We've helped several clients reduce the number of successful phishing email attacks. As part of our Managed Phishing Assessment Service we send realistic but benign phishing emails and the responses have been shocking.
One client had 32% of their staff fall for our email. In order to help identify phishing emails we pre-pend the subject of the email with a warning, this is how you do it
1. click on the Exchange Admin Center and then click on Mail Flow and add a new rule.
2. name the rule and set "Apply this rule if.." The sender is located outside the organisation.
3. click more options
4. set "Do the following.." to Apply a disclaimer to the message > Prepend a disclaimer
5. use the following and adjust to your business
<p><div style="background-color#FFEB9CC; width:100%; border-style: solid; border-color#9C65000; border-width:1pt; padding:2pt; font-size:10pt; line-height:12pt; font-family:'Calibri'; color:Red; text-align: left;"><span style="color#9C65000"; font-weight:bold;>CAUTION:</span> This email originated from outside of insert business name. Do not click links or open attachments unless you recognise the sender and know the content is safe.</div><br></p>
We find it best not to prepend the subject.