Just because it seems safe, doesn’t mean it is.
On some emails, you might see a warning that marks them as being ‘external’. This gets added as the email comes into your organisation. The idea is a simple one – if you see an email marked as external, then you will be more cautious with it.
If you see an email that appears to have come from a colleague at work that is marked external, you might be especially careful because it would suggest someone was impersonating them. It is particularly useful with the whaling emails – the emails where the hacker pretends to be the manager and asks the accountant to send a payment overseas.)
Unfortunately, It is only a clue. You still need to be careful. It turns out that the hacking community have found a way to overcome this on some of the emails they send. They realise that this text is often added using HTML and have created some CSS code to defeat it.
What it means is, BE CAREFUL.
Just because your organisation might have a warning in place top advice users of external emails, be aware that it isn’t foolproof and you still need to be cautious.
Refer: Phishing Scammers Remove ‘External Sender’ Email Warnings Impersonating Internal Users (knowbe4.com)
