Info for:
Home/ Information Technology/ Anti-spoofing measures in Gmail

Anti-spoofing measures in Gmail

On Monday, August 5, IT will enable advanced security settings in Google to display in-message warning banners for messages that may be spoofing a sender from Lewis & Clark College. Learn more about this initiative and see the warning messages you may encounter.

July 31, 2024

Gmail Anti-Spoofing Warning Banners

As of August 5, 2024, Gmail may display a warning banner titled “Be careful with this message” when it suspects an email is spoofing a sender from Lewis & Clark College.

Email spoofing occurs when an email is designed to impersonate a legitimate sender, often as part of a phishing attempt. These emails might appear to come from someone at Lewis & Clark or from an external source, but their intent is malicious.

These in-message banners will look something like this.

 

What to do with phishing messages:

  • If you suspect the message is phishing but want to be sure, reach out directly to the person or organization using verified contact information.
  • If you confirm the email is spam or phishing, click on the kebab menu (three vertical dots menu in the upper right corner) and select “Report Spam” or “Report Phishing”.
     A dropdown with a red box around spam and phishing reports This will help Google—and therefore L&C—identify the offending message for quarantine.

Be aware of these warning signs of phishing:

The message may have an unusual “From” address or an unusual “Reply-To” address rather than our “@lclark.edu” address. Examples of unusual emails are: fao.lclark.edu@gmail.com | LCPresident@icloud.com | Lewis&Clark@hotmail.com | LCDeanofStudents@yahoo.com

  • Phishing messages are often delivered outside normal business hours such as 3 a.m..
  • Monthly bills delivered mid cycle.
  • The subject line of the email is irrelevant or does not match the message content.
  • The email is about something you never requested or a receipt for something you never purchased.
  • The message is not personalized. Valid messages from banks and other legitimate sources usually refer to you by name.
  • There are grammar or spelling errors.
  • The email is asking you to look at compromising or embarrassing pictures of yourself or someone you know.
  • The email requests payment to people or organizations via services such as Venmo or Zelle.
  • You have an uncomfortable feeling, or it just seems odd or illogical.

When contacting you about financial or other sensitive information, Lewis & Clark will never:

  • Ask you to email sensitive personally identifiable information such as a tax return, W-2, or Social Security Number (whole or partial).
  • Charge a fee to process a financial aid application (this is a common scam).
  • Process payments related to tuition, payroll, or expense reimbursements via cash transfer apps such as Venmo or Zelle.
  • Request payment via gift cards.
  • Request your password.

Information Technology is located in Watzek Library on the Undergraduate Campus.
MSC: 97

email 

voice 503-768-7225 
fax 503-768-7228 

Chief Information Officer Adam Buchwald

  • Information Technology
    Lewis & Clark
    615 S. Palatine Hill Road 
    Portland OR 97219

More Stories

Jamboard Shutting Down

Google will retire Google Jamboard on October 1, 2024, and officially shut down the service on December 31, 2024. Learn how this will impact you, as well as actions you need to take to prevent data loss.

New Zoom Minimum Version Requirement Begins Aug. 1

On August 1, 2024 L&C’s Zoom instance will be set to a new minimum version requirement for all clients. Mac and Windows workstations need to update to the latest version as of August 1, 2024 in order to continue joining and hosting meetings. Out of date Zoom applications will not be able to join L&C hosted meetings.

Google Appointment Slots Transition to Schedules

Google’s improved appointment scheduling feature, Appointment Schedules, will replace Appointment Slots on July 18, 2024. This update provides more flexible and efficient scheduling by allowing users to create multiple booking schedules with customizable time slots that others can book directly.

Users must manually switch to Appointment Schedules, as existing Appointment Slots will not transfer automatically.

Stricter Settings Implemented on @lclark.edu Domain May Impact You

On June 24th, stricter settings were implemented on our @lclark.edu domain. This means that recipients will have greater confidence in the authenticity and security of emails coming from @lclark.edu senders.

There is no action required from users, unless you are using a 3rd party email system to send out emails.