Description
Every time a user submits a phishing report, you can configure Avanan to re-evaluate the email, using updated reputation, updated security engines and with the report as an additional indicator for the AI. The result is a re-evaluated verdict - clean, phishing or inconclusive.
Requirements
Admin access to the Avanan Portal.
The Process
- Go to Security Settings > User Interaction > Phishing Reports > Reviewing phishing reports.
Select Automatic, and customise the Workfow and Notifications to align with your company and client's needs:
The Remediation:
Administrators can perform one of these actions on phishing reports:
- Decline - The report will be declined as the reported email does not seem to be malicious. The email remains in the user's mailbox.
- Quarantine - The report will be approved and the email will be sent to quarantine.
- Block-list/Allow-list rule - The administrator will choose to create an exception
Notes:
- If the user action occurs beyond the data retention period, the system will exclude the emails and will not trigger any workflows.
- For example, if a user reports an email as phishing after the data retention period, Avanan will not process the email or trigger the workflow.
- If a user reports an email sent to multiple recipients as phishing, the Email Profile section will show the reported phishing status only for the specific copy of the email reported by the user.