This site requires JavaScript to be enabled
Welcome Guest|
Recent searches
IE BUMPER

Links in University Group Email (Emma) Messages: Assuring Safety

Number of views : 12
Article Number : KB0018301
Published on : 2020-09-10
Last modified : 2020-09-10 18:37:27
Knowledge Base : IT Public Self Help

The vigilant user of email will always mouse over each link before clicking on it. Whenever the link value that appears does not correspond with an expected URL, the user will want to account for any difference before clicking. For example, if a user mouses over a link expected to have the value "www.nicecuddlypuppies.org" and finds instead "www.nefariousandinfected.pir", the user should not click on the link.

With University Group Email using Emma, link analytics are tracked so that the senders can tell how many people clicked on each link value offered in the email. However, that feature of the Emma service always makes links less transparent to the message recipient. For example, user expectations for a link value may be:

https://president.utexas.edu/staff-lunches  

What most* receivers will see instead when mousing over such a link would be:

https://t.e2ma.net/click/38586c/3sdorz/j1uzz4

“e2ma.net” is assigned to the Emma service. The prefixed “t.” indicates a trace function for this link. So the above would be an expected URL for a click trace URL for the Emma service.

If the email mouseover does not conform to these expectations, please feel free to contact the Group Email stewards at group-email@utlists.utexas.edu and we will investigate. You may be sure that if we find a situation involving our email security, we will involve the Information Security Office, and we will of course get back with you as well. Please do not click on a link that you regard with suspicion, and let the service stewards and/or the ISO know if you find yourself having to make a judgement in a case you are unsure of.

The following site is currently helpful in displaying the target URL for a link mediated by the trace function in Emma:  https://urlex.org .

Other features that recipients might advocate for in support of assurance of security of Group Email using Emma may also be unavailable.  For example, digital signature of emails is not possible since Emma disallows attachments of any sort.  The Group Email stewards are always willing to take suggestions from UT community members on actions we could take that might assist our community with recognition of untrustworthy communications.

Important Note:  As of September, 2020, the Group Email stewards have been informed of a protocol by which link tranformation to the "t.e2ma.net" format can be avoided if click tracking is not essential.  Using this workaround will make University Group Email more transparent and trustworthy to the University community.  Information can be found in knowledge article "Creating Direct Links in Group Email Messages".

(*Some users may see links at addresses like "na01.safelinks.protection.outlook.com". This is related to a service from Microsoft called Safelinks that's being phased in by the UT Mail team.  The urlex site referenced above does not assist with identifying target pages of safelinks.  Please see the Safelinks documentation for details.)

 

Thank You! Your feedback has been submitted.

Feedback