| Table of Contents |
|---|
2024-212-2331
| Status | |
|---|---|
|
...
|
...
|
...
The new user center is now generally available. It allows end-users the ability to manage their allow, block, and graymail list from the new dashboard experience. It also allows Signatures customers to customize their personal signatures. Look out for new user center features coming soon!
...
Please reach out to support@inky.com if you experience any issues with the new User Center or feedback@inky.com with any thoughts!
| Status | ||||
|---|---|---|---|---|
|
...
Burst Detection
Burst Detection will gradually roll out. If you are under a Burst Attack—often referred to as a Spam Bomb, Subscription Attack, Email Bomb, Email Flood Attack, or Email Storm—please reach out to support@inky.com to have this feature enabled specifically for your team or organization.
INKY introduces Burst Detection, a powerful new feature to help administrators detect and respond to sudden surges in email volume targeting specific recipients over a short period. These bursts can be part of a strategy to overwhelm or distract users, often paired with unsolicited tech support calls or other suspicious offers to help “resolve” the issue.
Configuration can be found on: https://app.inkyphishfence.com/settings/analysis, you’re now able to add a custom message to the First-Time Sender threat category. This is similar to our Sensitive Content policies for money, password, and covid-19 but specifically for the First-Time Sender threat category.
Including any verbiage, you’d like, as well as optional policy URLs, gives your user more context on what they should do when receiving a First-Time Sender.
...
After inputting your desired text it’ll now appear in all new First-Time Sender banners.
...
| Status | ||||
|---|---|---|---|---|
|
Within the allow list found on https://app.inkyphishfence.com/settings/allow-list, there are two new additional options: “Blocked Sender Location” and “Do not warn about Any Threats”. You can now allow these two threat categories at any point using the Add new entry option.
| Note |
|---|
Using the “Do not warn about Any Threats” is a blanket allow option that will let any message that matches the criteria set pass through INKY. It should be used for very specific purposes. We’ve also restricted this option to Super Admin only for the time being. |
...
| Status | ||||
|---|---|---|---|---|
|
Previously, Block Sender Locations only worked on M365 deployments. Now Google Workspace and Smart Host deployments can take advantage of sender location blocking the same way. Just navigate to the bottom of https://app.inkyphishfence.com/settings/analysis, enter in the countries you wish to block, and you’re all set!
| Status | ||||
|---|---|---|---|---|
|
Customers asked for the ability to close all details at once on the Observation Page, instead of closing each one individually. The marked icon in the picture below will now close all open detail views.
...
| Status | ||||
|---|---|---|---|---|
|
You can now search any of the Mail Group selectors instead of scrolling through the complete list.
...
| Status | ||||
|---|---|---|---|---|
|
...
Fixed bug in custom dashboard that ignored set filter mode when determining total message count
...
Fix teamid filter bug that would ignore user input while the initial team id list was loading
...
Learn more here: Burst Detection
| Info |
|---|
You can configure Burst Detection at either the team level or the organization level to apply consistent detection parameters across all teams. Any team-level setting will override the organization-level values. |
With the new Burst Detection feature, administrators can configure:
Burst Interval (seconds)
Define a time window — for example, 300 seconds — within which to measure a surge in email volume.Message Threshold
Set the minimum number of messages (e.g., 20) needed to trigger detection of a burst in that time interval.Burst Mode Cache Duration (seconds)
Keep a recipient in “burst mode” for a set duration after the initial burst detection to ensure continued protection, even if the volume temporarily dips.Ignore Senders/Recipients for Burst Detection
Specify email addresses or domains that should never trigger or be flagged as part of a burst (useful for high-volume internal senders or privileged services).Result Bucket
Choose the category (e.g., “Caution (Spam)”) that INKY assigns when a message is detected as part of a burst.Delivery Target
Override the delivery action (e.g., route to “Junk Folder”) for burst-detected messages.Exclude Internal or Trusted 3rd Party Messages
Automatically skip internal or trusted third-party messages from burst calculations.Exclude Known External Messages
Similarly, skip known external, trusted contacts from contributing to burst detection.
...
How It Works
When a sudden surge in email volume meets or exceeds the specified “Message Threshold” within the configured “Burst Interval,” the target recipient is immediately considered in “burst mode.” Messages are flagged under the “Suspicious Mail Burst” threat category, and INKY will apply the configured result bucket and delivery target for the duration of the “Burst Mode Cache.”
Use Burst Detection to protect against potential social engineering attacks that rely on message spamming, or to stay alert when a specific user suddenly becomes a high-volume email target.
For more information on setting up or fine-tuning Burst Detection, refer to your INKY documentation or contact your INKY support representative.
| Status | ||
|---|---|---|
|
Found within the Dashboard Widget Filter Editor under Analysis → Brand Impersonation is a new capability to filter messages based on the detected brands domain. Selecting a specific brand’s domain or multiple brand domains will retrieve a list of messages that INKY has identified as Brand Impersonation based on the brand selected.
...
| Status | ||
|---|---|---|
|
With this update, hovering over the From and Reply-To email addresses in a message header will display a popup rendering the address in a mono-font and lowercase. This design improvement helps users quickly identify confusable characters and spot potential phishing attack vectors with greater ease.
...
| Status | ||
|---|---|---|
|
We've added concise, helpful descriptions to some of the less obvious filters in the Filter Editor. For example, the Brand Impersonation Filter now includes guidance on detecting impersonations based on a brand's primary domain. These updates make it easier to understand and configure filters for your security needs.
...