Get started with Advanced Email Security

Welcome to Advanced Email Security powered by INKY! These are some of the top tasks we recommend to start customizing your new add-on.

Required: This article is for Advanced Email Security powered by INKY. You can verify that you have INKY by signing in and checking if there's a blue header that includes "Powered by INKY" displayed at the top of your dashboard. See customization options for Advanced Email Security from Proofpoint.

Select a task to jump to that section:

• Allow list or block list
• VIP spoofing protection
• Trusted third-party senders
• Spear phishing protection

Allow list or block list

With Advanced Email Security, all incoming email is flagged with a banner informing the recipient of its threat level. You can view all received emails in your Threat Details page, where you can filter out dangerous email or disable warnings for trusted senders. If you trust the message, add it to your Allow List to prevent similar messages from being flagged. Otherwise, add it to your Block List so similar messages always get a warning.

Note: We recommend adding the email to your allowed list instead of the domain, unless you're certain the domain can be trusted. Once the domain is added, Advanced Email Security won't know if the domain was spoofed and can't warn you about compromised email.

1. Sign in to Advanced Email Security.
2. Select Threat Details.
   
3. Use the menus to sort your results using some or all the following categories:
• Minimum Threat Level: Filters messages with Neutral, Caution, or Danger banners.
• Reason: Filters by a specific type of warning, such as a misleading link or suspicious URL.
• Reported Messages: Filters by messages included or not included in user reports. Not selecting this filter displays all messages.
• Message-ID: Filters to a specific message by its unique ID (located in the email header).
• Recipient Email Address: Filters messages to those received by a specific email address.
• Filter by Selected Date Range: Confirm the box is checked to filter messages received within a specific time period. In the bottom left corner, select the start and end dates to choose your date range. Uncheck the box to remove this search criteria.

Note: Try setting the threat level to Danger and reported messages to those included with user reports. This will show you the emails that need the most amount of tuning. You can then filter to the lower threat levels as needed.

4. Select Refresh List.
5. You'll see a list of all messages that meet your filter criteria. Select a message, then select Allow List Actions or Block List Actions located below its banner. Emails and domains added to Allow or Block lists can’t be deleted but can be disabled.

Note: Your available actions are based on the type of threat and might differ depending on the messages.

6. Under Remediation, delete a message from the mailbox if it shouldn't be accessed by a user.
7. Under User Reports, provide feedback of misclassified messages to Inky. Select to confirm the user report is correct, or select to reject it.
8. If the email was miscategorized, under Report Feedback, select Report This Email to make a policy change, like to add the sender address as a trusted sender.

Back to top

VIP spoofing protection

Add names and email addresses of executives, commonly spoofed employees, or important external contacts to your VIP List. If an incoming email appears to come from one of these people but is actually from an impersonator, Advanced Email Security will alert you that it's really a spoofed VIP.

1. Sign in to Advanced Email Security.
2. Select VIP List.
   
3. In the upper-right corner, select the checkbox to Enable VIP spoofing checks.
4. To add a VIP, select Add Person, enter the contact details, and select Add. You can add multiple email addresses by separating them with commas.
   

Note: It's good practice to add all the VIP's personal and business email addresses. That way, if they send an email from any of their personal emails, it won't be flagged as spoofing.

5. (Optional) Add multiple VIP contacts with a CSV file. Select Import CSV, then Continue. Then choose and open your CSV file.

Back to top

Trusted third-party senders

If you use a third-party to send messages on behalf of your users, such as an email marketing product (like GoDaddy Email Marketing or MailChimp), Advanced Email Security might flag these messages as internal-sender spoofing. To prevent these warnings, add any third-party senders to your Trusted Third-Party Senders list.

1. Sign in to Advanced Email Security.
2. Select Settings.
   
3. Next to Domain mapping, enter the sender's domain name (use a comma to separate multiple domain names).
4. Select the checkbox to Treat messages sent by these third parties as internal mail.
   
5. At the bottom of the page, select Save Changes. Changes can take up to an hour to take effect.

Back to top

Spear phishing protection

Advanced Email Security continuously learns and makes predictions to prevent spear phishing, targeted attacks impersonating an individual or business you trust. After you've had Advanced Email Security for a week or two, the technology will have established patterns to prevent spear phishing. At that time, enable spear phishing warnings so you know if an email is trying to trick you into doing something harmful.

1. Sign in to Advanced Email Security.
2. Select Settings.
   
3. Select the checkbox under Spear Phishing Protection.
4. At the bottom of the page, select Save Changes. Changes can take up to an hour before they take effect.

Back to top

More info

• What is Advanced Email Security?
• What do the banners from Advanced Email Security mean?
• What are quarantined emails in Advanced Email Security?
• Send encrypted messages with Advanced Email Security