Acting on End User Reports

The Avanan analysts review the email for the end-user reports, determine if they are malicious or benign, and then take actions if required:

  • Phishing emails reported by the end users

    • Malicious email - The analyst approves the user report, and the reported email is removed from the user's mailbox.

      To remediate the entire campaign, similar emails are also removed from other users' mailboxes. For more information, see Automatically Quarantining Entire Phishing Campaigns.

    • Benign emails - The analyst rejects the user report, and the email remains in the user's mailbox.

    • Inconclusive - If the analyst cannot determine if the email is malicious or benign, the user report will be approved and the email will be treated as malicious.

  • Quarantined email restore requests by the end users

    • Malicious email - The analyst rejects the request, and the email remains in quarantine.

    • Benign emails - The analyst approves the request, and the email is restored to the user's mailbox.

    • Inconclusive - If the analyst cannot determine if the email is malicious or benign, the user request will be approved and the email will be restored to the user's mailbox.