Body
IRONSCALES will place a banner at the top of emails if it finds them potentially harmful or provide some information to the email recipient. Depending on the incident, IRONSCALES might prompt you with a link if the sender is legitimate. False positive matches do happen when clicking "Know this sender?" in the Banner will allow you to alert the Information Security Team to review the sender's legitimacy and mark it as allowed in our approved senders list, not marking it for the future. The critical thing to remember is if you see one of the Banners below, ACT WITH CAUTION, this email could be malicious , and taking a few minutes to review its legitimacy is time well spent.
Here is a breakdown of the banner messages and what they mean, with examples:
First Time Sender: This banner will appear when the recipients get an email from the sender that were in correspondence with them
 |
IRONSCALES couldn't recognize this email as this is the first time you received an email from this sender {sender_address} |
Sender Address Spoofing: a technique where a malicious actor forges the "From" address in an email to make it appear as though it was sent by a trusted source.
Exact Display Name Impersonation: a tactic where an attacker uses the exact display name of a trusted individual or organization in an email to deceive recipients into believing the message is legitimate.
Similar Display Name Impersonation: a method where an attacker uses a display name that closely resembles a trusted source to trick recipients into thinking the email is from a legitimate sender.
Domain Look-Alike: a phishing tactic where attackers use a fake domain that closely resembles a legitimate one to deceive recipients into believing the email or website is from a trusted source
Company's Name Appears in Display Name: a tactic where attackers include the name of a trusted company in the email display name to mislead recipients into thinking the message is officially from that organization
Known Address in Display Name: a deceptive tactic where attackers include a familiar or trusted email address in the display name to trick recipients, even though the actual sending address is different and potentially malicious.
Sender Address Contains Domain Look-alike: a tactic where attackers embed a fake domain that closely mimics a legitimate one within the sender's email address to trick recipients into believing the message is from a trusted source.
Business Email Compromise: targeted attack where cybercriminals impersonate a trusted business contact or executive to trick employees into transferring money or sensitive information
