cyber security

PhishAlarm and PhishAlarm Analyzer: Features and Benefits

Phishing Email Reporting and Analysis > PhishAlarm and PhishAlarm Analyzer: Key Features and Benefits

PhishAlarm Key Features and Benefits

Simplified Reporting

PhishAlarm simplifies the process users follow to report phishing and other suspicious messages to abuse boxes. Users do not need to know how to capture header information or other technical details; they simply click to report.

Reduced Helpdesk Calls

PhishAlarm reduces or eliminates IT helpdesk calls by allowing employees to route suspicious emails directly to a monitored inbox.

Faster Response Times

PhishAlarm makes it easier for employees to report suspicious messages, allowing them to alert IT teams in a quick, efficient manner. This helps to shorten the phishing delivery-recognition-response window for information security analysts. 

Multiple Integrations

PhishAlarm integrates with: 

  • Microsoft Outlook for Windows (2010, 2013, 2016) 

  • Microsoft Outlook 2016 for Mac 

  • Browser-based Office 365 

  • Browser-based Gmail available as a G Suite Marketplace app 

  • Outlook Web Access (OWA) for iPhone/iPad and Android 

  • Outlook Mobile for iOS and Android

Customisable Notifications

PhishAlarm supports multiple end-user notifications, all of which are completely customisable: 

  • Challenge/prompt message – This appears when the reporting button is clicked, giving users the option to change their mind about reporting a message. 

  • Phish notification – Users receive this message (via a pop-up window or email) when reporting a potential phish or a simulated attack. The standard text thanks users for taking the action and asks them to remain vigilant to suspicious messages in the future. 

  • Whitelist notification – This message (received via a pop-up window or email) notifies users that an email they reported was actually a safe message from an address/domain that was whitelisted by your organisation. 

  • Training notification – This response (displayed in a pop-up window or sent via email) alerts users that they reported a safe message that included a training assignment. 

Multinational Support

PhishAlarm notifications are available in 35 languages to support the needs of multinational organisations.

Flexible Configuration Options

PhishAlarm offers a number of configuration options for administrators that make the tool more flexible and efficient for individual organisations. Key administrative features include the following: 

Whitelist Email – This patent-pending feature allows administrators to filter based on domain, subject, and/or email headers. This reduces the number of emails that require evaluation, allowing infosec response teams to cut through the clutter and focus on actual potential threats. 

Customisation of the PhishAlarm button – Administrators can choose from multiple button layouts and customise various labels in order to create a look and feel that support their corporate brand. 

Tailored system and forwarding actions – Administrators will have the option to tailor system actions (e.g., deleting or moving to Junk folder) and reporting actions (e.g., forwarding to specific inboxes) based on the following notification settings: 

  • Reported a simulated phishing attack 

  • Reported a potential phish 

  • Reported a potential phish with an attachment 

  • Reported a whitelisted email 

  • Reported a training assignment 

Business Intelligence

PhishAlarm features powerful reporting that allows you to easily access and share valuable business intelligence, including the following information: 

  • The users who reported emails 

  • The types of emails reported (potential phish vs. simulated attacks) 

  • The number and types of reported threats identified over time (hours, day, weeks, months, quarters) 

  • This type of data can help you gauge how successful your security awareness training program has been, and how well users are retaining the best practices they are being taught. 

PhishAlarm Analyzer Key Features and Benefits

Identification of Advanced Threats

PhishAlarm Analyzer delivers highly responsive identification of phishing attacks in real time (i.e., zero-hour attacks). Emails reported via PhishAlarm are accessed, analysed, and categorised, and they are immediately available to your response teams. 

Intelligent Prioritisation

The three email prioritisation categories used by PhishAlarm Analyzer are: Likely a Phish, Suspicious, and Unlikely a Phish. Administrators have the ability to configure the sensitivity thresholds for each of these categories (on a scale of 0 to 30). This flexibility allows administrators to minimise the number of false positives and false negatives registered for their organisation.

Machine Learning Functionality

PhishAlarm Analyzer constantly evolves and adapts to new email threat patterns. Thousands of real attacks from the wild are scanned each week and used to learn about and guard against increasingly sophisticated techniques, including spear phishing attacks.

Delivery of Actionable Information

Each prioritised message contains a report that includes links to leading security intelligence sources. Security analysts can quickly and easily dig deeper into the threat(s) associated with the reported email. This is a great timesaver for security professionals who are facing an ever-increasing workload.

Consolidation of Email Notifications

When similar email messages are reported through PhishAlarm, the resulting PhishAlarm Analyzer notifications can be grouped to eliminate redundancies, reduce clutter, and improve productivity. Threshold alerts can let response teams know when the number of similar notifications has reached a level that could indicate an emerging threat or organisation-wide attack. In addition, once that threshold has been passed, PhishAlarm Analyzer will automatically escalate the classification of similar reported emails to “Likely a Phish” because this could be an indication that an organisation is under attack.

Targeted Routing of Reports

You can choose up to 25 recipients (including bulk inboxes) for each reported email category. In addition, reported emails can be routed to specific inboxes based on classification. This allows administrators to eliminate the likelihood of threats falling through the cracks and enables remediation efforts to be assigned based on severity level.

Easy-to-Use Interface

Our intuitive graphical user interface makes it easy to set up and activate your account. Highly customisable settings can be monitored and adjusted using our web-based PhishAlarm Analyzer management console.

Valuable Business Intelligence

PhishAlarm Analyzer reports include aggregated data on reported emails and their categories, as well as more in-depth data about the users who reported the emails. Administrators can see at a glance how incoming emails are classified and the changes compared to the prior month.