Email Protection - Warning banners
Avanan provides a variety of automated actions that the security administrator can choose from - such as quarantine malicious emails.
For suspected (low confidence) email detections, the administrator can choose to allow the email to be delivered to the inbox. In such cases, Avanan allows to embed a warning banner in the email explaining the nature and potential risk to the end-users.
Note - Warning banners are available only in Protect (Inline) and Detect and Prevent modes.
Types of warning banners
Warning banners are generated based on these detection attributes:
Suspected phishing: This email contains elements that may indicate "Phishing" intent - aimed at tricking you to disclose private/financial information or even your credentials.
Suspected phishing - potentially trusted sender: This mail is suspected to be a phishing e-mail. Are you sure you trust the sender (<sender>)?
First time sender: We do not know this sender, do you trust <sender>?
Non-authentic internal email: The email is sent from the organization's domain (<domain>), but suspected as non-authentic.
Potential Impersonation: The sender <sender> seems to be using a different email address than in the previous correspondence (<previous email>), this often indicates an impersonation attempt.
Encrypted Attachments: Be careful when opening this email. It is carrying an encrypted attachment - often used for evading virus scans. Make sure you trust this email before opening the attachment.
- Password Protected Attachments: The email contains an attachment which is protected with a password. The user must provide password for the engine to scan the attachment for malicious content.
Configuring warning banner
To configure warning banners:
- Go to Policy.
- Open Threat Detection policy for the required SaaS.
- Select the workflow for which the banner has to be configured.
- To customize the banner (text, background color etc.), click the gear icon next to the workflow.
- Click Save and Apply.
Warning banner samples
- Warning banner for emails received from a first time sender.
- Warning banner for suspected phishing - potentially trusted sender.
- Warning banner for suspected phishing emails.
- Warning banner for potential impersonation.
- Warning banner for non-authentic internal emails.
- Warning banner for emails having encrypted attachments.
- Warning banner for emails having password protected attachments.