PhishAssist
What is PhishAssist?
PhishAssist, part of the SoSafe Phishing Report Button, is a learning tool to boost your organization's ability to spot and report possible phishing attempts. This user-friendly tool doesn’t just assist your users in reporting potential phishing attempts, it helps your employees understand the four major elements that make up every email: the sender’s address, links, attachments, and the content.
PhishAssist's main goal? To give your organization a leg up in understanding which parts of an email might be red flags for a possible phishing attempt. It's about sharpening your organization's skills and making everyone more aware of phishing threats.
Just a head up though, PhishAssist can't do all the work. It's there to help your team make smarter, safer decisions, but it's not a 100% accurate judge of each and every email. Think of it as your handy helper in the fight against phishing, not as the final word. It's a sidekick for your team's judgement, not a substitute.
Where can PhishAssist be found?
PhishAssist can be found within the Phishing Report Button. After opening the Phishing Report Button by the user, the PhishAssist results are shown on the first page to support their decision making.
Is it possible that an email marked as low risk turns out to be a phishing attack?
Yes, this is possible. Please note that PhishAssist presents hints to assist the user’s decision making process, based on an automated analysis; it is not intended to replace user assessment or make the reporting decision on behalf of the user, and must not be solely relied upon. SoSafe accepts no liability in the event of an incorrect assessment by PhishAssist.
Is my email data inspected and stored by SoSafe?
Yes and no. Yes, PhishAssist scrutinizes the email on your system on-premises, just like the SoSafe Phishing Report Button runs through the email to obtain the sender address and email subject. However, the one entity we at SoSafe collect is a score that is generated from running the email content against our keyword list. The score is also then hashed so it cannot be traced back to any user or email.
How is data privacy handled?
In compliance with GDPR, user-sensitive and personal data isn't stored in SoSafe's backend. The calculation is performed entirely in the end user's inbox, and no sensitive personal information is collected or stored by SoSafe GmbH. PhishAssist is therefore fully GDPR-compliant.
Is my sender address scrutinized?
No, it isn’t
What keywords are in the SoSafe dictionary?
We have a dictionary of phishing keywords that we regularly update in both German and English.