Chantilly, Virginia-based PhishMe, a company that teaches security awareness to help users identify “Phishing” or targeted attacks, today launched a new Outlook Add-in that lets users easily report suspected phishing emails with a single click.
Generically named “Phish Reporter”, the tool is designed to help and improve threat detection and response. The new tool automatically discerns emails reported from PhishMe campaigns and emails reported from unknown sources, to help make sure that only potentially malicious emails are sent to security teams for further review.
“Phish Reporter collects reports of emails sent from PhishMe, noting which users reported them and sending the user acknowledgment of the successful report, thus completing the feedback loop and further enhancing employee capabilities,” the company explained. “This information is tracked and integrated into PhishMe’s comprehensive reporting metrics. Reports of unknown emails are forwarded to a designated location where they can be analyzed by an organization’s internal security team.”
“With the new Phish Reporter button, organizations can effectively turn their employees into spear-phishing sensors,” said Rohyt Belani, CEO and co-founder of PhishMe. “Many of our customers have successfully created an awareness culture in which employees can identify spear-phishing emails, but they lacked a fast, effective way to report these emails to the appropriate department within the organization. Phish Reporter will help fill this void.”
According to the company, Phish Reporter will help organizations:
• Retrieve time-stamped entries of reported phishing emails
• Create in-depth incident reports showing reported phishing emails over an extended period of time
• Provide a process to filter between phishing emails from PhishMe and real phishing emails
• Gather specific information about potential attackers in a timely manner, thus reducing incident detection times and the cost of incident response.
“PhishMe has established a unique methodology for scoring a user’s ability to identify phishing attempts,” said Aaron Higbee, CTO and co-founder of PhishMe. “With each employee being a potential sensor, they can now become proactive contributors to the threat detection process and security teams can prioritize their analysis based a user’s scoring history.”
PhishMe is best known for its “spear phishing simulator” that places employees in real-world “spear phishing experiences” and presents them with appropriate training if they are found to be susceptible.
