Our email filter inserts color-coded banners to alert you to potential threats in your emails. The banners also display the sender’s email address and some short details to indicate why the banner was applied and whether an email came from an internal sender (from someone in your organization) or external.

A gray banner indicates that the email filter did not find anything unusual or suspicious about the message. Even if the message was not classified as threatening, you should always verify the displayed sender address and source type to ensure it is legitimate (e.g., an external webmail address from a colleague may be cause for concern).

A yellow banner indicates that there may be something unusual about the email message. It is not necessarily phishing or dangerous, but something you should be aware of. For example, a request for sensitive personal information should be given extra scrutiny. An email that appears out of the ordinary or is spam-like may display a yellow banner.

A red banner indicates that the message is suspicious and likely to be phishing or dangerous in some other way. This includes brand impersonations (e.g., a fake “account alert” email from your IT department), blocked phishing URLs, or attempts to spoof email to appear to come from an internal company account.

If you think the email filter has made a wrong email classification, or if you want to review details about the classification, click the “Details” link found in the middle of each banner. This will take you to a web form that provides more details about the email and allows you to provide feedback or report it. Clicking the “Provide Feedback / Report This Email” button will display options to report the email as Safe, Spam, or Phishing. Alternatively, you can click the “Safe”, “Spam”, or “Phish” links in the banner to quickly report feedback.

This location can also be accessed directly by clicking on the “More…” link found within the email banner. If you are presented with a Microsoft login page, please use your email address and password to get logged in.