Email Protection Service


The University is constantly receiving phishing and other malicious emails. To protect you from these we’ve now introduced an Email Protection Service for Office 365.

This service will protect you from phishing and malware attacks by blocking malicious emails.

You will receive an email to notify you when a malicious or phishing email has been blocked.

The message will be received from DoNotReply@eu.tmcas.trendmicro.com with a subject title Trend Micro Cloud App Security Advanced Threat Protection.

For example:

From: Do Not Reply [mailto:DoNotReply@eu.tmcas.trendmicro.com]
Sent: 14 November 2019 11:31
To: user@leeds.ac.uk

Subject: Trend Micro Cloud App Security Advanced Threat Protection

Trend Micro Cloud App Security Advanced Threat Protection is the University of Leeds Email Protection Service.

The service detected an email message intended for you that contained a link to malicious web page or a phishing webpage to obtain user credentials. The email has been blocked and not delivered to your mailbox. There is no need for further action.

If you believe the email is genuine or would like more information please visit the IT Service Desk web pages https://it.leeds.ac.uk and search for Email Protection or refer to knowledge base article KB0013886

Message details:

URL: https://letmestealyourcredenitals.com

Action taken: Blocked

              Received: 2019/11/14 11:31:15 (UTC)

              Found in: user@leeds.ac.uk\Inbox

              Detected by: Web Reputation

              Sender: scammer@hackers.com

              Recipient: user@leeds.ac.uk

              Subject: Update your restricted IT account

              Category: Credential Phishing

 

What should I do if I receive this type of email

You don’t need to do anything. The University has confidence that the email that has been blocked is malicious. There is no need to contact the IT Service Desk or forward the warning email to spam@leeds.ac.uk, junk@office365.microsoft.com, phish@office365.microsoft.com or abuse@messaging.microsoft.com.

I think the blocked email was legitimate, what should I do?

If you know and trust the sender of the email and were expecting it, check with the sender to make sure it is legitimate. Preferably contact them by phone in case the senders email account has been compromised. Ask them to check their email and scan it for malicious content or attachments, then resend the email to you.

If the email is blocked again, contact the IT Service Desk to request the email be analysed. If the email is genuine it can be released. This must be done within 90 days.