small text. In some cases you may need to go to the company’s website, and if you have an account/change preferences in settings on either their site or software.

      Unsubscribe Example

  2. Is it advertising from a business you have dealing with either as a Vendor, customer or B2B interaction?
    • If there isn’t an unsubscribe option on the message itself, check with the company to see if you can change/remove email advertising (in some cases there may not be an option with some business-to-business agreements), this could be through their website, software, or through their customer service.
  3. Is this the first SPAM message you’ve received from a sender?
    • Delete it, in many cases, the system will learn and catch it with no further action required.
    • forward example(s) as an attachment (the More button next to forward in your Outlook Inbox) to spam@emailservice.io. Feel free to delete the message after submitting it. This will NOT block the message.
  4. Is this a repeated SPAM message or coming from a prolific SPAM sender?
    1. If you contact support@smartdolphins.com and we can assist with setting up a filter rule for you/your organization. (Please do NOT forward the original message to us).

I’ve received an email asking for personal information, financial action or threatening me with legal action/privacy concerns that appear to be from a person of authority in the business, government or law enforcement that is unusual/unexpected (Phishing, Impersonation).

  1. STOP and confirm before doing anything directly with the request within the email or the contact details provided within the message. Try to verify the legitimacy of the request and sender by looking for information outside of the message do not trust anything in the email. It’s always better to be sure than to risk a data breach or financial, or reputational damage. If you have concerns about a message’s validity engage Smart Dolphins Support, we can help review the technical details of the message to its validity.
  2. After confirming a message like this is fake, you want to report the email. Screenshot the message and warn your team.

    ...more.

    Engage your company’s team to let them know if it looks like a widespread message, do not forward the message as this could cause other users to click on it, but rather screenshot the message. Contact support@smartdolphins.com and we will assist in assessing the message and look into potential threat(s) pertain either to your organization or the sender’s (we can’t act on their behalf but we can provide some information to have their IT remediate things on their end). Smart Dolphins can also assist with configuring warnings for external senders, name impersonation for internal and important external contacts.

I received an email sharing/requesting some documentation, but I am not expecting it…

  1. One of the more common ‘Phishing’ attacks recently has been attackers sending malicious shared Word, PDF, Excel files, as attachments or via prior compromised Sharepoint/Onedrive/Google Drive/Dropbox/Box etc file sharing service accounts.
    1. If its something like ‘<contact> shared a document with you’ or ‘<Company> Invoice is ready.’ as a subject and a generic sharing message with a link to access the document. STOP. Confirm if you’re expecting the document or a request to share something. If it’s unexpected, treat it as above, confirm with the sender outside of the message and similar steps before clicking/opening.

I received a blatantly obvious bad message, why did it get through!?

There are many reasons a SPAM or Phishing message gets through filtering.

    1. Primarily the cause is there isn’t enough information to work from,

      ...more

      things like a randomly generated GMail address sending very little content in the body (or a full message that is just an image) are difficult to fully assess as good/bad message, as GMail is very commonly used by your customers for their own personal and or work email, names are not always a solid point to filter upon, even if they are the same as someone in the company, and if there isn’t enough information in the body that matches filtering logic/rules then it may get through.
    2. New attack type/method.

      ...more

      Spam filtering works by assessing the message against a set of characteristics with the message, and its header information. If it is something new the system can’t tell its bad (yet), this is where submitting examples helps at the system builds its repertoire of known bad messages. 
    3. Whitelisting.

      ...more

      Either on your account, group, or company level an email address or its domain could be whitelisted allowing everything through from that source.  If something is coming through you can check your whitelisted senders in your Smart Dolphins Email Security profile. 
    4. Moving Goal Posts

      ...more

       
    5. Filtering Balancing act

      ...more

      Filtering systems have to balance their blocking and passing of messages, and to reduce the impact on workflow and communication generally have to lean a bit towards letting messages through vs filtering them when the system can’t tell on a black/white level (all email is a shade of grey, there are positive and negative scoring values associated with any message even the most well intended.) Smart Dolphins can assist with adjusting this balance for your filtering. Spam and Phishing are an ongoing battle with each side adjusting to the other. As new attack methods get used, filtering systems get updated/trained to combat them as effectively as possible without unduly ‘false positive’ blocking legitimate messages. This goes back and forth as one side makes a change the other adapts. With the explosion in the availability of Generative AI tools (Chat GPT, Microsoft CoPilot, Google Bard etc etc) there are now even more complex systems in play. This is big business both sides of the fence.

What you can do

Smart Dolphins Email Security options … We have a guided video tour available here: https://support.mailprotector.com/hc/en-us/articles/360038459651-End-User-Experience-Default-Settings

  1. Accessing your Quarantine and account 
    1. Access via the ‘Review My Messages’ link on your most recent message review notification email.
    2. OR goto: https://smartdolphins.emailservice.io on your browser
  2. White/Black listing individual senders from Quarantine/Message Log:
    1. If you have a message in your Quarantine report you want to block or allow the sender of you can click on the From: entry and select the desired option
  3. Access Settings from the portal for more options:
    1. Click on the Gear icon on the top left of the page (next to the inbox icon for your full Quarantine)
  4. Manually Allow/Block Senders from the Filtering Menu.
      • Note some domains are not allowed to be blanket allowed/blocked due to security/functionality concerns.
  5. Message Rules
    1. Here you can create a rule based on qualifying factors. These are advanced and generally if you need something setup here consult with Smart Dolphins Support
  6. Tracker Removal
    1. Toggleable setting to automatically strip tracking pixels and other common embedded tracking points on messages (usually used by marketing software to see open/click rates)
  7. Message Review Notifications
    1. You can adjust or fully turn On/Off the notifications and adjust the schedule to your preference.
  8. Spam Tolerance and further settings below
    1. These settings affect how the filtering rule system works on your mailbox, adjusting the tolerances can have a significant impact with small changes, with generally ‘clean’ messages scoring <200 and marketing/newsletters etc going from 200-350 and spam usually starting to creep in at 250+.
      Smart Dolphins strongly recommends leaving this set to Normal Mode with the filter score level set to 200.