Suspicious email reporter and analysis toolOrhan Sari
Does your employees aware what to do when they get a suspicious email? Are they heading to the helpdesk or IT specialist? Or do they directly delete this email? Keepnet Labs Outlook Add-in ( Keepnet labs phishing reporter) provides an easy and reliable solution to this situation.
How do SOC (1) teams remove successful phishing attacks from the email boxes or reduce the risk? How can you prevent people from being victimized by ransomware that is in standing in users’ email? phishing outlook add-in
Here is a gift that will enable you to do all these actions with one click. With Keepnet Labs phishing reporter, users can notify suspicious e-mails immediately and directly to the system administrator, SOC or CSIRT (2) team! With Keepnet Labs Phishing reporter plugin, phishing e-mails are quickly reported. It should not be forgotten that if the suspicious e-mail is not deleted and reported, a possible early warning indicator will be discarded.
 SOC is the centre of information security operation created with people, processes and technologies that are in situ awareness to detect, limit and improve IT threats. The SOC manages information security events and identifies and analyzes them correctly. The SOC monitors applications for the purpose of identifying a possible cyber attack and determines whether it is a real, malicious threat. http://bit.ly/2qsaIkC
 A CSIRT is a concrete organizational entity (consisting of one or more people) that is responsible for providing a portion of event management capability for a particular organization. When a CSIRT is found in an institution, it is often the key to coordinating and supporting the event response. By definition, a CSIRT is involved in the fight against minimum incidents
[Killcrece 2002]. It is also obliged to analyze the events observed by the end users or proactive network and system monitoring and to solve the problems arising therefrom. The CSIRT carries out the following important tasks:
- To determine the effect, scope and nature of the event,
- To understand the technical cause of the event,
- To identify other incidents or potential threats arising from events,
- Investigate and recommend solutions and workarounds,
- To support the implementation of the coordination and support strategy with other departments in the institution,
- To disseminate information about current risks, threats, strategies against attack through warnings, recommendations, Web pages and other technical publications,
- Coordinate and collaborate with external parties such as suppliers, ISSs, other security groups. http://bit.ly/2qi7CmM Today, in many institutions, SOC and CSIRT are undertaking the same task.
What is Keepnet Labs Phishing Reporter Plugin?
It is a button on Microsoft Outlook’s menu bar that allows the user to turn it into action when they receive a suspicious mail. This provides SOC teams with the ability to detect attacks early, mitigate the impact, and block user-based attacks against malicious e-mail.
Benefits of Keepnet Labs Phishing Reporter Plugins
Direct benefit to email user;
- Employees report aggressive attacks with a single click.
- Early “Phishing” warnings are taken from users and a “sensor” network is created.
- The user is notified of this correct action when the user clicks the “Report Phishing” (3) button in a simulated Phishing security test.
- It allows the user to send a suspicious e-mail to analysis services and get a risk score.
- Institution’s security culture strengthens.
- Employees receive immediate feedback that enhances their training.
Benefits to the security operation centre (SOC)
- Unwanted e-mails can be deleted from the user’s e-mail box with information received from the command centre.
- It reports which e-mail message is in an e-mail box of users.
- If the existing security measures are inadequate for analysis, detection and prevention, it gives the occasion to benefit from Keepnet Labs analysis service.
- It provides more effective security measures with integration with third-party systems (siem, firewall etc.)
 It is a way of proactively involving users to protect an institution’s security, where suspicious e-mails are reported by employees. In this way, a culture of awareness constantly evolves against phishing attacks. This service also provides an easy way for end users to report to their IT department and statistical follow-up. phishing outlook add-in
Easy Reporting Option
It ensures the notifications to be transferred to different platforms and reporting the possibility
- It can convert to automatic call in help desk
- It can register for a central register server
- It may make a positive note to the user due to his/her conscious behaviour in the Keepnet Labs Security Awareness Platform,
Using The Phishing Reporter Plug-in
Once you have logged in to the Keepnet Labs management interface, the Outlook Add-in menu helps you prepare custom plugins.
Installation Documents for Administrators
It is very easy to spread the Keepnet Labs. plug-in with the central installation tools in corporate networks.
For installation instructions and sample installation videos, you can follow the phishing reporter link.
Sample Use phishing outlook add-in
1. The user clicks on the “Phishing Reporting” button to report the suspicious e-mail and asks if he wishes to delete the original e-mail. phishing outlook add-in
2. The user is informed of this conscious behaviour. phishing outlook add-in