Keepnet Labs Phishing Reporter
Keepnet Labs Phishing Reporter enables your employees to report a suspicious email a simple click,thus your SOC team or IT leaders will instantly aware of phishing activity and can start to an incident investigation.
1- Why Phishing Reporter?
Awareness training programs are not enough to prevent your users clicking on suspicious links and early detection is vital for blocking a phishing email. Also, many busineses today are in need of an efficient process or tool for reporting, detecting, analyising and responding the suspicious emails that may cause a serious cyber attack. Keepnet Phishing Reporter presents simple, cost-effective tool to create an early phishing detection mechnasim executed by ordinary employees proactively. End-users engage in a serious role to protect their own organization against cyber attacks.
Phishing Reporter provides immediate feedback once a suspicious email is reported successfully or your SOC team or IT leaders will always be informed via suspicious notifications by your end-users.
2- What is Phishing Reporter?
It is a phishing reporter button on Microsoft Outlook’s menu bar that allows the user to turn it into action when they receive a suspicious mail. This provides SOC teams the ability to detect attacks early, mitigate impact, and block user-based attacks against malicious e-mail.
3- Direct benefit to email user
- Employees report aggressive attacks with a single click.
- Early “Phishing” warnings are taken from users and a “sensor” network is created.
- The user is notified of this correct action when the user clicks the “Report Phishing” (1) button in a simulated Phishing security test.
- It allows the user to send a suspicious e-mail to analysis services and get a risk score.
- Institution’s security culture strengthens.
- Employees receive immediate feedback that enhances their training.
4- Benefits to the security operation center (SOC)
- Unwanted e-mails can be deleted from the user’s e-mail box with information received from the command center.
- It reports which e-mail message is in an e-mail box of users.
- If the existing security measures are inadequate for analysis, detection and prevention, it gives the occasion to benefit from Keepnet’s phishing analysis service.
- It provides more effective security measures with integration with third party systems (siem, firewall etc.)
5- Using Keepnet’s Phishing Reporter Add-in
Once you have logged in to the Keepnet Labs management interface, the Outlook Add-in menu helps you to prepare custom plugins.
Suspicious email reporter
6- Installation Documents for Administrators
It is very easy to spread the Keepnet plug-in with the central installation tools in corporate networks.
To run phishing reporter add-in, make sure you have all pre-requisites of Visual Studio 2010 Tools for Office Runtime.
For installation instructions and sample installation videos, you can follow this address, https://www.keepnetlabs.com/keepnet-labs-outlook-add-setup/
7- Sample Use
- The user clicks on the “Phishing Reporting” button to report the suspicious e-mail, and asks if he wishes to delete the original e-mail
Picture 2. Sample Use of the Phishing Reporter2. The user is informed of this conscious behavior.
Picture 3. Keepnet Labs Phishing Reporter Outlook Plugin [1]
It is a way of proactively involving users to protect institution’s security, where suspicious e-mails are reported by employees. In this way, a culture of awareness constantly evolves against phishing attacks. This service also provides an easy way for end users to report to their IT department and statistical follow up.
Editors note: This post is updated on 16 March 2020