Automate and Enhance Your Abuse Mailbox Visibility

December 10, 2021

Managing and monitoring an Abuse Mailbox can be a significant pain point for IT security teams, particularly large organizations with thousands of employees. It can result in thousands of hours spent manually reviewing, researching, and identifying which emails are malicious, and then attempting to manually remove all copies of the email threat before users potentially trigger them.

In contrast, the Abnormal Abuse Mailbox automatically remediates abuse campaigns for nearly all of the phishing reports it receives. Because of this, customers only see a small subset of the emails that appeared in their phishing mailbox.

Expanded Abuse Mailbox Email Submissions Visibility

The product enhancement, released in August 2021, expanded customer visibility into Abuse Mailbox and now provides a complete view of all the email submissions that Abnormal’s Abuse Mailbox did not process. An IT security analyst is provided the chance to reply to phishing reports, without the need to switch between their regular email client used to review phishing emails and the Abnormal portal, improving workflow and saving time. Note how cumbersome using a traditional email client is to review submissions without intelligent filtering, judgment, orchestration, or automatic email content analysis.

Outlook phishing abnormal

There are situations where the original email was not found in the user’s inbox, or crucial information was not parsable from the submission. An IT Security Administrator can now view the complete list of phishing campaigns via the new ‘Not Analyzed’ tab within the Abuse Mailbox part of the UI, which is especially useful for when a message originated from a phishing simulation.

Abuse mailbox overview

Furthermore, an IT Security Analyst or any other assigned employee via our role-based access controls (RBAC) can obtain a detailed Abuse Mailbox submission report and optionally email the reporter, notifying them of the submission status.

Submission status

Reduce Noisy Submissions Sent to the Abuse Mailbox

An astonishing ~85% of submissions to an abuse mailbox are safe, which leads to noise for IT Security teams who have to manually review, taking them away from vital cybersecurity operations.

To help alleviate the submission and alert fatigue, Abnormal intentionally does not process non-phishing-report-like emails such as automated alerts, company announcements, marketing newsletters, or non-phishing service desk tickets. Messages within these categories will appear in the Abuse Mailbox Not Analyzed tab.

Reason no analysis

Phishing email campaigns need to originate from the organization's tenants for Abuse Mailbox to locate, extract, analyze, and remediate the email.

Abnormal Abuse Mailbox Saves Countless Hours of Manual Effort

Abuse Mailbox extracts, analyzes, automatically remediates, and responds to employee-reported phishing campaigns. Abnormal’s Abuse Mailbox automation saves time and the cost of responding to reporters and encourages users to continue reporting phishing emails while educating them.

Phishing report example

Over time, we aim to continually work with our customers to expand our capabilities so that they can focus on the highest priority security events, as opposed to manually investigating abuse mailbox submissions and remediating email-borne threats.

Not yet an Abnormal customer? Request a demo today to learn how Abnormal can enhance your email security capabilities and provide visibility into email threats that other solutions miss.

Related Posts

Blog customer communications leads to product innovation
Learn how customers have influenced the latest round of product enhancements to better protect your organization from email-borne threats.
Read More
Blog attack detection efficacy cover
Abnormal’s relentless pursuit of innovation significantly improves the detection efficacy of hidden payloads in emails by an additional 5%.
Read More
Blog mnru cover
Estimating both the time and cost to complete a task has been a continual challenge for engineering teams as long as I’ve been working in industry. Coordinating the complex interactions and execution task sequencing across multiple tasks and people is a complex, ever-evolving challenge, and one that most teams struggle with daily.
Read More
Blog what do phishing emails cover
Phishing attacks are on the rise; the FBI reports that such attacks cost $54 billion in 2020, and phishing complaints increased by a whopping 110% from 2019 to 2020. If you're one of the many people targeted by a phishing email, you're not alone.
Read More
Blog holiday scams cover
We've arrived at that time of year—a time for reflection and celebration and spending time with family, and also that time of year where the cyber grinches hope to spoil the holiday fun.
Read More
Log4j email blog cover
Over the last few days, Abnormal has successfully blocked multiple attempts by attackers to deliver emails similar to these to our customers’ unsuspecting end users.
Read More
Blog securitry privacy cover
Customers place tremendous trust in Abnormal to protect them from the full spectrum of attacks when they provide us access to the email stored in Microsoft 365 or Google Workspace. To that end, we’re focused on protecting your data and building your trust.
Read More
Blog podcast role cto
Tim Tully, Partner at Menlo Ventures, grew up in Silicon Valley, where a love for coding was kindled in him. Tim is a technologist to the core, which innately led him to become an elite technical leader at companies like Splunk and Yahoo.
Read More
Blog canadian visa cover
Abnormal Security recently identified a scam aimed at the Canadian electronic travel authorization (eTA) program, which bears a striking resemblance to a long-standing fraud scheme described in our post from several weeks ago targeting TSA travel program applicants.
Read More
Automate abuse mailbox cover
Managing and monitoring an Abuse Mailbox can be a significant pain point for IT security teams, particularly large organizations with thousands of employees.
Read More
Blog calendar invite attack cover
Meeting invites are one of the most common types of emails sent today, so it should come as no surprise that attackers have found a way to manipulate them. Scores of recipients that utilize Abnormal Security recently received emails that contained a .ics attachment—an invitation file commonly used to populate online calendar applications with meeting and event information.
Read More
Blog saving memory python cover
At a hyper-growth startup, a solution from six months ago will unfortunately no longer scale. The business is growing rapidly, and this traffic to this service in particular was growing at an unprecedented rate. We hit a point where it needed re-architecting to support 10x the current scale.
Read More