PRE-Crime™ targeted attack defense preemptively detects the most sophisticated in-progress Business Email Compromise (BEC) attacks targeting you, your suppliers and your clients, preventing the cybercrime.
BEC attacks are a specific type of “phishing” attack that relies on targeting specific people within organizations. Attackers seek monetary payment as a direct outcome, and types of BEC attacks include (but are not limited to) diverting payment on a valid invoice to a fraudulent bank account, submitting a fake invoice for payment, among others.
This article focuses on how to configure the Active Tracking solution. To learn more about the Email Eavesdropping™ solution, please refer to this linked article.
Email Active Tracking Alerts
Active Tracking Alerts can be configured for administrators and senders, at company or user level. The Active Tracking solution works as if adding a GPS tracker to your email – the service maps the viewing time and location of your important email through the email’s journey.
There are many options for the administrator to adapt the threat thermometer and alert sensitivity. Admins can define green and red zones depending on where it would be expected or unexpected that the company’s business emails are opened. By default, any country that is not manually set to green or red will be yellow.
To learn about the Email Active Tracking pricing, please contact your RPost Sales or Customer Success Representative.
To learn more about how to read the Pre-Crime Alert Reports please refer to this linked article.
Configuring Email Active Tracking Alerts
The Email Active Tracking solution is configured in RPortal. If you do not have access to RPortal and you are a Customer Administrator, contact your Sales or Customer Success representative. Note that the settings described below may not be available to all RPortal users. If you cannot follow the steps described below, contact you Sales or Customer Success representative.
To configure the Active Tracking solution, follow these steps:
Start by accessing RPortal
Next, access the Company Accounts module
Next, press on the Settings tab.
If you wish to configure the solution at company level, make sure you click on the Company Settings tab. If you wish to configure the solution at user level, make sure the Eavesdropping Alert field at company level is set to Set by App. Next, click on the User tab, search for the corresponding user, and follow the next steps.
Now, select the Pre-Crime option from the left menu. When the Eavesdropping Alert option is enabled, a series of settings will become visible.
Set the Security Throttle to Low:
- Low: Single-factor activity tracking - it only tracks opening.
- Note that Medium and High only apply to the Eavesdropping™ solution.
Configure the Sender Notification Sensitivity as applicable. The available options are:
Do Not Send: No notifications will be sent to the email sender about open detections.
Notify on First Activity: Only the first open detection will be notified to the email sender.
Notify of Activity by Unique IP: Only one open detection per IP will be notified to the email sender.
Notify on Every Activity: All activity will be notified to the email sender. Note that if the email is re-opened by the same IP within a 10-minute window, the open detection will be tracked only once.
Select the Green alerts. These are based on the risk zones detailed below, in step number 5. Note that Yellow and Red alerts only apply to the Eavesdropping™ solution.
In addition, customer admins can configure the Admin Notification Sensitivity to include green alerts and send notifications to specific email addresses.
Finally, set the Risk Zones depending on where it would be expected or unexpected that the company’s business emails are opened. By default, any country that is not manually set to green or red will be yellow. Use the arrows to move zones to the right or left as applicable.
Save your changes.