Email Impersonation Detection

The intent of this security measure is to alert an individual that they are being impersonated by someone not affiliated with VCCCD in an attempt to carry out phishing attacks or scams against their colleagues. As part of this detection, the impersonated individual will be notified, and will be able to confirm the legitimacy of the email. Colleagues that receive the email will be notified by a modification to the subject line which suggests the email is not legitimate.

Alert, Review and Confirmation

When the alert is initially triggered, the employee being spoofed will receive a notification similar to the one below. They are then able to click "No" to confirm that they did not send it, or "Yes" if they did. The email in question will also be attached as "OriginalMail.eml", allowing the individual to review the suspicious email.

Email from Trend Micro notifying user that they have been impersonated

Subject Line Modification

When you are the recipient of an email impersonating another employee at VCCCD, you will see the subject line changed to suggest that the email is not actually from your colleague.

Subject lines will be modified with the phrase :

"IMPERSONATION SUSPECTED:", followed by the original subject line.

Reporting these emails to is not required, as IT will be notified automatically.