Option for "External Sender" flag similar to email

Please give a quick overview of your product feature request or feedback and note who in your org is affected by this issue [ex. agents, admins, customers, etc.]. (2-3 sentences)

I would like to have the option to toggle on an External Sender flag for end users outside of certain domains, similar to the “[WARNING: EXTERNAL SENDER]” you see in subject lines of many companies. I would like this flag to be bright and obvious to alert agents that this user is outside of our company.

What problem do you see this solving? (1-2 sentences) 

A large chunk of our work is done with users inside our company across all departments, but we have to keep our ticketing instance open to outside users as we have external requests from some customers as well. With this comes spoofing attempts with the bad actors using common language that we can't target, because it would filter out real requests. They repetitively use different email addresses so we can't target those either. Having an External Sender flag that is obvious can greatly help our agents be on alert in these scenarios and save our agents time on investigating.

When was the last time you were affected by this lack of functionality, or specific tool? What happened? How often does this problem occur and how does this impact your business? (3-4 sentences)

We see these spoofing tickets several times a day. We have had an agent fall for one of these probably about once every six months. The impact can be devastating when it comes to our finance and HR teams especially. There have been at least two scenarios that I know of where financial and personal information was almost compromised were it not for someone else coincidentally stepping in.

Are you currently using a workaround to solve this problem? (If yes, please explain) (1-2 sentences)

There are a couple names that have been used several times in the description field (fake leadership in our company, for example), and I have created a trigger to auto-solve them. But this is only a small portion of the spoofing tickets and we'll be in trouble if we ever have real tickets with those names used in the description field. Other than that, we hope that training kicks in for our agents. 

What would be your ideal solution to this problem? How would it work or function? (1-2 sentences)

An option for a flag that you can toggle on/off in Admin Center. The flag could appear about where “Internal” does next to the user's name when you make a private comment. The flag could show up in a red box with the text “EXTERNAL USER.” This flag would show up based on domains you select as internal users. Any domains not listed there would get flagged.