Misleading emails are the internet’s version of junk mail, but you don’t have to face them alone. Think of the Office of Information Technology’s Computing Incident Response Team (CIRT) as a digital neighborhood watch—constantly on patrol, investigating suspicious messages and other threats, and helping keep our community safe. We sat down with the team that investigates phishing emails to uncover how they track down scams and why reporting odd or questionable emails isn’t just helpful—it’s essential to protecting Rutgers.
Diving into email metadata
After receiving an alert, team members investigate the email’s metadata—a behind-the-scenes trail of digital breadcrumbs showing who sent it, who received it, and which servers it hopped through to reach your inbox. Then, they match this data against spam scores, a kind of digital reputation check, to see if the email or its linked websites raise any red flags. It’s a high-tech detective process that helps determine whether an email is legitimate or a cleverly disguised scam.
Not all suspicious emails are malicious
When the team spots spam that’s annoying but harmless, meaning no malware and no shady links, they’ll guide users to Outlook’s Report Spam feature. It’s a quick way to move junk to the right folder and block future messages from the same sender.
But when an email looks more dangerous—loaded with sketchy links, strange attachments, or signs of impersonation—the team goes into investigation mode. Using specialized tools and secure environments, they dissect the message without putting Rutgers systems or data at risk. It’s a careful process designed to catch threats without falling into traps. The team also works with their Rutgers Connect and Scarlet Apps colleagues to secure and protect any compromised accounts.
See something sketchy in your inbox? Don’t just hit delete—report it!
The team can’t investigate what they don’t know about, which makes your reports vital. Even if you’re unsure whether an email is suspicious, it’s better to send it for review.
A tip from the team: Don’t try to play detective yourself! Always attach the suspicious email instead of forwarding it, whether you are using Rutgers Connect or ScarletApps. Why? Because attachments preserve the email’s hidden data that helps the team trace its origin and intent. It’s a small step that makes a big difference in keeping Rutgers secure.
Tags: phishing, security