Forwarding reported threats to a 3rd party Abuse Mailbox

Introduction

All employees participating in the Hoxhunt training can also report real-life phishing and spam emails. You can integrate with many Incident Response solutions such as Abnormal, Sublime Security, Mimecast, and Proofpoint TRAP by forwarding spam and phishing reports an Abuse mailbox.

Who can use this feature?
Commercial plan: Any
Role: Admin users

Create the Abuse Mailbox

Below is list of services that provides an Abuse Mailbox to which Hoxhunt can forward phishing and spam reports. The list is not exhaustive. If you are wondering if Hoxhunt is able to integrate with another 3rd party Abuse Mailbox please contact a Hoxhunt representative. 

Sublime security 

Please follow the instructions in this article to set up an Abuse Mailbox in Sublime Security. 

Abnormal

Please follow the instructions in the Abnormal Security's knowledge base for how to set up an Abuse Mailbox.

Proofpoint TRAP

To integrate with Proofpoint TRAP please contact your Hoxhunt Success Manager to modify the format of the emails sent to Proofpoint.

After that you can set up the TRAP Mailbox. You can find more information about how to set up the TRAP Mailbox from Proofpoint's knowledge base. 

Mimecast 

There is no set up of an Abuse Mailbox required. You can forward spam and phishing reports to Mimecast to help them react to high volumes of end-user reports of phishing and spam getting through their filters. 

You can read more about how Mimecast process the incoming reports in this article

 

Verify the email address

Before you can set up the forwarding, you need to verify the email address you plan to set up for threat report forwarding.

See how the verification is done: Email verification for automated email flows

NOTE: If you are integrating with Mimecast, please ask support@hoxhunt.com to verify the email addresses for you.

 

Setting up threat report forwarding

Admins can specify to which email addresses spam and phishing reports are forwarded in Hoxhunt Admin Portal under Threat Settings.

  1. Toggle on the required settings for phishing reports and/or spam reports.
  2. Specify the email address of the Abuse Mailbox from the previous step phishing / spam emails should be forwarded to from the list of verified email addresses. If the list is empty, verify an email address first.Screenshot
  3. Click Save. (The changes will immediately go into effect)

 

Was this article helpful?

4 out of 4 found this helpful

Have more questions? Submit a request