External Email

What Does EXT: Mean?

You may have received emails that contain a brief prefix in their subject line. The subject will begin with “EXT:” and then proceed normally. This prefix indicates that you have received an external email. An email is considered external when it originates from an email address that does not fall within the Kent State University organization.

Internal email addresses, most commonly those that end in @kent.edu, will not contain the EXT: prefix, which indicates that they do originate from within Kent State. The difference between external and internal emails can be seen below.
 

Internal Email

An internal email.

In the example above, an email address within Kent State's organization sent an email to another address in our organization. Since the sending email address is recognized as internal, the message's subject line does not contain an EXT: prefix.
 

External Email

An external phishing email.

In this example, the email was sent from a personal Gmail address. Since the @gmail.com domain is not considered to be within Kent State's organization, our mail system considers it external. In the subject line, the EXT: prefix is added to reflect this.

This email is also noteworthy because it is a phishing attempt. This was sent from a Gmail address controlled by a scammer, who was attempting to impersonate a dean and faculty member. This particular scam is so common that our team has created a page describing it in greater detail! You can read more about it here.
 

External Emails and Phishing

While the EXT: prefix in an email's subject does mean you should treat it with caution, it does not necessarily mean that the email is dangerous. Every email that originates from outside of Kent State University is not malicious. Instead, you should check a few aspects of the email before you interact with it:

  • Does the sender's email address look unfamiliar to you?
  • Do the contents of the email seem unusual? For example, are you being strongly urged to click a link, open an attachment, or respond with personal information?
  • Is this email unexpected or unsolicited?

If your answer to any of these questions is “yes,” then we recommend that you forward the email to phish@kent.edu. This will allow our team to analyze the email, let you know if it is safe or dangerous, and remove it from the mail system if it poses a threat.

On the other hand, an internal email can still be malicious. Throughout the summer months of 2024, Kent State was targeted in a phishing attack that resulted in several accounts being compromised. When the attackers gained control of these accounts, they began using them to send out more phishing messages. This meant that phishing emails were being sent from a @kent.edu email address, leading many to believe that the scammer's message was legitimate. An example phishing email sent during this incident can be seen below:

A phishing email sent from a compromised Kent State University email address.


Conclusion

Emails containing an EXT: prefix in their subject line originate from outside of Kent State. While this doesn't immediately indicate that the email is spam or a phishing attempt, it is a good idea to treat external emails with caution. Remember to ask yourself if the email's sender is unfamiliar, if the message contains unusual content, and if the email itself was unexpected. Doing so is another way to help keep yourself safe online!