Aaron Jentzen | January 31, 2019

3 Benefits of Streamlined Email Reporting and Analysis

Proofpoint_Blog_ReportingPhish_Jan2019

Any time an end user recognizes a suspicious email and decides to not click on a link or download an attachment, it’s a victory for infosec teams, and attack avoidance is the most obvious goal of anti-phishing training. But it’s not enough for users to avoid clicking on a phish, as several presenters observed at the 2018 Wombat Wisdom Conferencethey should also be empowered to report suspicious messages.

Users and infosec teams both stand to benefit from tools that streamline email reporting and analysis. For example, our PhishAlarm® email reporting button gives users a quick, simple way to forward suspicious messages to designated inboxes (with headers intact). It can also be combined with companion tools like PhishAlarm® Analyzer that help infosec teams respond more quickly and effectively to these potential attacks. (PhishAlarm and PhishAlarm Analyzer are optional free add-ons for our ThreatSim® Phishing Simulations product.)

Avoiding Clicks and Reporting Phish Go Hand in Hand

Effective security awareness training can dramatically decrease click rates on simulated phishing emails, which indicates end users are becoming more skillful at identifying and avoiding phishing emails. In conjunction with teaching avoidance, users should be taught to report any message that seems suspicious.

As part of our 2019 State of the Phish Report, we analyzed tens of millions of simulated phishing emails sent to our customers’ end users over a one-year span. Across all phishing campaigns and all industries, we observed an average failure rate of 9% — the same as in the previous year’s report. But one area where we saw a major change was in suspicious email reporting, with nearly 5.5 million reported by users during our measurement period — a 180% year-over-year increase.

 

Proofpoint_phishing_emails_reported_2019_SOTP

Source: 2019 State of the Phish Report

This drastic increase reflects several factors: the wider adoption of our PhishAlarm reporting button and PhishAlarm Analyzer prioritization; our customers’ increased emphasis on reporting; and end users’ heightened phishing awareness (and application of lessons learned).

 

color_bar.png

3 Benefits of Streamlined Email Reporting and Analysis for Users and Infosec Teams

1. Keeping Users Engaged and Alert

When users are aware of their important role in security and can easily report suspected phishing, it lets them put anti-phishing training into practice and keeps their skills fresh. PhishAlarm allows you to acknowledge the value of these actions via a thank-you email or pop-up message, which is a great way to build user confidence and offer positive reinforcement.

2. Measuring the Effectiveness of Security Awareness Training

An increase in email reporting indicates that users are being more diligent about the email they receive, and more thoughtful about the actions they’re taking. With PhishAlarm, you can easily track reporting metrics, which gives you an additional way to measure effectiveness and demonstrate ROI.

3. Reducing the Window of Active Phishing Attacks

While many other providers only offer simple reporting buttons, we go beyond by delivering valuable threat intelligence that helps infosec teams focus on the emails that are most likely to be phish. A time-saving tool, PhishAlarm Analyzer automatically prioritizes reported emails, filtering out whitelisted email addresses, system notifications, and simulated phishing attacks.

PhishAlarm and PhishAlarm Analyzer are also core components of our integrated Closed-Loop Email Analysis and Response (CLEAR) solution. CLEAR further streamlines reporting and remediation, reducing the time needed to neutralize an active threat from days to minutes. Once reported messages are analyzed against multiple intelligence and reputation systems, malicious emails can be deleted or quarantined with a single click.

Subscribe to Our Blog

2018 State of the Phish Report  Protect your organization from phishing attacks. Download Now
2018 Beyond the Phish Report  Protect your organization from threats including and beyond phishing. Download Now