Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Email Security Quick-links: ESA Product Support | SMA Product Support | Email Submission and Tracking Portal | Cisco SecurityHub
Current General Deployment (GD) Releases:
ESA: 11.0.0-264 WSA: 10.5.1-296 SMA: 11.0.0-115 Email Plug-in (Reporting): 1.0.1-048 Email Plug-in (Encryption): 1.0.0-036

New Member

Has Phishing volumes changed ?

Hi,

What's your general feeling about the Phishing volumes which are getting through ? Have you seen any differences between different locations ?

We have pretty big user community in Europe and US without major phishing problems (only few reports ) but we are getting a lot of reports (daily) from South Africa (with ~5000 users).

Our IronPort rules are similar for Africa than it's for rest of the world. We are also adding X-header if message is ranked as "suspected" SPAM but seems that all passed phishing messages are clean and not detected by IronPort.

Have you seen similar problems ?

2 REPLIES

Re: Has Phishing volumes changed ?

Jarih - pls report missed phish mail to us at spam at access dot ironport dot com.

We have spam rules in place that are also used to pick up phish mail - however if we can enhance these rules we try to so *please* send samples so we can write rules to capture these.

New Member

Re: Has Phishing volumes changed ?

I have sent IronPort Outlook Plug-In for Outlook to local HelpDesk which will (I truly hope so) report the Phishing messages to IronPort support.

I have instructed them to use "Other -> Report threat -> Phish" action when reporting the Phishing

126
Views
0
Helpful
2
Replies