SPAM FAQ

SPAM - Frequently Asked Questions.

I’ve received an unwanted/SPAM email, what do I do?

  1. Is it a newsletter you signed up for and has an Unsubscribe/Manage option/instruction at the bottom?
    1. Use the options provided to remove yourself from their list. Businesses in Canada and the EU/US are required to have some kind of 'unsubscribe/removal' option for business, marketing communications, that are not requisite for the operation of business being transacted between the parties or as part of customary or B2B interactions. Look at the bottom of the email message for some info on how to unsubscribe, its usually in small text. In some cases you may need to go to the company's website, and if you have an account change preferences in settings on either their site or software.
  2. Is it advertising from a business you have dealing with either as a customer or B2B interaction?
    1. If there isn't an unsubscribe option on the message itself. Check with them to see if you can change/remove email advertising (in some cases there may not be an option with some business-to-business agreements), this could be through their website, software, or through their customer service.
  3. Is this the first SPAM message you’ve received from a sender?
    1. Delete it, in many cases, the system will learn and catch it with no further action required.
  4. Is this a repeated SPAM message or coming from a prolific SPAM sender?
    1. forward example(s) as an attachment (the More button next to forward in your Outlook Inbox) to spam@emailservice.io. Feel free to delete the message after submitting it. This will NOT block the message. Below are steps you can take to (un)block senders and further adjust your Smart Dolphins Email Security Filter Settings to deal with these cases. And Smart Dolphins can assist you with doing some configuration for yourself, your group, or your organization for these repeat offenders. You can also make a Quick Step button in Outlook to make this even easier. (Smart Dolphins can assist you in setting one up along with a Report Spam button that can be deployed to the entire organization)

I’ve received an email asking for personal information, financial action or threatening me with legal action/privacy concerns that appear to be from a person of authority in the business, government or law enforcement that is unusual/unexpected (Phishing, Impersonation).

  1. STOP and confirm before doing anything directly with the request within the email or the contact details provided within the message. Try to verify the legitimacy of the request and sender by looking for information outside of the message, and contacting internal senders directly in person/phone/messaging or a separate email. For external senders, use Google to look up the company/sender and contact them via the published information, or confirm contact information with past communications or other contact methods, do not trust anything in the email. It’s always better to be sure than to risk a data breach or financial, or reputational damage. If you have concerns about a message's validity engage Smart Dolphins Support, we can help review the technical details of the message to its validity.
  2. After confirming a message like this is fake, we want to report the email. Engage your company's team to let them know if it looks like a widespread message, do not forward the message risking other users from acting on it, but rather screenshot the message. Contact Smart Dolphins and we will assist in assessing the message and look into potential threat(s) pertain either to your organization or the senders (we can't act on their behalf but we can provide some information to have their IT remediate things on their end). Smart Dolphins can also assist with configuring warnings for external senders, name impersonation for internal and important external contacts.

I received an email sharing/requesting some documentation, but I am not expecting it...

  1. One of the more common 'Phishing' attacks recently has been attackers sending malicious shared Word, PDF, Excel files, as attachments or via prior compromised Sharepoint/Onedrive/Google Drive/Dropbox/Box etc file sharing service accounts.
    1. If its something like '<contact> shared a document with you' or '<Company> Invoice is ready.' as a subject and a generic sharing message with a link to access the document. STOP. Confirm if you're expecting the document or a request to share something. If it's unexpected, treat it as above, confirm with the sender outside of the message and similar steps.

I received a blatantly obvious bad message, why did it get through!?

There are many reasons a SPAM or Phishing message gets through filtering.

    1. Primarily the cause is there isn't enough information to work from, things like a randomly generated GMail address sending very little content in the body (or a full message that is just an image) are difficult to fully assess as good/bad message, as GMail is very commonly used by your customers for their own personal and or work email, names are not always a solid point to filter upon, even if they are the same as someone in the company, and if there isn't enough information in the body that matches filtering logic/rules then it may get through.

    2. New attack type/method. Spam filtering works by assessing the message against a set of characteristics with the message, and its header information. If it is something new the system can't tell its bad (yet), this is where submitting examples helps at the system builds its repertoire of known bad messages.
    3. Whitelisting. Either on your account, group, or company level an email address or its domain could be whitelisted allowing everything through from that source. If something is coming through you can check your whitelisted senders in your Smart Dolphins Email Security profile.
    4. Moving Goal Posts. Spam and Phishing are an ongoing battle with each side adjusting to the other. As new attack methods get used, filtering systems get updated/trained to combat them as effectively as possible without unduly 'false positive' blocking legitimate messages. This goes back and forth as one side makes a change the other adapts. With the explosion in the availability of Generative AI tools (Chat GPT, Microsoft CoPilot, Google Bard etc etc) there are now even more complex systems in play. This is big business both sides of the fence.
    5. Filtering Balancing act. Filtering systems have to balance their blocking and passing of messages, and to reduce the impact on workflow and communication generally have to lean a bit towards letting messages through vs filtering them when the system can't tell on a black/white level (all email is a shade of grey, there are positive and negative scoring values associated with any message even the most well intended.) Smart Dolphins can assist with adjusting this balance for your filtering.

A Contact sent me an email and it landed in Quarantine

 

What you can do

Smart Dolphins Email Security options ( We have a video available here):

  1. Accessing your Quarantine and account
    1. Access via the 'Review My Messages' link on your most recent Message review notification email
      mceclip0.png  
    2. OR goto: https://smartdolphins.emailservice.io on your browser
  2. Accessing Settings from the portal
    1. Click on the Gear icon on the top left of the page (next to the inbox icon for your full Quarantine)
  3. White/Black listing individual senders
    1. If you have a message in your Quarantine report you want to block or allow the sender of you can click on the From: entry and select the desired option
        
       
      mceclip4.png 
    2. If you know the sending email, or the domain you wish to (un)block you can add them in the settings page under the Allow rules (inbound only) and Block rules respectively.
      1. Note some domains are not allowed to be blanket allowed/blocked due to security/functionality concerns
        mceclip0.png 
        mceclip0.png 
  4. Message Rules
    1. Here you can create a rule based on qualifying factors. These are advanced and generally if you need something setup here consult with Smart Dolphins Support
  5. Tracker Removal
    1. Toggleable setting to automatically strip tracking pixels and other common embedded tracking points on messages (usually used by marketing software to see open/click rates)
  6. Message Review Notifications
    1. You can adjust or fully turn On/Off the notifications and adjust the schedule to your preference.
  7. Spam Tolerance and further settings below
    1. These settings affect how the filtering rule system works on your mailbox, adjusting the tolerances can have a significant impact with small changes, with generally 'clean' messages scoring <200, and 'spammy' marketing/newsletters etc going from 200-250 and pure junk usually starting at 300+. 
      Smart Dolphins strongly recommends leaving this set to Normal Mode with the filter score level set to 200.