ACNS combats phishing with extra layer of email protection

Serena Bettis

If that $20 per hour dog-walking job seems too good to be true, it is probably spam. 

To combat increased instances of spam and phishing email attacks, Colorado State University’s Academic Computing and Networking Services launched the Microsoft Advanced Threat Protection for Office 365 on Oct. 21. This will only impact students who use Office 365 for their CSU email. 


“What this advanced protection does is, really, any attachment that comes in as an email, Microsoft will scan that attachment,” Dave Hoffman, ACNS project manager, said. “It protects us from some phishing and malware attacks that happen.”

ACNS member Lance Baatz said this will not affect students using their Gmail accounts because Gmail has a robust spam filtration system in place and does not offer any security add-ons like Microsoft. 

We have more sophisticated attackers, and they are crafting social engineering that is really manipulating our users, unfortunately.” -Kelly Poto, cybersecurity internship coordinator

Since Office 365 is a more common platform for large organizations, it is highly targeted,” Information Security Officer Steven Lovaas wrote in an email to The Collegian. “That is, some attacks are specifically crafted to evade default Office 365 protections.” 

Lovaas said that both email platforms catch about 90% of malicious emails by default.

Most attacks come through embedded links or attachments. If the ATP software scan determines the content is safe, the email will look normal. When it detects a security threat, it will alert the user.

A screencap of an email being scanned for malware.
An example of what the Colorado State University Office 365 emails will look like while the Microsoft Advanced Threat Protection scans the email content. (Photo courtesy of Dave Hoffman)

“It will take Microsoft a minute or so to scan the email, and if everything’s safe, it just returns to normal, and people may not even notice that it happened,” Hoffman said. “These things take place in the background for every link and every attachment that comes through.”

Baatz said most attacks that come through automatically go to the spam folder, and ATP will provide students with an added layer of protection for sophisticated attacks that do appear. He said ACNS will monitor ATP’s effectiveness, but they know it will not stop every attack. 

“There’s potential for looking at additional layers of security — things like multi-factor authentication that might require people, when they log into an email, to get a notification from their phone … to ensure their identity,” Baatz said.

Spam and phishing attacks may not be obvious. Hoffman said that with more sophisticated attackers, the attacks look like they are coming from classmates, faculty or administrative offices on campus. 

A link in an email may appear to connect to a CSU login portal or a friend’s favorite blog, but once the user clicks on this link, it sends them to a fake website that will collect their information or download malware onto their computers. 


Hoffman recommends caution and review when opening emails and attachments.

“Really, to me, it’s an expectation thing,” Hoffman said. “Are you expecting an email from this sender? Are you expecting an attachment? Are you expecting links from them? If you’re not expecting it all, our recommendation is to just delete them.” 

Baatz said ACNS is aware of the increase in spam attacks over the last few years and actively responds to spam reports to ensure student privacy and safety.

“We have more sophisticated attackers, and they are crafting social engineering that is really manipulating our users, unfortunately,” said Kelly Poto, the cybersecurity internship coordinator. “I think that user education is probably one of the best ways that we can combat that.”

Serena Bettis can be reached at or on Twitter @serenaroseb