@scottalanmiller said in Whack a mole: Dealing with Spam/Phishing:
@dashrender said in Whack a mole: Dealing with Spam/Phishing:
@scottalanmiller said in Whack a mole: Dealing with Spam/Phishing:
@dashrender said in Whack a mole: Dealing with Spam/Phishing:
@scottalanmiller said in Whack a mole: Dealing with Spam/Phishing:
@dashrender said in Whack a mole: Dealing with Spam/Phishing:
@pete-s said in Whack a mole: Dealing with Spam/Phishing:
@gjacobse said in Whack a mole: Dealing with Spam/Phishing:
@pete-s said in Whack a mole: Dealing with Spam/Phishing:
@gjacobse said in Whack a mole: Dealing with Spam/Phishing:
@scottalanmiller said in Whack a mole: Dealing with Spam/Phishing:
The problem is the process... why would someone be reporting spam and why is someone blocking it? That doesn't make sense. Get a good spam filter, configure, train people how to delete, done
"But this is the way we (they) have always done it... "
You mean they are "reporting" as in actually reporting it to someone? And not by marking it as spam in the email client?
Yeah, that doesn't make any sense. Far too time consuming.
Outlook Toolbar.. Reporting
d4517c20-ac54-44fd-a195-1b6ef87caf87-image.pngOK, but that just ends up sending an alert email to the designated phishing mail contact, which is IT right?
It would have made more sense if those emails had been forwarded to Trend Micro automatically and their adaptive algorithm would have learned how to detect them.
Right now Trend Micro doesn't have a clue what emails their user are classifying as spam or phishing attempts. Because that happens way after the email has passed through their gateway.
That's interesting.
With Appriver - we forward emails to [email protected] and appriver deals with it. Other than constantly reminding people that's where the report needs to go - I don't really deal with it.
Thought as Scott mentioned - so much spam is a once and done situation - so reporting it is often pointless.
That's not a bad process. But still a bit more than just "mark as spam" which is really simple.
oh, that most definitely is. and it's an option we have in O365.... but we now have two layers of spam filtering - appriver and MS...
So people have to report to O365 AND AppRIver? Do they really catch enough different to justify filtering twice?
no, they don't - and likely they aren't. I've shown nearly no one how to report to MS - so that's the one that's skipped. Everyone has been told about forwarding email to spam@appriver - and yes, it's more work than just right click - mark as spam, but not so much so that people don't do it.
Why report to that one when O365 is the important one and the one that's like 10x more likely to be permanent instead of being clearly in the "should be removed" category? Less work, better results, less long term risk.
Time, the old process is already in place. It's just a matter of informing people at this point - it just hasn't happened yet.
