Email Phishing
When an email comes in from a consumer about a potential email phishing.
Attacks missed in the first evaluation should be reported through Detection 360º as the most direct way to determine how it was missed and to update the AI models so it will not be missed in future.
Attacks reported through Abuse Mailbox are automatically added to the Threat Log and, while the attacks are not added to the Detection 360º interface, the results are used by the Detection team to improve Abnormal' s detection models.
Instruct the user to use the Report Phishing option from within Google. (Three dots tot he top left and then select Report Phishing
--> This will instruct both Google and Abnormal to analyze the email for phishing criteria.
Important Note:
Abuse Mailbox, Detection 360º, and AI Detection Model Updates
Abnormal Security evaluates messages on multiple levels. At the first evaluation as part of Abnormal's Inbound Email Security product, messages sent to a user's inbox is evaluated for threats and malicious intent. The second evaluation is conducted by the additional applications offered by Abnormal Security, such as Email Productivity for graymail and Abuse Mailbox for reported phishing emails.Attacks missed in the first evaluation should be reported through Detection 360º as the most direct way to determine how it was missed and to update the AI models so it will not be missed in future.
Attacks reported through Abuse Mailbox are automatically added to the Threat Log and, while the attacks are not added to the Detection 360º interface, the results are used by the Detection team to improve Abnormal' s detection models.
Auto-Response Email Notifications:
1. SAFE - the Abnormal system will send the Aspire staff member an auto response that the email is safe
i. If the user would like and they do not recognize the email sender they can then follow-up with a Report to Spam action from within Google
2. SPAM - The Abnomal system will send the Aspire staff member an auto reponse that states the email is confirmed to be spam and auto remediate the phishing attempt
i. At this point the Abnomral system will scan all emails for the sender. If any further action is necessary the Abnormal team will connect with the Aspire team.
3. MALICIOUS - The Abnormal system will notify the Aspire staff member that the email they reported came back as malicious. This will be treated the same fashion as the SPAM email. The Abnormal vendor will work on vetting and blocking the email and will notify the Aspire team using the phishing email account.
DataImage97.png
DataImage97.png
DataImage41.png
DataImage41.png
DataImage60.png
DataImage60.png
DataImage4.png
DataImage4.png
| Files | ||
|---|---|---|
|
DataImage97.png 54 KB |
|
|
DataImage41.png 55 KB |
|
|
DataImage60.png 49 KB |
|
|
DataImage4.png 34 KB |
Get help for this page
Jitbit HelpDesk