This article takes you through Threat Analysis, an enhanced new feature within our Phish Focus solution.
Benefits of this feature to Security Team and / or Phriendly Phishing Company Administrator:
- This feature assists in automatically identifying potential threats in user reported emails.
- A single place from within the Phish Focus solution displaying the results of automatic checks against multiple resources or services.
- Analysis of reported emails and calculation of score based on separate services.
This article answers below questions:
- How are the reported emails analysed and processed?
- What information in the email are being scanned or analysed by scanning services?
- Where can I find the Threat Analysis results?
- What are the required actions based on the Threat Analysis results?
- Where can I find the message details of the Threat Analysis results?
How are the Reported emails analysed and processed?
What information in the email are being scanned or analysed by scanning services?
- IP Addresses (IPv4, IPv6) of all servers the email came through.
- DNS Names of all servers the email came through.
- Email Addresses of the email and the envelope senders
- Email Addresses within the email body
- URLs within the email body including those found in the email text, images, styles, scripts
- Attachments
- Email body and subject
Where can I find the Threat Analysis results?
- Click Phish Focus from your Phriendly Phishing Dashboard
- Go to Inbox, Threat Analysis
- Below are the threat scores, its colour varies based off the value:
What are the required actions based on the Threat Analysis results?
Threat Score | Threat Label | Colour | Action Required |
0 | No threat | blue | It does not pose as an immediate threat, although vigilance is still required. |
50 | Undetermined | orange |
This requires attention and an action to mitigate potential threats. Please be cautious of suspicious emails or links. |
100 | Threat detected | red |
Threat is detected and demands immediate action.
|
Where can I find the message details of the Threat Analysis results?
- In the Inbox, click on an email.
- Once clicked, it then takes you to the Message Details
- Click on Analysis Summary and Scan Results. Refer to below screenshots, on what the message details look like dependent on the Threat label.
-
- THREAT DETECTED
-
- UNDETERMINED
-
- NO THREAT
Any other assistance needed, please reach out to support@phriendlyphishing.com.
Comments
0 comments
Please sign in to leave a comment.