Versions Compared

Old Version 32

changes.mady.by.user Matthew Sywulak

Saved on

compared with

New Version Current

changes.mady.by.user Matthew Sywulak

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: v20241230a
Table of Contents

2024-12-1131

Status
colourBlue
titlenew feature
-

...

The Team search option within the Filters on the Dashboard has been updated to include an Organization search. This new search option allows you to search for a specific team or organization within the Dashboard. You can search using four different methods:

  1. Team Name: Search for a specific team by name.

  2. Organization Name: Search for a specific organization by name.

  3. Team ID: Search for a specific team by ID. This is the unique identifier for the team which is the same as organization ID.

  4. Domain Name: Search for a specific team by domain name.

...

Organizations are displayed in the search results with a building icon next to the name. This allows you to easily identify and filter by organization.

Status
colourBlue
titlenew feature
- Reinstall Option on Tenant Operations

On the Tenant Operations page Tenant Operations there is a new Reinstall option available. This option allows you to reinstall INKY for a specific tenant. To use this option, click the Reinstall button and confirm the action.

...

Note

This action will reinstall INKY for the selected tenant. All dashboard configuration will NOT BE modified. However, there may be a small window of time where messages are not processed by INKY. Only perform this action if you are sure you want to reinstall INKY for the tenant. If you have any questions reach out to INKY Support support@inky.com.

...

Status
colourBlue
titlenew feature
- Workflow Expiration Reminder Notifications

INKY’s Outbound Workflow includes notifications for messages held for review. Approval expirations can be set to 1, 2, 3, 5, 7, 14, 30, or 60 days, depending on the rule. However, longer approval periods carry the risk that the original approver might not act in time. To address this, we’ve introduced Expiration Reminders.

You can configure Expiration Reminders through the cog settings icon under the “Edit Rule” options. Simply select “Add Reminder” to set up the desired notifications. You can schedule up to two reminders with different intervals. For example, in the screenshot below, the 2 days and 4 hours option ensure the approver is notified 2 days and 4 hours before the original message’s expiration.

...

Status
titleENHANCEMENT
- Audit Log Updates

The Audit Logs has been updated to provide all accessible logs for the selected team or organization. INKY currently retains logs for the lifetime of the customer account (since June 2021). You can filter by the pre-selected timeframes or use the custom date range to view logs.

Find the audit logs at the bottom of this page: Admin Management - INKY

Status
titleENHANCEMENT
- Allow and Block List Comment Fields

The Allow and Block Lists have been updated to include a Comment field. This field allows you to add a comment to each entry in the list. Comments can be used to provide additional context or information about the entry. Comments cannot be changed once added, but you can delete and re-add the entry with a new comment if needed.

...

Burst Detection

Burst Detection will gradually roll out. If you are under a Burst Attack—often referred to as a Spam Bomb, Subscription Attack, Email Bomb, Email Flood Attack, or Email Storm—please reach out to support@inky.com to have this feature enabled specifically for your team or organization.

INKY introduces Burst Detection, a powerful new feature to help administrators detect and respond to sudden surges in email volume targeting specific recipients over a short period. These bursts can be part of a strategy to overwhelm or distract users, often paired with unsolicited tech support calls or other suspicious offers to help “resolve” the issue.

Configuration can be found on: https://app.inkyphishfence.com/settings/analysis

Learn more here: Burst Detection

Info

You can configure Burst Detection at either the team level or the organization level to apply consistent detection parameters across all teams. Any team-level setting will override the organization-level values.

With the new Burst Detection feature, administrators can configure:

  1. Burst Interval (seconds)
    Define a time window — for example, 300 seconds — within which to measure a surge in email volume.

  2. Message Threshold
    Set the minimum number of messages (e.g., 20) needed to trigger detection of a burst in that time interval.

  3. Burst Mode Cache Duration (seconds)
    Keep a recipient in “burst mode” for a set duration after the initial burst detection to ensure continued protection, even if the volume temporarily dips.

  4. Ignore Senders/Recipients for Burst Detection
    Specify email addresses or domains that should never trigger or be flagged as part of a burst (useful for high-volume internal senders or privileged services).

  5. Result Bucket
    Choose the category (e.g., “Caution (Spam)”) that INKY assigns when a message is detected as part of a burst.

  6. Delivery Target
    Override the delivery action (e.g., route to “Junk Folder”) for burst-detected messages.

  7. Exclude Internal or Trusted 3rd Party Messages
    Automatically skip internal or trusted third-party messages from burst calculations.

  8. Exclude Known External Messages
    Similarly, skip known external, trusted contacts from contributing to burst detection.

...

How It Works

When a sudden surge in email volume meets or exceeds the specified “Message Threshold” within the configured “Burst Interval,” the target recipient is immediately considered in “burst mode.” Messages are flagged under the “Suspicious Mail Burst” threat category, and INKY will apply the configured result bucket and delivery target for the duration of the “Burst Mode Cache.”

Use Burst Detection to protect against potential social engineering attacks that rely on message spamming, or to stay alert when a specific user suddenly becomes a high-volume email target.

For more information on setting up or fine-tuning Burst Detection, refer to your INKY documentation or contact your INKY support representative.

Status
titleENHANCEMENT
- New Brand Impersonation Filter

Found within the Dashboard Widget Filter Editor under Analysis → Brand Impersonation is a new capability to filter messages based on the detected brands domain. Selecting a specific brand’s domain or multiple brand domains will retrieve a list of messages that INKY has identified as Brand Impersonation based on the brand selected.

...

Status
titleENHANCEMENT
- Enhanced Email Header Inspection for Improved Security

With this update, hovering over the From and Reply-To email addresses in a message header will display a popup rendering the address in a mono-font and lowercase. This design improvement helps users quickly identify confusable characters and spot potential phishing attack vectors with greater ease.

...

Status
titleENHANCEMENT
- Improved Filter Descriptions

We've added concise, helpful descriptions to some of the less obvious filters in the Filter Editor. For example, the Brand Impersonation Filter now includes guidance on detecting impersonations based on a brand's primary domain. These updates make it easier to understand and configure filters for your security needs.

...