Product FAQ: Alert Banners - Abnormal Security
Product FAQs  Alert Banners

Product FAQ: Alert Banners

Alert Banners

Abnormal Security supports automatic alert banner injection for malicious emails that arrive in end user inboxes. With alert banners, security teams can educate end users to recognize malicious emails via just-in-time security awareness content. This decreases potential unsafe email interactions such as a user responding to an attacker or clicking on malicious links/attachments. 

With alert banners, security teams and end users can enjoy the following benefits: 

  • Direct security awareness education: Each alert banner will contain standardized warning messages and also security awareness insights specific to each email’s metadata & sender/recipient behavior. Employees will see the banner upon accessing each malicious email, providing just-in-time security education. 
  • Zero manual effort required: Alert banners are automatically added to all malicious emails detected by Abnormal Security. 
  • Reduce end-user payload interaction: Alert banners alert end-users of suspicious emails and prevents them from instantly interacting/responding to the message. This reduces the frequency of the security team conducting incident response.   

Commonly Asked Questions:

What is an Alert Banner? ​

Alert banners are a security and educational tool that provides warning messages on potentially malicious emails arrived in employees’ mailboxes.

Why are alert banners beneficial?

Sophisticated social engineering attacks are often difficult for employees to spot at first glance. Abnormal Security automatically analyzes each email and surfaces any abnormal signals in the form of alert banners within the message. Alert banners provide warning insights that are specific to each email’s metadata and sender/recipient behavior. This helps employees spot attack patterns and decreases the likelihood of employees responding to an attacker or interacting with malicious payloads. 

When would I see alert banners in my email client?

Alert banners are injected into potentially malicious emails that currently reside in employee’s mailboxes. Each banner will display a warning message and the reasons Abnormal flagged the email as suspicious. Employees will still be able to access the original email body below the alert banner.

What do I expect to see within the alert banner?

The alert banner will contain the company’s branding (such as logo and background color), warning text, and tailored insights that display the reasons why the flagged email is potentially malicious.

How should I react to the banner? What type of actions can I take?

Upon seeing the banner, please carefully review the banner content to gain a better understanding of the nature of the email. If email is indeed malicious, employees should not reply back to the attacker, or forward it to coworkers, or interact with links/attachments in any way. Employees may forward email to the security team for further investigation. If the email is of spam/marketing/promotional nature, please unsubscribe to ensure they are not sent in the future.

How can I educate my end users what the suspicious indicators mean?

Abnormal customers can use the following table found here which explains the dynamic insights displayed within each email banner.

Want to learn more?

Schedule a personalized product demo to see:

  • Threat analytics, insights and reporting
  • Automated Triage, Investigation and response tools
  • Platform integrations into SIEM, SOAR
  • …and more
Automated Triage, Investigation and response tools

Want to learn more?

Schedule a personalized product demo to see:

  • Threat analytics, insights and reporting
  • Automated Triage, Investigation and response tools
  • Platform integrations into SIEM, SOAR
  • …and more