Combined Phish Alert Button with Report Message to Microsoft
回答済み
The Phish Alert button is great for reporting messages to our helpdesk, and for notifying users when they report a phish test email. It does nothing for actually improving our mail filters to prevent such messages from getting through in the future though. Microsoft offers a Report Message function which submits suspicious messages to them for the purpose of improving the Office 365/Exchange Online Protection filters, but that doesn't check to see if the message is a phish test and notify the users that they caught one.
I can't tell users to submit messages using Microsoft's button if they think it's just spam, but PAB if they think it's phishing. Is there any other way to get the functionality of PAB while also submitting the message to Microsoft for review?
-
正式なコメント
Hello Steve,
Thank you for posting to the community board. I see your point about wanting the PAB to integrate with Microsoft for the purposes of improving mail filters and streamlining the product for your users. We don't currently have that functionality in place so I’ve submitted a feature request to our development team to see if that is something we can implement.
I’ll be following the request so if I get any update from development I’ll follow up on this post! Thank you for your contribution, our Dev team takes these requests seriously and is very interested in implementing enhancements for our users!
コメントアクション -
Hey Alex,
You got it-- I've included your name and details in the feature request for our team to review. I think it will be quite an interesting request due to any possible limitations (as you said). But it is very much worth requesting and discussing as we see more and more of our community give their insights on this request. :)
Please let us know if you have any further feedback or suggestions. We'll always be happy to help.
Cheers,
Kaiser
KnowBe4
-
We are currently evaluating the button options we have available (Microsoft/Office 365, Proofpoint, and KnowBe4's PAB) and we are finding it difficult to evaluate whether the other buttons are able to send to KnowBe4 so we can have that reporting. Just to confirm, we currently cannot set up a third-party report button to send copies of phishing emails to phishalert@kb4.io (or another KB4 email) so that we can use the functionality of the other button in addition to retaining the reporting we get from KnowBe4?
-
Hi Jennifer,
Thanks for participating in this! That's correct. At this time the reporting is specific to the Phish Alert Button. The forwards that occur with the PAB occur within the code specific to the PAB and it's APIs. However, I will gladly put in a request to add additional APIs (seen here) so that it may be possible to integrate the PAB with other reporting tools, outside of the KnowBe4 console, in addition to the original request's details. :)
Thanks for reaching out and checking in on this! If you have more questions or concerns feel free to reach back out. We can always create a ticket on your behalf and get them addressed.
Cheers,
Kaiser
KnowBe4
-
+1 and following. We are currently using the Phish Alert button by KnowBe4, however, we will be moving away from it given the new features in O365 and the benefits the O365 button brings in being able to auto-respond to phishing mail and manage investigations. I love how much the button helps us with our KnowBe4 campaign reporting but active incidents take priority. I am looking forward to a solution that will communicate with both products.
-
Hi Michael,
I'm glad you brought that item up. Now due to the nature of what we do, Knowbe4's phishing and landing domains do end up on blacklists. We have a system internally to identify anytime our domains end up on blacklists and a removal process to minimize the amount of time that the domains are on that list!
-
I would love to see this as a feature! But, I think that I found a temporary workaround.
Microsoft takes manually submitted emails by the email of phish@office365.microsoft.com. If you go into your Account settings in KnowBe4, you can set an email for all non-campaign reported emails to be sent to a email (Account Settings > Phish Alert > "Forward non-simulated phishing emails to:"). When using this setting, it attaches it as a .eml, as requested by Microsoft, and sends a copy of the phishing email as the user who submitted the email (allowing Microsoft to trace it back to your domain). This will allow both KnowBe4 and Microsoft to be able to work together.
This is not a perfect solution, but I believe this is a viable workaround until we get an answer from the dev team.
-
I work in the financial industry and do not to allow employees to report phishing emails to outside companies (here, Microsoft). It doesn't happen often but I've seen employees report phishing but it's a legitimate email with a person's PII in it. I don't want to give that info to Microsoft engineers.
-
I would like to this integration also! We have been using Office 365 ATP and have now brought KnowBe4 onboard with training. I have already added the email forwarding for the work around but as previously stated a full integration into ATP would be great for improving real threats and not creating issues with the simulations.
サインインしてコメントを残してください。
コメント
149件のコメント