What does DoIT do to protect me from phishing attacks?
DoIT takes several measures to prevent phishing messages from reaching your inbox, as well as measures to report malicious senders that manage to get through. As most University email accounts use Gmail services, Google provides rudimentary phishing ans spam protections, along with reporting tools for messages that seem suspect. When these messages are reported, DoIT can then quarantine messages like it, potentially sent to other users as well. DoIT may also block further email messages from that sender, if possible.
In addition to Gmail's filtering, DoIT uses the services of Avanan from Check Point Software to do advanced phishing and spam detection using artificial intelligence algorithms. These messages can be quarantined as well, including after they have already been delivered to inboxes. For Faculty and Staff members, a warning may be appended to messages that would normally be quarantined.
When through the findings of an investigation DoIT suspects that a potentially compromised UMBC account may be responsible for sending malicious emails, that account may be locked and/or have its password randomized to prevent further malicious activity.
None of this can happen instantly, of course, and that is why you must also play your part in helping to keep your account secure. If you see something that looks suspicious, report it to security@umbc.edu.