CybeReady’s PhishCage. A Proactive Human Shield
CybeReady’s PhishCage is a new addition to the Autonomous Training Platform: It empowers employees to become organizational ‘cyber heroes’ by proactively reporting suspicious email in an effort to keep the organization “phish-free”.
PhishCage is implemented via a standard email client button that allows employees to report suspicious email activity. Emails are packaged and sent to CybeReady for further analysis and mitigation.
CybeReady inspects reported emails and classifies them into three categories:
(1) Simulation emails originated by CybeReady’s training platform (safe)
(2) Suspicious but unverified emails
(3 ) Malicious emails that contain a harmful link and/or attachment
PhishCage provides employees who reported an email with immediate feedback (positive reinforcement), and in cases where reported emails are not part of a training activity (i.e., a phishing simulation email), CybeReady scans the embedded links and attachments. If the email has been found to be unsafe, a ‘malicious email’ or ‘unverified email’ notifications would be sent to the organization’s Security team (and automatically triggers an incident response tools if available), to ensure mitigation of malicious and suspicious emails.
PhishCage reporting button is available for Microsoft Exchange/Outlook and G-Suite.
Dashboard Activity Reporting
PhishCage reporting activity is tracked in the CybeReady dashboard and allows to review all reported emails, along with the relevant reporting employee details. The emails are broken down into the three categories – Simulation (safe), Malicious, and Unverified (requires further investigation).