14 Aug Enlist Every User in the Fight Against Phishing
It’s one thing to teach your users how to spot phishing attempts and train them not to click through. But what if every user in your organization could be your eyes and ears in each inbox, identifying threats and acting to protect the whole enterprise?
NINJIO ALERT is a lightweight email add-in button that allows users to quickly report suspected phishing emails and provide standardized information to incident responders on your security team.
Imagine receiving near real-time threat intelligence on attacks targeting your users, preserving all relevant information for further analysis, and making the process of reporting and responding to phishing attempts more efficient. That’s the promise behind NINJIO ALERT.
Once a user hits the report button, they trigger a series of communications to reinforce the positive behavior:
- A pop-up notification will appear immediately after the reporter submits a suspicious email to let them know the security team is investigating.
- A “thank you” email is sent shortly after submission to express the security team’s appreciation and encourage additional vigilance and reporting.
- An outcome report is emailed when the issue is resolved to close the feedback loop and contribute to further learning.
But what goes on behind the scenes?
- 3rd-party email scanning: Suspicious email is automatically sent to licensed databases (such as Phish Tank, Google Safe Browsing, and Virus Total) and scanned for malicious URLs. Automation rules can be created to mitigate any email deemed malicious.
- Suspicious Email Risk Scoring: Suspicious email is given a risk score based on external origin, sender name spoofing, 3rd party URL analysis, and the reporter’s past performance, including the total number of reports submitted, the number of confirmed phishing attacks, and those that were not to enable SecOps to make informed and fast decisions.
- Real-time Reports and Email Review: Real-time reporting categorizes reported emails as clean, spam, or phish and allows for manual category prioritization.
- One Click Protection: In a single click, security teams can delete reported emails from the reporter’s inbox, activate rules for attack mitigation, and send notifications to affected users. Security teams can easily remove all similar messages from Microsoft Exchange.
With NINJIO PHISH3D and NINJIO ALERT, your users won’t just be able to identify and avoid phishing attempts. They’ll be able to help you neutralize threats and protect their colleagues as well.