Based on user feedback, we’re delighted to announce a new and improved reporting flow that enables end users to report malicious emails more easily and allows response teams to spot trends in potentially malicious emails and remediate them more efficiently.

But first, what is OnINBOX?

OnINBOX is our inbound email security product that delivers personalized threat detection for both end-users and security teams. OnINBOX uses traffic light indicators to flag up otherwise impossible to spot risks in an email, immediately and clearly letting the user know whether an email is safe to interact with. When OnINBOX flags a suspicious email, employees can easily report an email from inside the email interface.

After an email has been reported, response teams can further analyze and subsequently remediate reported emails inside the OnINBOX Manager interface. The tool allows for the easy removal of current threats from all users’ mailboxes but also prevents similar threats from ever making it to the user’s inbox in the future.

What updates have been made and why did we make them?

Here at Red Sift, we know that customer feedback is the most reliable source of good ideas when developing innovative products. Based on that thinking, our Product teams regularly meet with Red Sift’s power users to better understand their needs. 

Given that remediation is a critical part of any inbound email protection solution, our OnINBOX Product team had ongoing interactions with a number of OnINBOX customers to monitor their use of its functionality and effectiveness post-launch. The results were clear - response teams needed to:

  1. Reduce the average time it took their end users to report an email 
  2. Get a better and faster grasp on what their users were reporting and why
  3. Dig into trends and spikes in phishing emails to identify groups or individuals most frequently targeted by fraudsters 

Equipped with this feedback, the OnINBOX team embarked on building the features that would provide solutions for these requirements, thus enabling response teams to carry out their roles more efficiently. 

Improvement 1: New user reporting page 

The first goal was to reduce the amount of time users spent reporting an email as well as provide a more intuitive interface where users could submit findings in a way that helped response teams understand the initial reasons for submission. With this objective in mind, three new designs were created and submitted for user testing. 

In conclusion, 63.3% of consulted users voted for the design that provided:

  • Traffic light-colored buttons labeled with safe, spam, or phishing to facilitate faster decision making
  • The ability to supply more information after the user submits their first choice. This is presented in multichoice tickboxes which removes the burden on the user to type out an answer
Original Design
Updated Design

Since launching the new reporting page, we have reduced the number of clicks required to report an email by a third and tracked a 59% increase in the number of reported emails.

Improvement 2: Enhanced Remediation Reports dashboard in OnINBOX Manager 

The next step was to create dashboards inside OnINBOX Manager that would meaningfully display the data being captured during the reporting process. So, with this update, we’ve built tables and charts that provide a quick visualization of trends and user activity, as well as the ability for response teams to drill down into any data set they want to explore further. 

The new and improved dashboard is broken into a number of sections:

  1. Report overview makes it easier for response teams to spot trends or spikes in reported emails over time
  2. Emails reported show the total number of emails reported and how they’ve been categorized by users - safe, spam, or phishing
  3. Top Sending Domains shows the top domains that have been reported and could pose a risk to your company
  4. User Activity provides more granular insights into the types of emails users have reported. For example, if 5 reported emails contain suspicious attachments, response teams can prioritize remediating these emails as a priority

Improvement 3: Improved Report Analytics page

Finally, we’ve made enhancements to the reports analytics page so that response teams can more easily dig into individual reports and the details an end-user has provided, such as why they reported the email or even the actions they took like opening an attachment. This intel allows response teams to carry out prioritized remediation where necessary.

What’s more, once response teams have dug into their user’s feedback, we enable them to provide feedback on whether emails were threats or turned out to be safe. In doing so, response teams are signaling that employee feedback is being listened to and acted on, making the act of reporting more meaningful for end users and encouraging repeat behavior. After all, remediating reported emails is only possible when employees report threats in the first place and so taking the time to provide personalized feedback is crucial. 

In addition, equipped with first-hand evidence, response teams are able to identify particular users or groups who are being targeted by phishing or falling for attacks more often. These findings can spur teams to consider taking corrective and preventive action such as increasing the level of phishing awareness training or implementing stricter controls. 

The new and improved remediation detail page shows:

  • The number of times an email has been reported
  • All the additional details given by the end-user who reported the email 
  • The actions taken by a user, if any
  • The A C T threat analysis, allowing response teams to decide if it was justified/unjustified 

Our key takeaways

In summary, the enhancements made to OnINBOX’s Reporting and Remediation features provide:

  • An easier, more intuitive way for end-users to report phishing emails quickly and easily
  • Upgraded dashboards for response teams to act on findings faster 
  • The ability to understand spikes in phishing emails and quickly see who is being phished so prioritized remediation can take place 
  • Customizable filtering based on the response teams’ unique requirements 
  • Data that provides the foundation for admins to implement corrective and preventive action

Want to try it out for yourself? Request your OnINBOX demo below!