Automate and Enhance Your Abuse Mailbox Visibility

December 10, 2021

Managing and monitoring an Abuse Mailbox can be a significant pain point for IT security teams, particularly large organizations with thousands of employees. It can result in thousands of hours spent manually reviewing, researching, and identifying which emails are malicious, and then attempting to manually remove all copies of the email threat before users potentially trigger them.

In contrast, the Abnormal Abuse Mailbox automatically remediates abuse campaigns for nearly all of the phishing reports it receives. Because of this, customers only see a small subset of the emails that appeared in their phishing mailbox.

Expanded Abuse Mailbox Email Submissions Visibility

The product enhancement, released in August 2021, expanded customer visibility into Abuse Mailbox and now provides a complete view of all the email submissions that Abnormal’s Abuse Mailbox did not process. An IT security analyst is provided the chance to reply to phishing reports, without the need to switch between their regular email client used to review phishing emails and the Abnormal portal, improving workflow and saving time. Note how cumbersome using a traditional email client is to review submissions without intelligent filtering, judgment, orchestration, or automatic email content analysis.

Outlook's phishing detection enhanced by Abnormal Security

There are situations where the original email was not found in the user’s inbox, or crucial information was not parsable from the submission. An IT Security Administrator can now view the complete list of phishing campaigns via the new ‘Not Analyzed’ tab within the Abuse Mailbox part of the UI, which is especially useful for when a message originated from a phishing simulation.

Abnormal Abuse mailbox dashboard overview

Furthermore, an IT Security Analyst or any other assigned employee via our role-based access controls (RBAC) can obtain a detailed Abuse Mailbox submission report and optionally email the reporter, notifying them of the submission status.

Abnormal Abuse Mailbox user submission report

Reduce Noisy Submissions Sent to the Abuse Mailbox

An astonishing ~85% of submissions to an abuse mailbox are safe, which leads to noise for IT Security teams who have to manually review, taking them away from vital cybersecurity operations.

To help alleviate the submission and alert fatigue, Abnormal intentionally does not process non-phishing-report-like emails such as automated alerts, company announcements, marketing newsletters, or non-phishing service desk tickets. Messages within these categories will appear in the Abuse Mailbox Not Analyzed tab.

Abnormal's Abuse Mailbox reasons for not analyzing a report

Phishing email campaigns need to originate from the organization's tenants for Abuse Mailbox to locate, extract, analyze, and remediate the email.

Abnormal Abuse Mailbox Saves Countless Hours of Manual Effort

Abuse Mailbox extracts, analyzes, automatically remediates, and responds to employee-reported phishing campaigns. Abnormal’s Abuse Mailbox automation saves time and the cost of responding to reporters and encourages users to continue reporting phishing emails while educating them.

A sample response to a phishing report

Over time, we aim to continually work with our customers to expand our capabilities so that they can focus on the highest priority security events, as opposed to manually investigating abuse mailbox submissions and remediating email-borne threats.

Not yet an Abnormal customer? Request a demo today to learn how Abnormal can enhance your email security capabilities and provide visibility into email threats that other solutions miss.

Demo 2x 1

See the Abnormal Solution to the Email Security Problem

Protect your organization from the attacks that matter most with Abnormal Integrated Cloud Email Security.

Related Posts

B 06 21 22 Threat Intel blog
Executives are no longer the go-to impersonated party in business email compromise (BEC) attacks. Now, threat actors are opting to impersonate vendors instead.
Read More
B 06 7 22 Disentangling ML Pipelines Blog
Learn how explicitly modeling dependencies in a machine learning pipeline can vastly reduce its complexity and make it behave like a tower of Legos: easy to change, and hard to break.
Read More
B 04 07 22 SEG
As enterprises across the world struggle to stop modern email attacks, it begs the question: how are these attacks evading traditional solutions like SEGs?
Read More
Enhanced Remediation Blog Cover
The most effective way to manage spam and graymail is to leverage a cloud-native, API-based architecture to understand identity, behavior, and content patterns.
Read More
B 05 16 22 VP of Recruiting
We are thrilled to announce the addition of Mary Price, our new Vice President of Talent. Mary will support our continued investment in the next generation of talent here at Abnormal.
Read More
B 06 01 22 Stripe Phishing
In this sophisticated credential phishing attack, the threat actor created a duplicate version of Stripe’s entire website.
Read More
B Podcast Engineering9
In episode 9 of Abnormal Engineering Stories, Dan sits down with Mukund Narasimhan to discuss his perspective on productionizing machine learning.
Read More
B 05 31 22 RSA Conference
Attending RSA Conference 2022? So is Abnormal! We’d love to see you at the event.
Read More
B 05 27 22 Active Ransomware Groups
Here’s an in-depth analysis of the 62 most prominent ransomware groups and their activities since January 2020.
Read More
B 05 24 22 ESI Season 1 Recap Blog
The first season of Enterprise Software Innovators (ESI) has come to a close. While the ESI team is hard at work on season two, here’s a recap of some season one highlights.
Read More
B 05 13 22 Hiring Experience
Abnormal Security is committed to offering an exceptional experience for candidates and employees. Hear about our recruiting and onboarding firsthand from three Abnormal employees.
Read More
B 05 11 22 Scaling Out Redis
As we’ve scaled our customer base, the size of our datasets has also grown. With our rapid expansion, we were on track to hit the data storage limit of our Redis server in two months, so we needed to figure out a way to scale beyond this—and fast!
Read More