Specify what happens when a new spear phishing or account takeover attack is detected. You can change this information at any time. Making changes does not affect suspicious emails that have already been found and remediated.
Spear Phishing Attack Responses
To specify responses to spear phishing attacks:
- Click the Settings icon to access the administrative functions.
- Select the Spear Phishing tab.
- Choose the action you want to take when you find a potential spear phishing attack:
- Move the email into the recipient's Junk email folder (recommended) – The recipient can see that the email has been flagged as suspicious and can determine if the email is valid.
- Permanently delete the email from the recipient's account – If you delete the suspicious email, it cannot do damage. However, the recipient will not be able to see the email to determine if it is valid.
- Leave the email in the recipient's email box – This action is not recommended because the user is not alerted that there could be a problem with an email and might interact with it.
Specify whether you want to send an alert to recipients affected by the suspicious email. Click Customize Alert to personalize the email for your organization.
Specify whether you want to send an alert to your security team when a spear phishing attack is detected. Specify the email address that will receive the email alert. If you choose, you can specify a single email that acts as a distribution list to notify several individual administrators.
- Click Save.
Account Takeover Attack Responses
To specify responses to account takeover attacks:
- Click the Settings icon to access the administrative functions.
- Select the Account Takeover tab.
Specify whether you want to send an alert to your security team when an account takeover attack is detected. Specify the email address that will receive the email alert. If you choose, you can specify a single email that acts as a distribution list to notify several individual administrators.
- Click Save.