Learn how to categorize, remove, or export the list of phish alerts reported with the Report a Phish button.
Company Owners & Members can manage the list of reported phishing using the Report a Phish in Outlook or the alternative of forwarding emails to suspect@report.symbolsecurity.com.
They would be able to do actions like changing categories, deleting alerts, and exporting all the reported phishing alerts.
Categorizing Reported Phishing
From the reported phishing list, each alert has a category that allows admins to easily differentiate real phish alerts from simulation emails or transactional emails reported, some of those categories are:
-
Malicious: The most severe designation for a suspect phishing email.
-
Spam: Spam emails that could be suspect.
-
Simulation: A Symbol phishing email sent during a campaign.
-
System: Transactional emails like reset passwords, training assignments, reminders, etc…
-
Normal: An email that is not a Symbol phishing email or a suspected phishing.
-
Uncategorized: Default category for non-categorized alerts.
Normal, Malicious, and Spam categories can be changed every time, but Simulation and System cannot be updated by the admins given it is being automatically designated by the app.
The action of updating categories will affect the Users Cyber Risk and Corporate Cyber Risk. So it means that users' score will be impacted with negative and positive points with the following formula:
- -2 For each Report a Phish that Admin marks as 'Normal'.
- 0 For each Report a Phish that Admin marks as 'Spam'.
- +5 For each Report a Phish that Admin marks as 'Malicious'.
Apart from categorizing reported phishing emails, admins can also do other actions like:
- Remove reported phishing alerts individually.
- Remove reported phishing alerts in bulk.
- Export selected reported phishing alerts.
- Change reported phishing alert categories in bulk.
- Export All reported phishing alerts.
Reported phishing alerts will be registered on the app with the "Uncategorized" tag as default, except for the Simulation and System categories which are automatically identified by the app.
Categorizing reported phishing alerts
There are 2 ways to update Phish alert categories:
- Individually
Admins can update the category of a reported phishing alert by navigating to the Threats > Reported Phishing from the left sidebar of the company portal clicking on the "3 dots" icon next to each alert, then hovering the option "Change Category" and selecting the one they want to change. If the admin is on the details of a reported phishing alert, they can also change the category from that view by following the same steps of changing the category from the list. - In Bulk
Admins can update categories in bulk by navigating to the reported phishing alert list and using the checkboxes next to each alert to select the ones that want to be updated, then choose the option "Change Category" inside the "Actions" dropdown at the right side of the screen.
Note: Keep in mind that reported phishing alerts with the categories Simulation and Internal cannot be modified by admins.
Removing reported phishing alerts
Only admins with roles: Owner and Member can do the action of removing alerts from the app. They can do it individually by navigating to the reported phishing alerts list and clicking from the "3 dots" icon on the option "Delete". Or remove multiple alerts by using the checkboxes next to each alert and choosing the option "Delete" inside the Actions dropdown located at the right side of the screen.
Exporting reported phishing alerts
Admins with role Member and Owner have the option to export both all and multiple reported phishing alerts from the app by clicking on the button "Export" at the top-right side of the screen or by selecting multiple alerts using the checkboxes next to each alert and choosing the option "Export" inside the Actions dropdown located at the right side of the screen.
If you have any questions about reported phishing alerts let us know at support@symbolsecurity.com and we can help you.