How to enable reporting of phishing emails in Phishing Readiness

book

Article ID: 179211

calendar_today

Updated On:

Products

Email Security.cloud Phishing Readiness Email Threat Detection and Response

Issue/Introduction

 

Resolution

If your organization supports the practice of reporting suspicious emails to the Help Desk or Security Team, we can leverage that process to create a full feedback loop for your Assessments.

 

Most organizations use an email Distribution List as a central reporting location for the Help Desk and/or Security team. To enable automated integration of reported phishing emails, simply add the following email address to any existing Distribution Lists that employees have been instructed to report suspicious emails to.

[email protected]

Any phishing assessment emails forwarded to this alias will be logged with an event generated in the "Reported" column of the Assessment Result Details. Any emails forwarded to this alias that did not come from a Symantec Phishing Assessment will be ignored and discarded.

Note that you probably do not want to forward ALL mail that your organization receives to this distribution list. To only forward phishing assessment emails, configure the forwarding rules to forward messages that match this text string:

symantec-phishing-assessment-tag

This tag is contained in all phishing assessment emails sent by the Symantec Phishing Readiness platform. Depending on mail delivery times, it may take 5-10 minutes for Reported events to appear the Assessment Results.

Attachments