Symbol provides two options for organizations to leverage Symbol tools to report potential malicious/suspicious emails. The first is by using our Outlook Phish Alert Button where users can report suspicious emails to Symbol and can be notified within the Outlook browser of successful identification of Symbol simulated phishing emails. Data from these actions is contained within the Symbol application, and suspicious emails from user identified Phish Alert Button can be routed to up to 4 different email destinations like a SecOps mailbox.
If your organization does not want to utilize the Outlook Phish Alert Button, or uses a different email platform like Gmail, you can still tie into the Symbol Phish Alert workflow by taking the following actions below. Please note that unlike the Outlook Phish Alert Button where users will receive 'in-browser' acknowledgement of successful simulated phishing email identification, this workflow will contain those successes only within the Symbol application.
In order to take advantage of this workflow, organizations will need to direct their users to forward real or simulation phishing emails to the following email address (note: if a reporting workflow already exists via email, add this email address to the existing workflow as a secondary destination):
After forwarding the suspicious email to the email address above, the application will review the email headers and check if it's a phishing simulation email sent by Symbol or if it's a real phish. Remember that users get points per each email reported (you can review how Users Gamification works as well).
Admins will be able to see the list of all suspicious emails reported by navigating to the left sidebar of the Symbol app and clicking on the option Reports > Phish Alerts. Here you will be able to see details like:
- Date/Time Stamp
- Reporter (Person who forwarded the email)
- Email Subject
- Report Type (If it's a real phish, simulation phish or a Symbol notification email).
- Email Provider
- Original Sender Name
- Email Content
If you need assistance integrating our Phish Alert workflow into your current reporting functionality, contact us at firstname.lastname@example.org and we can help you.
S Symbol is the author of this solution article.