Instantly helpful reporting and feedback for suspicious emails
With just one click, anyone on your team can contribute to making your organization more resilient against cyberattacks.
MailRisk automatically analyzes phishing, spam, and scam emails, and gives your colleagues feedback on their action - on the spot.
The handy button is always available in their inbox, making security a visible, actionable, and rewarding part of their daily routine.
Email remains one of the top tactics cybercriminals use to hijack people’s attention and trick potential victims into acting against their better judgement.
Making it easy, comfortable, and rewarding to flag risky emails is an incredibly effective way to stimulate contribution - and make cybersecurity a positive experience for everyone.
The MailRisk button sits in the toolbar of your email application, whether you’re using the desktop app, webmail, or the mobile application.
Every time someone checks an email, we automatically search for similar emails your colleagues flagged as suspicious and also check it against other sources of data.
When we find a match, you get immediate confirmation of how your action contributed to the organization’s safety - and your own!
MailRisk identifies if a phishing campaign targets multiple people in your company through their reports. And when you integrate this threat data into spam filters, it helps block these dangerous emails from reaching anyone else on the team.
People can also add context to their reports, making it easier for IT and security teams to make informed decisions with no extra effort.
Instant feedback engages people to flag suspicious emails more often, boosting reporting rates by as much as 50 times.
We use real-time machine learning for correlation and classification to analyze this data in our EU-based, privacy-first cloud platform which exceeds GDPR standards.
This automatically gives IT and security teams a goldmine of crowdsourced threat data they can use to find entry points that attackers leverage.
People found MailRisk instantly useful, and reporting rates went up. MailRisk lowers the threshold for getting help, but instead of creating more work for us, we are now almost completely rid of manual submissions to our helpdesk.
When using MailRisk to check an email, your colleagues get the help they need while also helping others. This instant reward ensures they always have a positive experience with cybersecurity.
These familiar tools and simple actions earn people’s trust, involvement, and develop their confidence around making good security decisions.
MailRisk turns cybersecurity into a team sport.
With its seamless integration across platforms, anyone can report suspicious emails, making cyber-vigilance an everyday habit for your entire organization.
If MailRisk sees a newly reported email whose risk it can’t confirm on the spot, it’s easy to ask for a manual check by a security expert.
Whether the result comes from your security team, security partners, or our specialists, the person who asked for help always receives it.
With MailRisk, every suspicious email your team reports does more than protect - it brings everyone closer.
It's all about turning those actions into rewarding experiences that prove the security team isn't just watching out; they're everyone’s ally.
Easy to deploy and simpler to use, MailRisk makes security practice effortless and immediate for the whole organization.
Within minutes of setup, tap into a wealth of insights from your team's knowledge and habits to strengthen your defense mechanisms with minimal effort.
When they see their actions matter, your colleagues become more motivated to acquire and practice cybersecurity habits.
Along with cybersecurity exercises and phishing simulations, they get multiple touchpoints with your security program in a way that matches their individual needs.
Turn MailRisk data into your cybersecurity compass: integrate it into tools such as Microsoft Sentinel or, through our API, with your security orchestration (SOAR) technology.
You can also use MailRisk as an information source for your security culture dashboard to track your progress and results.
MailRisk data becomes even more valuable when combined with simulated phishing or added into your threat hunting program.
Anonymous behavioral data from all these activities - and more - turn into human risk metrics which define risk areas you can address through targeted micro-courses.
Plus, this anonymized data is your secret sidekick for seamless compliance and certification processes.
Yes!
You can get MailRisk in the language you prefer to make it as easy and familiar for everyone in your organization to use it.
The rest of the Secure Practice platform is available in English and Norwegian, but you can customize and translate all resources and exercises you deliver to your team into their native language.
If your organization uses the Office 365 email client, they can use the MailRisk button from the dedicated iOS or Google Play app.
For organizations that use the on-premise Exchange email client, we offer a workaround to the restrictions from Microsoft: using the Outlook Web Access (OWA) client in the web browser.
Here is the full guide on how to use MailRisk on mobile devices.
Yes.
This is necessary to perform a thorough enough analysis to keep up with the latest cyberthreats. When you click the MailRisk button, the email you are looking to analyze is collected by Secure Practice.
We do this based on a written agreement with your employer, which describes in detail how we are allowed to process this data.
MailRisk is supposed to work as automatically as possible. However, certain suspicious emails require manual analysis during which an authorized security expert will specifically open your email for review.
In addition, if your reported email contains a particular threat, it may be reviewed by staff who are looking to build the best protections for the future.
Should your email not include any threat, its contents will be hidden from any staff unless they make a specific request to unlock its contents. In such cases, these requests are logged for accountability.
Anyone can change their mind, and we make sure that this is easy to do in MailRisk.
Simply open MailRisk, and click the menu button at the top right corner. Here you will find a list of emails you have analyzed.
Click the email you would like to revoke data for, and click «Withdraw report» to delete any data.
Firstly, we only collect email data from emails which you specifically choose to analyze.
If we cannot find any particular threat, the email contents will be automatically deleted after a number of days, as configured by your employer.
MailRisk is not a spam filter, but a supplement to this type of security technology and a source of data for it.
Security teams can choose to use MailRisk data in a way that suits their needs, including through the API we provide.
