Many companies have specific policies on how employees should behave when they receive phishing emails. The policy can vary depending on the scenario (if a payment is being requested for example).

Customizable Banners caters for this by allowing you to set your own text message that will appear when certain conditions are met.

Configuring your first rule

This new feature can be configured from the banner configuration presets section of the Settings page. Configuring a rule can be broken into three parts:

  • Defining the ACT conditions
  • Defining the NLP conditions
  • Defining the message that is displayed

Defining the ACT conditions

There are two options for defining the ACT conditions, either defining the number of warnings or failure statuses required for the banner to appear across all three indicators, or defining specific indicator results required for each of A, C and T.

For example:

  • To have the banner appear whenever there’s at least one red indicator, you would need to use the first option and set the “warning+” statuses to 0, and fail statuses to 1.
  • To have the banner appear whenever there’s at least one amber or red indicator, you would need to use the first option and set the “warning+” statuses to 1, and fail statuses to 0.
  • To have the banner appear whenever the “A” indicator is amber or red, and the “C” indicator is olive-green, amber or red, you would need to use the second option and set “A” to “warn”, “C” to “low” (olive-green) and “T” to “any”.

Defining the NLP conditions

Defining the NLP conditions is as simple as ticking the boxes next to the statuses that you would like to have this banner appear for. For example, if you would like to have the banner appear for emails that are about transactions and bills, tick both of these options.

Defining the message that is displayed

An example of when you might want to use a custom message is by using the feature to remind your users of your payments policy for emails that are about a transaction. You could do this by including a link to your intranet where the policy is. Any links that you include in the message will automatically become clickable by the user.

This is an optional step, OnINBOX will use it’s default text-based banner content that provides information about the security results if a custom message has not been set up.

Important: this message should not contain any private information as it will be visible publicly.

Handling multiple rules

Any rules that you put in place work on a priority system, with only the first matching rule being actioned. You can change the priority list by using the up and down arrows on the table. You’re most likely going to want more specific scenario rules at the top, with more generalised ones at the bottom.

FAQ

How does this interact with the existing scenarios where OnINBOX adds a text-based banner already?

By default, OnINBOX will show a text-based banner when it detects a high threat in an email that is of a sensitive nature and a few other high risk scenarios. Any organization specific rules will take precedence over this default behaviour. If you’d like to only see text-based banners for your own defined rules, you can turn on “Show only custom banners”.

Once I’ve set up a new rule, how long does it take until all of my users will start to see it?

Any settings changes made in OnINBOX Manager currently take up to 30minutes to sync across all of your users.

Can I have different custom banners for different user groups?

Currently this is not available, but it is certainly something that we will look at in the future.

What control do I have over how my text message looks? Can I use markdown?

OnINBOX will automatically color the banner based on the color of the security indicators and will automatically make any links that you include clickable. Currently styling support such as using markdown is not available, but it is certainly something that we will look at in the future.

Can you add the possibility of displaying a custom message for X scenario?

We look forward to seeing how our customers use this feature and what extra functionality would be valuable to add in the future. If you have any feedback or suggestions, let us know at success@redsift.io.

Can I replace the mouse over text or text banner text for a specific result for a given indicator?

Currently this is not something that is available, but we’re always welcome to receiving your feedback and ideas at success@redsift.io.

If you have any questions please reach out to us or your OnINBOX administrator.

Did this answer your question?