9/18/19 - Historical uwb.edu To Be Discontinued

9/18/19 - [Security Issue] Historical “@uwb.edu” email addresses to be discontinued

 

As part of UW Bothell’s transition to O365, incoming email with the historical UWB addresses ending with: “@uwb.edu” were forwarded to the corresponding UW “@uw.edu” email addresses. This forwarding was intended to be a short-term solution to facilitate the change to “@uw.edu” email addresses.

Email spam and phishing are the top attack vectors for cyber criminals to access UW data and services. Further, email inbound for “@uwb.edu” email addresses do not have spam or phishing protections. Given this significant security risk to the campus, we are planning for a November 15, 2019 discontinuation for forwarding “@uwb.edu” email addresses to UW email accounts.

If you have any questions or concerns, please contact Adri MacArthur (sanchea2@uw.edu).

 

FAQs

What is the issue?

When the campus transitioned to Office 365 (circa 2014), all UW Bothell Faculty and Staff email addresses were transitioned to UW or addresses ending with: “@uw.edu.”  As part of the O365 transition, incoming mail with the historical UWB addresses ending with “@uwb.edu” were forwarded to the corresponding UW email address. This forwarding solution was intended to be discontinued in 2015-16 which was communicated as part of the Office 365 migration.

How might this affect me?

This change will not affect the majority of UW Bothell Faculty and Staff; the use of “@uw.edu” email addresses became standard after the migration to Office 365.

How can I check to see if anyone is emailing me “@uwb.edu”?

  1. Go to the Search box in Outlook
  2. Type: “[uwb username]@uwb.edu” (this is generally your first initial and last name) and press Enter

What if someone is emailing me at my “@uwb.edu” address?

If the sender is external (and legitimate), you may choose to send them an email with your updated email address.

What else should I be aware of?

Outlook saves email addresses for autofill; some historical “@uwb.edu” email addresses may be saved in your client(s).  In future, if autofill pulls the “@uwb.edu” email address, you will receive a failure to send notification and would then have to resend to the appropriate email to UW address.

How can I delete an “@uwb.edu” address from Outlook’s autofill?

To remove a single address from your auto-complete list:

  1. Open Outlook.
     
  2. Click the New Email button.
     
  3. In the new e-mail window, start typing the address you want to remove in the To field. When it appears, click the X button next to the address.

blank, new email showing an auto-fill uwb email address

How can I delete (and start fresh) with my Outlook autofill?

 

On a Mac:

To remove all addresses from your auto-complete list:

  1. Make sure that your computer is connected to the Exchange server.
     
  2. In the navigation pane, Ctrl+click or right-click the Exchange folder for which you want to empty the cache, and then click Properties.
     
  3. On the General tab, click Empty Cache. After the folder is empty, Outlook automatically downloads the items from the Exchange server.

On a PC remove auto-complete list for all emails:

 Clear entire address list

  1. Select “File“.
  2. Choose “Options“.file page within outlook that has a red square over the word Options in the left side menu
  3. Select “Mail” on the left pane, then scroll all the way down to the “Send messages” section.
  4. Select the “Empty Auto-Complete List” button. If you want to turn off the Auto-Complete feature, uncheck the “Use Auto-Complete List to suggest names when typing in the To, CC, and Bcc lines“, then select “OK“.Window of Outlook Options with a red outlined box over button that says Empty Auto-Complete List
  5. Select “Yes” on the dialog box that appears.

Why is this a risk to the campus?

Cyber criminals are continually using email as a way to access UW data, Office of the CISO has 8.5 million emails are received from off-campus per day, Fewer than 1.5 million are legitimate. In 2018, UW had 2804 compromised accounts; of those, 762 were from phishing attacks.