Smart Banners

Overview

Smart Banners are customizable banners added to incoming emails that Harmony Email & Collaboration found clean of threats.

These banners help distinguish external, unverified, or potentially fraudulent emails and so on that serve these main purposes:

  • Make users cyber-aware - The banners draw user attention to suspicious elements in the email that - combined with the user insights - might lead to the understanding that the email is malicious.

  • Remind users to follow the company policy - The banners alert the user to follow company policies for particular emails. For example, emails that contain invoices or requests to modify a partner's billing information.

Attaching Smart Banners to Emails

………

00:00: Smart Banners allows you to add customized banners to non-malicious emails with sensitive information. These banners alert the user depending on the nature of the email and promote compliance with your organization's policy. This video shows how to enable Smart Banners in Harmony Email and Collaboration. 00:20: Log in to the Infinity Portal. Access the Harmony Email and Collaboration Administrator Portal and click "Policy". 00:29: Select the email service for which you need to enable Smart Banners. For example, "Office three sixty five Mail". 00:37: Create a new Threat Detection policy or open the existing policy. 00:42: Set the policy mode as "Prevent (Inline)". 00:46: Scroll down to the "Clean Emails" section and select "Deliver with Smart Banners" for "Clean Workflow" 00:52: Click "Save and Apply". Now that you have enabled Smart Banners, you must select the banners required for your organization. 01:00: To do that, navigate to "User Interaction" and then click "Smart Banners". 01:05: Select the banners required for your organization. 01:09: To change the default text used in the banner, click the edit icon and make the required changes. 01:15: Select a severity for the banner. 01:18: Finally, click "Save and Apply". 01:21: Thanks for watching the video.

To attach Smart Banners to emails:

  1. Create or edit an existing Threat Detection policy for Office 365 Mail or Gmail. See Threat Detection Policy for Incoming Emails.

  2. Set the policy protection mode as Prevent (Inline).

    Note - Smart Banners are not supported for policies in Detect and Detect and Remediate protection mode.

  3. Scroll down to Clean Emails section and for Clean Workflow, select Deliver with Smart Banners.

  4. Click Save.

Notes:

  • Smart Banners can only be added to HTML emails.

  • For allow-listed emails, Smart Banners are not added.

  • When more than one banner is applicable for an email, Harmony Email & Collaboration adds the banner with the highest severity. If there are multiple banners with the same severity, the one with the highest priority is added. For information about priority of the banners, see Supported Smart Banners.

  • These banners apply only to emails written in English:

    • Request to update payment details

    • Invoice from a new vendor

    • Payroll information update request

    • Emails with Invoices / POs

Customizing Smart Banners

To customize a Smart Banner:

  1. Click User Interaction > Smart Banners.

  2. Click on the banner.

    The banner's preview appears.

  3. Click the icon on the banner.

  4. To change the banner's severity and color, select Low, Medium, or High.

  5. Make the required changes to the text.

  6. Click Save and Apply.

To remove the Secured by Check Point footer:

  1. Click User Interaction > Smart Banners.

  2. Click Settings next to Smart Banners from the top of the page.

    Smart Banners Config pop-up appears.

  3. Clear the Add "Secured by Check Point" to all banners checkbox.

  4. Click OK.

Enabling/Disabling Specific Smart Banners

Harmony Email & Collaboration delivers the emails with a specific Smart Banner if they match the use case the banner covers.

To enable or disable specific Smart Banners, do these:

  1. Go to User Interaction > Smart Banners.

  2. Toggle the button On/Off to the left of the required banner.

    Note - Smart Banners can only be turned on/off for all the protected users in the Infinity Portal tenant (account) and does not apply per policy.

  3. Click Save and Apply.

Automatically Enabling New Smart Banners

Check Point periodically introduces new banners for additional elements and characteristics. To enable these banners automatically:

  1. Click User Interaction > Smart Banners.

  2. Click Settings next to Smart Banners from the top of the page.

    Smart Banners Config pop-up appears.

  3. Enable the Automatically enable newly introduced banners checkbox.

  4. Click OK.

Supported Smart Banners

Harmony Email & Collaboration supports these Smart Banners:

Category

Smart Banner Name

Description

Default Severity

Priority

Is enabled by default?

Business email compromise

Sender resembles a real contact

Email from a sender that resembles but is not identical to a contact the recipient is corresponding with.

High

1

Yes

Request to update payment details ¹

Email that resembles a request from vendors to change their payment details.

High

2

Yes

Invoice from a new vendor ¹

Email with an invoice from a vendor that never contacted before.

Medium

21

Yes

Payroll information update request ¹

Emails from external senders requesting to update their payroll information.

Low

41

Yes

Financial transaction requests

Emails with Invoices / POs ¹

Email that contains a request for payment in the form of invoice or purchase order.

Low

42

Yes

Payment request via payment service

Email that contains a payment request received via accounts in payment services.

Low

43

Yes

Avoiding inspection

Emails with links to restricted resources

Email with links to resources with restricted access, possibly in order to avoid inspection.

Low

45

Yes

Fundamentals

Sender name different than address

Email from sender with a name that is significantly different from the email address which may indicate an impersonation attempt.

High

3

Yes

Reply-to domain recently created and its address is different than the sender’s

Email with reply-to address different from sender address and whose reply-to domain is created recently.

High

4

Yes

Sender domain created recently ²

Email whose sender domain was created recently.

Medium

23

Yes

Sender SPF failed

Email that failed SPF checks.

Medium

24

Yes

Incoming emails from external senders

Email from an external sender (outside the organization).

Informative (blue)

81

No

Impersonation

 

First-time sender ³

Email from a sender that never sent an email to the recipient before.

Low

44

Yes

Sender resembles a person within the organization

Emails from a first-time sender whose display name is identical to a person within the organization.

Medium

22

Yes

¹ These banners apply only to emails written in English.

² This banner will be applied to emails only if the sender's domain was created in the last 100 days.

³ The First-time sender banner will not be applied to the recipient's emails after 24 hours from the sender's first email.