Corresponding with contacts outside the Postal Service™ is a frequent occurrence for many USPS® employees. While it is common to exchange emails with non-USPS partners, USPS employees must take extra steps to ensure senders are legitimate and information is protected.
In June 2018, the Postal Service began labeling all non-USPS emails with the term [EXTERNAL] in the subject line. And now, as an additional visual cue, all emails from non-USPS senders display the following banner at the top of the message’s body:
CAUTION: This email originated from outside USPS. STOP and CONSIDER before responding, clicking on links, or opening attachments.
This visual alert system reminds employees to take extra precautions with these contacts, while keeping in mind that not all of them are malicious (see blue.usps.gov/cyber/security-avoid-scams.htm). Here are some signs that an external email could be harmful:
n Begins with a generic or inconsistent greeting (e.g., “dear customer”).
n Includes an “urgent” request for immediate action.
n Provides offers or prizes that seem too good to be true.
n Contains spelling or grammatical errors.
n Comes from a sender with an email address that appears to impersonate another business.
n Requests personal information, such as your USPS credentials.
Additionally, be sure to include #sensitive# in the email subject line when sharing sensitive attachments with non-USPS recipients. This will encrypt the file and prevent it from getting into the wrong hands.
For more information about effectively managing and protecting your inbox, visit CyberSafe at USPS® at blue.usps.gov/cyber/protect-your-inbox.htm. For questions specific to external email labeling enhancements, contact CISOEmailProtectionServices@usps.gov.
— Corporate Information Security Office,
Chief Information Security Officer
and Digital Solutions, 6-18-20