How OnINBOX works
OnINBOX’s primary purpose is providing important information to the end user about emails that make it through any other security that you have in place. With this information, the user is able to make an informed decision about whether they should interact with any email.
If you can identify dangerous links and content then why not block it?
In products that use an automatic threat blocking based solution, genuine emails end up being blocked because they look similar to a malicious one, and some malicious emails end up making it to the user’s inbox because they don’t look suspicious enough to be blocked. For example, a genuine message asking you to "click the link and make payment", could look similar to some highly dangerous phishing messages.
Grey area situations like this commonly generate false-positives and false-negatives which, in a filter/blocking situation, triggers the blocking mechanism on legitimate email (the false-positives) and let’s some illegitimate email come through, without any warning or contextual security information on it for the user.
The Quarantine folder
OnINBOX will not move/filter any emails to the quarantine folder by default, nor based on any scanned contents. It will only move an email to this folder if a user clicks the Report button.
Future plans for actioning identified threats
👷 Red Sift Engineers are currently hard at work on what we believe to be the right solution to taking remedial and automated actions against dangerous emails within OnINBOX and this should be available in the near future.