Email Security Tools

While Google Workspace is excellent at filtering "bulk spam" (like unwanted advertisements), the new tool is specifically designed to catch "targeted attacks." These include sophisticated phishing attempts, department head impersonations, and fraudulent grant-related communications tailored to trick University staff, adding a specialized layer of machine-learning-driven analysis that looks for patterns Google misses.

No. Google will continue to filter obvious spam into your Spam folder. The tool works in the background to identify and contain malicious emails (phishing, malware, or wire fraud). The only time you will see it “working” is when it flags a suspicious message and moves it to your Spam folder.

Traditional email security platforms act like a "gateway" that sits in front of email routing, which could sometimes delay email delivery or break encrypted links. This modern platform connects directly to Google, post-delivery, via an API. This means it scans messages instantly without causing message delivery delays or interfering with Gmail's functionality on your devices.

No. Your privacy remains a top priority. The email security platform uses a combination of static detection rules and machine-learning algorithms to detect and contain threats. UCSB’s Security Operations team manually reviews a message only if the platform flags it as malicious or suspicious, or if it is user-reported as potentially malicious. These reviews are strictly governed by UCSB’s Privacy Policies and the UC Electronic Communications Policy (ECP).

No. The email security platform is a security service provider, not a data-mining company. The university maintains full ownership of all data. The vendor has completed a risk assessment and meets the rigorous data protection standards required for UC data classification, Protection Level 4.

Absolutely not. The email security platform only protects your official university email account (@ucsb.edu). It has no visibility into or impact on your personal accounts. It is recommended that you use your UCSB email account for all university business. Personal accounts should not be used, as they lack the security protections required to keep UC data safe.

If you believe a legitimate email has been quarantined, please reach out to the Security Operations team at security@ucsb.edu and provide details about the expected communications (sender, date/time) for further investigation.

Likely not. The email security tool is designed to be "surgical" rather than "broad." It looks for multiple indicators of malice, not just "unfamiliarity." The system is also learning over time and knows if this sender has sent legitimate mail to a UCSB recipient before.  However, if a legitimate email is incorrectly quarantined, our Security Team can release it to your inbox within minutes of a request.

Yes, if you receive a malicious message, use the “Report Phishing” button to report it, and then delete it from your Inbox.  If you are using a non-Gmail-native client, such as Apple Mail, Thunderbird, or Outlook, please forward the entire message to phishing@ucsb.edu and then delete it from your Inbox.

Don't panic, but do report it. Send an email to the Security Operations team at  security@ucsb.edu immediately. Our goal is to protect the university, not to punish individuals. The faster we know, the faster we can reset credentials or contain a threat to prevent it from spreading.

Yes. Because it is integrated at the account level within Google Workspace, it protects your inbox regardless of whether you are using a laptop, tablet, mobile app, or a non-Gmail email client like Apple Mail, Thunderbird, Outlook, etc.