Skip to Content

Division of Information Technology

Email Security

Several features in the Microsoft Security Protection Suite help to protect students, faculty, and staff from malicious email messages or attachments that could compromise their accounts and university assets. 

Safe Attachments

Screenshot of an email in Office 365 with the message, We're making sure your attachments are safe...
Message displayed while attachments are scanned for safety.

In addition to standard scanning for viruses, Safe Attachments actively scans all email attachments to search for malicious content. Safe Attachments scans every email, whether it is sent or received from your computer or mobile device. The software runs in the background and is not noticeable to most users. There may be a slight delay in sending emails while attachments are scanned. A box like the one shown here will appear. 

If an unsafe email attachment is detected, it will be removed from the email and replaced by a short text file that lets the user know the malicious attachment file name and the action taken. Removed attachments can be recovered in the event that they were incorrectly identified. On the rare occasion this may happen, please contact the IT Service Desk for assistance recovering attachments.

Safe Links

Phishing emails often contain a hyperlink or a URL that directs the user to a malicious website. Safe Links is a feature that scans all inbound email messages and provides time-of-click verification of URLs and links to provide an extra layer of protection against phishing emails.

Beginning in Summer 2022, you may have noticed a change in the appearance of hyperlinks in your USC email. If you hover your mouse over the link, you will see the address now points you to a address. 

  • If the URL is determined to be safe, the website will open just as it would have before we enabled Safe Links.
  • If the URL is a website that has been blocked or is determined to be malicious, a warning page will appear to let you know that the site has been blocked.
  • If the URL goes to a downloadable file, the file will be scanned for malware before you can access it. The scan has taken less than a minute in our tests. 

Exchange Online Protection (EOP)

Microsoft Exchange Online Protection (EOP) is a cloud-based email filtering service that works to reduce the number of junk email messages delivered to USC addresses. EOP includes junk email protection that uses proprietary spam filtering technologies to identify and separate junk email from legitimate email. EOP spam filtering learns from known spam and phishing threats and user feedback from our consumer platform, Ongoing feedback from EOP users in the junk email classification program helps ensure that the EOP technologies are continually trained and improved. 

Users can check their email quarantine at any time by logging in with their Network Username and password. Quarantined email will be retained for 30 days. Any email that is in quarantine at the time of the switch (the week of June 13) will be accessible for the duration of the retention period, which is 14 days from the time the message was quarantined. 

Phishing and Spoofing Protection

The Report Phishing Add-in in Outlook is an easy way to report phishing messages. There is no need to install the Add-in; it is available on Outlook clients and on Outlook on the web as of mid-June 2022. Here is how it will look in different clients:

  • Outlook desktop client
    A button has been added to the ribbon called Report Message (or Report Phishing). Open the message you would like to report and open the message options menu by clicking on the image of three dots in the ribbon. Select the Report Message add-in and choose the submission type.
    Screenshot of Outlook for desktop. The three dots menu is opened with Report Message options displayed: Junk, Phishing, Not Junk, Options, and Help.

  • Outlook mobile for iOS and Android
    Open the message you would like to report and open the options menu by clicking on the image of three dots under the date in the email header. Select the Report Message add-in and choose the submission type. With all clients, you will receive a pop-up notification before submitting the report. 

What if I don’t see the Add-in?

If you do not see the Add-in, please try to restart your computer or device. If the Add-in still doesn’t show up, please contact the IT Service Desk.

Challenge the conventional. Create the exceptional. No Limits.