How Does PhishAlarm Fit Into my Security Awareness and Training Program?
PhishAlarm® is an email client add-in that allows your users to alert security and incident response teams to suspected phishing emails with a single mouse click. This is a valuable addition to security awareness and training programs as early reporting of suspicious emails can dramatically reduce the duration and impact of an active phishing attack.
A free component of our ThreatSim® Phishing Simulations, PhishAlarm allows users to draw on their knowledge to stop social engineers and hackers in their tracks. As a behavior reinforcement tool, PhishAlarm allows organizations to capitalize on improved awareness and understanding of phishing issues. Users are able to actively apply best practices in defense of their data and systems, which is a benefit of our Continuous Training Methodology.Learn More
Key Features and Benefits
PhishAlarm simplifies the process of reporting email-based phish to abuse boxes and security teams and shortens the phishing delivery-recognition-response window for information security analysts.
PhishAlarm extends phishing prevention to the desktop and provides one-click reporting for every end user.
PhishAlarm provides positive reinforcement by immediately thanking end users (via a pop-up message or email) for reporting suspicious emails and encouraging them to continue those actions in the future.
PhishAlarm reduces or eliminates IT helpdesk calls by allowing employees to route suspicious emails directly to a monitored inbox.
PhishAlarm integrates with Microsoft Outlook for Windows (2007, 2010, 2013, 2016), Microsoft Outlook 2016 for Mac, and browser-based Office 365 and Gmail email clients. It also integrates with the Outlook Web Access (OWA) for iPhone and iPad mobile applications. Will integrate with OWA for Android following Microsoft's General Availability date for that application.
PhishAlarm Analyzer: Email Prioritization for Faster Remediation
PhishAlarm Analyzer (a companion to PhishAlarm) is an email analysis tool that employs machine learning techniques to provide a real-time ranking of suspicious emails in order of threat potential, allowing your security team to focus their time and attention on the most imminent and dangerous threats to your network.
While other layered email analysis tools rank messages based on the users' level of "trustworthiness" and "accuracy," PhishAlarm Analyzer ranks the emails themselves and takes into account knowledge of known threat vectors obtained from established databases and technical resources.
PhishAlarm Analyzer examines the attributes of reported emails and classifies them using standard security indicators of compromise (IOCs) — including WHOIS queries and responses, and scans of IP and DNS blacklists — as well as analysis of the email content itself. Emails are prioritized based on their likelihood of being an actual phishing attack, and an HTML report with the sources of the IOCs is then delivered to designated security and/or incident response teams.
Key Features and Benefits
PhishAlarm Analyzer delivers highly responsive identification of phishing attacks in real time (i.e., zero-hour attacks). Emails reported via PhishAlarm are accessed, analyzed, and categorized, and they are immediately available to your response teams.
The three email prioritization categories used by PhishAlarm Analyzer are: Likely a Phish, Suspicious, and Unlikely a Phish. Because of the reliability of the data used to determine the rankings, PhishAlarm Analyzer registers a low number of false positives.
PhishAlarm Analyzer constantly evolves and adapts to new email threat patterns. Thousands of real attacks from the wild are scanned each week and used to learn about and guard against increasingly sophisticated techniques, including spear phishing attacks.
Each prioritized message contains a report that includes links to leading security intelligence sources. Security analysts can quickly and easily dig deeper into the threat(s) associated with the reported email. This is a great timesaver for security professionals who are facing an ever-increasing workload.
When similar email messages are reported through PhishAlarm, the resulting PhishAlarm Analyzer notifications can be grouped to eliminate redundancies, reduce clutter, and improve productivity. Threshold alerts can let response teams know when the number of similar notifications has reached a level that could indicate an emerging threat or organization-wide attack.
You can choose up to 25 recipients (including bulk inboxes) for each reported email category. This allows administrators to eliminate the likelihood of threats falling through the cracks and enables remediation efforts to be assigned based on severity level.
Activation and configuration wizards guide you through the setup process, and all settings can be monitored and adjusted using our web-based PhishAlarm Analyzer management console.