Mimecast URL Protection allows you to feel safe when clicking links sent to you from a non-GCTS email address. Mimecast will automatically re-write links that you access online and it will look different to normal URL’s. For example, a link to bbc.com would become https://protect-us.mimecast.com/s253462825?domain=bbc.com. The first time that you click a url/link from an external sender in your email on a new computer, or a different web browser, you will need to enroll your device. This is expected behavior and is a safe link to click. To do so, follow the steps below. You will be brought to a page which notifies you that you need to enroll your device. This will only need to be done on a new computer/web browser, and if the token lihnking your device to your account becomes stale (which may happen every few months), you will not need to enroll every time that you click a link in an email. An example of the page you will see when required to enroll your device Input your Gordon-Conwell email address in the box provided, and click Get Authorization Code. The Authorization code will then be sent to your GCTS email address An example of the email code that is sent to you Input the code emailed to you into the page where requested and click Enroll Device Your device is now enrolled and you will be redirected to the URL you originally clicked. You will also receive an email notifying you that your device was successfully enrolled.

As part of its security offerings, Mimecast "holds emails" that it believes are suspicious, are typically considered spam, or are outside your normal email receiving patterns. As Mimecast ingests more of your emails, it will learn more about your habits and the number of false positives of held emails should decrease. If Mimecast holds a message for you, you will receive an email notifying you. This email, with the subject line "You have new held messages" is sent three times a day (7 AM/0700, 12 PM/1200, and 4 PM/1600, all times EST) which identify messages that are considered spam since the last Digest was sent. You will have three options for each held message: You can Block them, removing the message and adding the sender to your personal block list. You can Release them, which will send the message to your inbox but continue to intercept messages from the same sender. You can click Permit, which will deliver the email to your inbox AND mark future messages from this sender as safe. Held messages will be deleted after 14 days if you don’t release them. For specific information regarding the three different options provided, as well as more FAW, please see this article from Mimecast.

Mimecast is an email security and safety that GCTS IT has partnered with to secure GCTS emails from multiple types of threats. This includes: Spoofing: Where someone pretends to be sending from a GCTS email address to access resources they shouldn't have access to, or to request purchase of something they shouldn't, such as gift cards or prepaid credit cards. URL Impersonation: When a link in an email says it is going to send you to one webpage but instead sends you to another, malicious webpage. Used to steal your credentials or infect your computer or other device with malware. Attachments: While many attachments sent in emails are safe, email attachments are one of the most commonly used ways to install malware on your computer, or to access your credentials, and thus caution is very important. Spam/Scams: With the sheer number of emails that we receive and send every day, scam artists and spammers attempt to send emails to members of the GCTS community to access their accounts and gain potentially valuable information about our systems, as well as scam people out of their money. Mimecast as a system sits between GCTS' email system and the internet, scanning all incoming and outgoing emails (and the attachments, urls, and senders of those emails) to make sure that we are as safe as possible. For more information on exactly what Mimecast does for each of the above threats, please see the articles below or contact GCTS IT by opening up a ticket at support.gordonconwell.edu or talking with your local IT Service Desk Representative. URL Protection Attachments Spam/Held Messages