Keepnet Labs Phishing Reporter enables your employees to report a suspicious email a simple click,thus your SOC team or IT leaders will instantly aware of phishing activity and can start to an incident investigation.

1- Why Phishing Reporter?

Awareness training programs are not enough to prevent your users clicking on suspicious links and early detection is vital for blocking a phishing email. Also, many busineses today are in need of an efficient process or tool for reporting, detecting, analyising and responding  the  suspicious emails that may cause a serious cyber attack. Keepnet Phishing Reporter presents simple, cost-effective tool to create an early phishing detection mechnasim executed  by ordinary employees proactively. End-users engage in a serious role to protect their own organization against cyber attacks.

Phishing Reporter provides immediate feedback once a suspicious email is reported successfully or your SOC team or IT leaders will always be informed via suspicious notifications by your end-users.

2- What is Phishing Reporter?

It is a phishing reporter button on Microsoft Outlook’s menu bar that allows the user to turn it into action when they receive a suspicious mail. This provides SOC teams the ability to detect attacks early, mitigate impact, and block user-based attacks against malicious e-mail.

3- Direct benefit to email user

• Employees report aggressive attacks with a single click.
• Early “Phishing” warnings are taken from users and a “sensor” network is created.
• The user is notified of this correct action when the user clicks the “Report Phishing” (1) button in a simulated Phishing security test.
• It allows the user to send a suspicious e-mail to analysis services and get a risk score.
• Institution’s security culture strengthens.
• Employees receive immediate feedback that enhances their training.

4- Benefits to the security operation center (SOC)

• Unwanted e-mails can be deleted from the user’s e-mail box with information received from the command center.
• It reports which e-mail message is in an e-mail box of users.
• If the existing security measures are inadequate for analysis, detection and prevention, it gives the occasion to benefit from Keepnet’s phishing analysis service.
• It provides more effective security measures with integration with third party systems (siem, firewall etc.)

5- Using Keepnet’s Phishing Reporter Add-in

Once you have logged in to the Keepnet Labs management interface, the Outlook Add-in menu helps you to prepare custom plugins.

Suspicious email reporter

6- Installation Documents for Administrators

It is very easy to spread the Keepnet plug-in with the central installation tools in corporate networks.

To run phishing reporter add-in, make sure you have all pre-requisites of Visual Studio 2010 Tools for Office Runtime.

For installation instructions and sample installation videos, you can follow this address, https://www.keepnetlabs.com/keepnet-labs-outlook-add-setup/

7- Sample Use

1. The user clicks on the “Phishing Reporting” button to report the suspicious e-mail, and asks if he wishes to delete the original e-mail
   
   Picture 2. Sample Use of the Phishing Reporter2. The user is informed of this conscious behavior.

Picture 3. Keepnet Labs Phishing Reporter Outlook Plugin ^[1] 

It is a way of proactively involving users to protect institution’s security, where suspicious e-mails are reported by employees. In this way, a culture of awareness constantly evolves against phishing attacks. This service also provides an easy way for end users to report to their IT department and statistical follow up.

Editors note: This post is updated on 16 March 2020