Overview
Smart Banners are customizable banners added to incoming emails that the Email Security Team found clean of threats.
These banners help distinguish external, unverified, or potentially fraudulent emails and so on that serve these main purposes:
Make users cyber-aware - The banners draw user attention to suspicious elements in the email that - combined with the user insights - might lead to the understanding that the email is malicious.
Remind users to follow the company policy - The banners alert the user to follow company policies for particular emails. For example, emails that contain invoices or requests to modify a partner's billing information.
For allow-listed emails, Smart Banners are not added.
When more than one banner is applicable for an email, the Email Security Team will add the banner with the highest severity. If there are multiple banners with the same severity, the one with the highest priority is added.
-
These banners apply only to emails written in English:
Request to update payment details
Invoice from a new vendor
Payroll information update request
Emails with Invoices / POs
Smart Banner Examples
Request to update payment details
Requests from vendors to change their payment details
Sender resembles a real contact
Emails with a sender that resembles but is not identical to a contact the recipient is corresponding with
Invoice from a new vendor
An invoice received from a vendor that the recipient did not have contact with before
Payroll information update request
Emails from external senders asking to update their payroll information
Payment request via payment service
Payment requests received via accounts in payment services (e.g.)
Emails with Invoices / POs
Emails containing a request for payment in the form of Invoices and purchase orders
Emails with links to restricted resources
Emails with links to resources with restricted access, possibly in order to avoid inspection
Reply-to domain recently created and its address is different than the sender’s
Incoming emails with a reply-to address that is different than the sender address and the reply-to domain only recently created
Sender name different than address
Emails from senders with a name that is significantly different that its email address
Sender SPF failed
Emails that failed SPF checks
Sender domain created recently
Emails whose sender domain was only recently created
Incoming emails from external senders
Every email from an external sender
First-time sender
An email from a sender who never had any prior email exchange with the recipient
Sender resembles a person within the organization
Emails from a first-time sender whose display name is identical to a person within the organization
