Phishing and spam are not only vectors for security breaches, but can take up a lot of staff time to sort through and avoid. Using a third party filter like IronScales, can help use analytics to determine where to best focus your time and efforts on cybersecurity awareness and prevention.
In addition to the overall assessment and analysis, admins are responsible for reviewing the email reports from staff for anything they suspect may be phishing or spam. We’ve laid out the steps for this review process in this easy guide.
The IronScales Home Dashboard
The first thing you will need to do is access the IronScales admin portal. Go to https://members.ironscales.com/ and log in using your administrator credentials. This will bring you to the home dashboard.
Clicking on this will bring you to the corresponding page. Since we want to focus on reviewing open incidents, the following will be based on the open incidents dashboard.
The open incidents dashboard
This dashboard makes it easy to view the details of emails reported by users and/or flagged by IronScales. To the left you can see other dashboard for viewing other instances such as previously resolved incidents.
In the white column, you can see each open incident is displayed in priority order. This can help you decide what to tackle first. There is also a search option at the top and a filter option if you want to narrow it down to specific incidences including incidences involving specific users.
The details of the incident are located on the left. To toggle to another incident, simply click on the email. These details include who it was first reported by, if any automatic actions were taken, as well as information on the sender fingerprint to better help you determine the origin of the email.
At the top of the details is your confirmation request. This is where you will take action.
Confirming your report and improving IronScales response
If you wish to finalize the classification of your selected incident as a phishing attack or spam, click the corresponding button. However, if you believe it was marked incorrectly, such as you have verified the sender and it is an email you want to allow your users to receive those emails, click false positive. Whichever you choose will help IronScales hone their detection for future similar requests.
Next, you will be prompted once more to confirm your selection.
Finally, you have the option to add a comment. This is especially helpful if you have multiple people reviewing these incidents, so they can understand the decision. If you choose to share your comment with the IronScales community this can help other admins at other companies make better decisions about similar messages, or simply save them time when reviewing. This is optional, so you can just click done to complete your review with or without comments.
Your home dashboard will give you a brief review of recent campaigns. However, a more in depth analysis will be located in the phishing simulation dashboard. You will have to run at least two campaigns to get meaningful results. Once you have completed these, you can use this information to plan larger security training and preventative reforms.
Subscribe to Valiant's Monthly Email Digest
Valiant's monthly email digest is filled with original content written by our staff, tech news, and business insights.