Outlook/O365/Gsuite plugin (Outlook 2010-16 plugin to start if other platform is significantly different to develop for)
Purpose: To give email users the ability to report a phishing attempt.
Use case: A phishing email makes its way to the users inbox. The user identifies it as a phishing attempt and clicks on the ‘This is a phish’ button on the outlook toolbar.
[login to view URL] does a check to see if the email has been sent from our simulated phishing platform. If it has then it pops up with a message (eg ‘congratulations you have correctly identified a simulated phishing email’). This action is sent to our servers where we can record the report action (ie correctly identified a simulated phishing email and what email template it was)
2. If it is not sent from our servers it comes up with a message (eg ‘thanks for reporting this as a phishing attempt because of people like you our company is more secure’) and will be sent to the local inhouse security team (forward email, add a subject prefix and attach subject headers). It would also be great to have an option to also forward this to our team (checked by default) which will enable us to build a database of phishing emails.
1. We need to offer a way to edit/add the emails to where these alerts will be sent (ie one or more local people in the security/it team)
2. Ideally it would also be great to have a way to edit the message popups.
3. Any other customizations would be a bonus – ie subject prefix, button name, etc
I have attached a file which outlines the above and also provides links to our competitors outlook add-in. One competitor has lots of information and we can use this information to get an exact idea of what we are trying to create.
Project will need to be documented fully. I can provide more details and put you in touch with our dev team who designed and maintains the simulated phishing platform.