Email Warning Tags

Last updated: January 10, 2024
Audience: All UW

UW-IT has deployed Proofpoint, a leading email security vendor, to provide both spam filtering and email protection. As an additional effort to protect University of Washington users, UW-IT is beginning deployment a feature called Email Warning Tags. Email Warning Tags will notify you when an email has been sent following one of the parameters listed below. This notification alerts you to the various warnings contained within the tag.  Email Warning Tags are only applied to email sent to UW users who receive their mail in UW Exchange (Office 365) or UW Gmail.

Personally-identifiable information – the primary target of phishing attempts – if obtained, can cause among other things; financial and reputational damage to the University and its employees. Phishing attacks often include malicious attachments or links in an email, or may ask you to reply, call, or text someone.

As a result, email with an attached tag should be approached cautiously.

Tag Example:

The tag is added to the top of a message’s body.  The specific message for each tag is displayed in the message to the recipient and also provides a link for further information.

Emails tagged with a warning do not mean the email is necessarily malicious, only that recipients should take extra caution.  Do not click on links or open attachments in messages with which you are unfamiliar.

Tag Types:

For each tag, the default titles and bodies for each tag are listed below, in the order that they are applied.  A given message can have only a single tag, so if a message matches multiple tagging criteria the highest precedence tag will be the one applied.

Rule ID Title Body
Impersonating Sender Be Careful With This Message The sender may be an impostor.
Mixed Script Domain Be Careful With This Message This message may contain links to a fake website.
DMARC Authentication Failure Be Careful With This Message The sender’s identity could not be verified and someone may be impersonating the sender.
Newly Registered Domain Be Careful With This Message The sender’s email domain has been active for a short period of time and could be unsafe.
Unknown Sender This Message Is From an Untrusted Sender You have not previously corresponded with this sender.
Unsafe Message This Message May Be Unsafe Please verify with the sender offline and avoid replying with sensitive information, clicking links, or downloading attachments.


Why is this change being made?

To help prevent and reduce phishing attempts against University of Washington users and assets, by providing some additional information and context around specific messages.

Why is a specific message or sender being tagged?

Just because a message includes a warning tag does not mean that it is bad, just that it met the above outlined criteria to receive the warning tag.  However, if you believe that there is an error please contact


If you have questions or concerns about this process please email with “Email Warning Tags” in the subject line.