Updates to the Vendor Details page
OnINBOX Manager has started its phased upgrade to the supply chain pages. Firstly, the Supply Chain view has been renamed Vendors. In time, you will see this split out into types of vendors.
See the screenshot below for what the detail page for each domain has been changed to look like in this phase.
Here you are able to see a breakdown of topics, actions, and threats that have been received from this domain. In the right-hand panel, we provide a vendor details and communications summary, and the table below displays the data for each user that interacted with this vendor domain.
The table now facilitates a more comprehensive understanding of inbound traffic including topics, actions, and who the threats are directed at. In addition to this, you’re able to see if any users have reported this domain or not.
New threat intelligence signals
The following signals are being folded into and displayed across the Dashboard page, Vendor Dashboard, and Vendor Detail page. The signals will also be captured in an end-users ACT email indicators and banner warning when threats are detected.
Please note, TLS is the only signal that doesn’t have a related end-user banner. This is because the warning we provide is relevant for IT admins to action and is therefore presented on OnINBOX Manager's Vendor Details page.
TLS is a cryptographic protocol that provides end-to-end security of data sent between applications over the internet most commonly used in email. We will be identifying and reporting any insecure emails sent to you.
When an encrypted attachment is sent to you, the password is typically sent in another email or via text message or a phone call. When a phishing attack is taking place, you will be sent the attachment and the password in the same email. So, we will be looking at unique words within an email and will attempt to forcefully open attachments. If OnINBOX succeeds in doing so we will notify the end user of this and state in a banner that this is a typical phishing attack and unless you trust this user implicitly, we advise that you do not open this attachment.
Links within attachments
OnINBOX will now scan links within attachments, identify if the link is malicious in some form, and notify the end user. This is similar to what LinkGuard does, the only difference here is that we are not able to rewrite the URL within the attachment. Instead, we explain within the banner that the attachment has potentially malicious links and to proceed with caution.
Credential harvesting emails are a common way to obtain personal information, for example, by asking you to click on a link to reset your password. OnINBOX will use NLP technology to determine whether you are being asked to reset your password. It also identifies whether the domain source is legitimate and if it is not, will continue to process the email by taking screenshots and analyzing it for a company’s logo. If this comes back as false, a banner will inform the user that this is an impersonation attempt, to not click the link in the email, and to report it to their Security Operations team.