Why Users Should Report Suspicious Emails, and How to Manage Them

Users are the weakest link when it comes to cybersecurity. That’s why it may seem surprising that your cybersecurity depends on increasing users’ involvement in your overall strategy. But it does. By encouraging users to report suspicious emails, you can capitalize on a new source of intelligence that improves every aspect of your posture—from incident response to threat detection, and more.

Let’s look at how.

Why users should report suspicious emails

Microsoft Outlook provides the ability for users to report emails as phishing or junk, enabling admins to triage and remediate potential threats. A seemingly basic feature, user reports can unlock incredible value for the security of your clients and business. Here are three important benefits of encouraging users to report suspicious emails.

1. Enhance your incident response

Regardless of what marketing messages may promise, no cybersecurity solution can detect 100% of threats. User-reported emails enable you to quickly identify and remediate potentially dangerous messages that may have bypassed initial detection. These reports help you neutralize threats in real-time across your affected tenants and users.

Vade for M365 offers an easy and efficient way to respond to user-reported emails. Reported emails is one of the latest features of Vade for M365 that offers a cross-tenant method of triaging and remediating user-reported emails—from one dashboard.

Additionally, user reports provide you with a source of human intelligence that complements the intel gathered from cybersecurity tools. This combination of human and machine intelligence helps create a more dynamic and multi-layered approach to incident response and threat investigation.


New call-to-action


2. Improve your threat detection

Threat detection relies on a combination of human and machine intelligence. AI-powered email filters require data to learn and accurately detect new and emerging threats. While this data comes from email traffic, user reports can also be used to improve filtering accuracy and train email filters to look for new threats or techniques.

3. Increase the cyber vigilance of users

When users report suspicious emails, they become active participants in your security operation. That helps strengthen their cyber vigilance. It allows them to apply their user awareness training, which improves retention and recall. They also become more aware of cyber threats and the importance of good cyber hygiene practices. All are especially important, considering that 82% of data breaches are caused by human error.

How to manage user reports as an MSP

While user reports offer you valuable benefits, you need the ability to triage and remediate them efficiently and effectively. Unfortunately, the process of reviewing and remediating emails in Microsoft Exchange or a single-tenant third-party email security solutions is time-consuming and complex.

Both solutions force your admins to review emails individually, tenant by tenant. They also don’t group emails by similarity or allow messages to be remediated from the user-reported messages dashboard in Microsoft Exchange. As an MSP, this isn’t sustainable or scalable for your business. It also puts you and your clients at risk by slowing your ability to respond to security events.

Vade for M365 solves the challenges of using Microsoft Exchange or a single-tenant email security solution. Using the following four key features, it enables you to realize all the advantages of user reports without reducing your productivity.


1. Aggregated user reports

Rather than switching between multiple tenants or screens, Vade for M365 organizes user-reported messages in a cross-tenant, aggregate view. This saves you considerable time reviewing user reports.


Report suspicious emails – Reported emails screen in Vade Partner Portal

Reported emails screen in Vade Partner Portal


2. Remediation

From a single pane of glass, you can also remediate user-reported messages across your tenants with just a few clicks. As a result, you can minimize the time it takes to remove potentially dangerous messages from user inboxes and prevent those and similar emails from spreading throughout your clients’ networks.

3. Clustered emails

In Vade for M365, user-reported emails are grouped into clusters with similar, yet unreported emails—when applicable. This enables you to save time remediating emails in bulk, investigating suspicious yet unreported emails, and remediating threats that have been forwarded to other users.

4. Reported email alerts

To never miss important reports, Vade for M365 enables you to set up and customize alerts. You can adjust alert settings to reflect your preferred workflow and notification method.


Report suspicious emails – Reported email alert settings in Vade Partner Portal

Reported email alert settings in Vade Partner Portal


Leverage the benefits of user-reported emails

You can’t prevent all cyberthreats from reaching your users. But you can equip them with the tools and knowledge to appropriately respond when this occurs. Encouraging users to report suspicious emails isn’t just an important security practice, but a necessary one.

To get started, begin by encouraging users to report suspicious emails. Also, learn more about how Vade for M365 can help your managed security offering with incident response, threat detection, user awareness training, and more.


New call-to-action