Home Email Barracuda Email Threat Scan

Barracuda Email Threat Scan

85
0
barracuda email threat scan

Barracuda Email Threat Scanner

Utilize the Barracuda Email Threat Scanner for free to identify spear-phishing and targeted attacks in your Microsoft Office 365 account. The scanner utilizes the artificial intelligence engine of Barracuda Sentinel to examine your Office 365 accounts for various attacks that may be lurking in user mails. The cloud-based scanner operates in the background and is capable of detecting threats such as spear phishing assaults, breaches of a company email, and account takeover attempts. When the scan is complete, the following are highlighted:

  • Threats discovered in your organization – in descending order
  • Threats discovered in your organization – categorically
  • Which of your staff faces the greatest danger?
  • The DMARC record status for your domain.

Barracuda’s Email Threat Scanner analyses email received during the last year. Signing up for the scan takes roughly two minutes. The duration of the scan is dependent on the size of your Office 365 mailboxes and can range from one to twenty-four hours.

Note

To configure the Barracuda Email Threat Scanner, you must have Global Admin capabilities in your Office 365 account. If you are not an administrator, you can request a demonstration on the scanner’s starting page.

Barracuda is committed to protecting your privacy. To learn more about scan privacy and the Microsoft rights required to execute a scan, see Barracuda Email Threat Scanner Data Privacy.

Starting the Scan

If you have a Barracuda account, follow these steps:

  1. Access the scan page at https://scan.barracudanetworks.com.
  2. Enter your Barracuda username and password and click Sign In.
  3. Examine Barracuda Networks’ privacy statement. Select the checkbox if you agree.
  4. Scan Now is selected.

Barracuda’s Email Threat Scanner begins scanning your Office 365 account for threats immediately. While the scan is running, status notifications at the top of the screen notify you of the scan’s status, the amount of time since it began, the amount of time remaining, the number of emails examined, and the number of threats found thus far.

If you do not already have a Barracuda account, please follow these steps:

  1. Access the scan page at https://scan.barracudanetworks.com.
  2. To sign up for Microsoft Office 365, click Sign Up.
  3. Select the appropriate Office 365 account from the drop-down menu.
  4. If you are not already logged in to your Office 365 account, enter your Office 365 username and password and click Sign In. This step does not appear if you are already logged in.
  5. Examine the permissions that Microsoft has requested. Accept if you agree.
  6. Create an account with Barracuda Networks by providing your email address, a password, and a phone number.
  7. Examine Barracuda Networks’ privacy statement. Select the checkbox if you agree.
  8. Scan Now is selected.

Barracuda’s Email Threat Scanner begins scanning your Office 365 account for threats immediately. While the scan is running, status notifications at the top of the screen notify you of the scan’s status, the amount of time since it began, the amount of time remaining, the number of emails examined, and the number of threats found thus far.

Scan Summary

Reviewing the Scan Summary

When the threat scan is complete, a green bar appears in the header section and the Scan Status is set to Completed. Additionally, the header indicates the date and time the scan was performed, the scan duration, the total number of emails scanned in your Office 365 account, and the number of threats found inside those emails.

The Scan Summary page summarises your scan results. To view comprehensive information later in the report, click Details in any section.

  • Threats Discovered – The total number of threat emails discovered in all of your employees’ inboxes during the last 12 months. Above the graph, the cumulative sum of threats for the last 12 months is displayed. Hover over any point to see the month’s total number of threats.
  • Employees Who Have Received Threats – The total number of unique employees who have received at least one threat email in the preceding 12 months. Above the graph, the cumulative total for the year is displayed. Hover over any point to see the number of affected employees for that month.
  • Threat Types Discovered — The total number of email threats received during the last 12 months is displayed by category. Hover over each danger type to view the number of threats classified in that category over the previous 12 months and to learn more about that threat type.
  • Domain DMARC Status – The total number of domains in your organization’s DMARC protection status categories.

Employees

The Employees section contains information about your employees and any attacks they may have suffered.

Risk Level — At the top of the Employees section, boxes indicate which employees have Office 365 mailboxes. Each box indicates the overall number of employees as well as the number of employees classified as High, Medium, or Low-Risk. Select a box to view employees belonging to that group in the sortable Employees table. The table is initially ordered by Risk-Level.

The risk level of a person is determined by a variety of factors, including whether the person has access to financial data or is a senior executive in your firm; the number and type of factors that affect an individual determine their risk level. The table indicates whether or not each individual has any high-risk factors.

Utilize the Search employees box to narrow the displayed list of employees. You may enter search words such as a full or partial name, an email address, or a title.

Viewing Emails — To view additional information on an employee who has received one or more threats, click View Details. To investigate an email threat, locate it and click View Email.

The assault information page contains the following:

  • Your system’s date and time stamp for when the email was received.
  • The email is analyzed to determine why it represents a threat.
  • Information about the recipient, sender, date, and subject.
  • Email tab – displays the email’s text.
  • Header tab — displays the email’s header information.

If your business has Barracuda Forensics & Incident Response enabled, Search for Similar Messages opens Barracuda Forensics & Incident Response, a separate Barracuda product. Barracuda Forensics & Incident Response can track down and respond to messages sent to your company that are identical to or similar to the threat you’ve previously received. Barracuda Forensics & Incident Response is covered in Barracuda Campus and on the Barracuda website’s product page.

To return to the list of threats discovered, click Back. To return to the scan report, click Close.

Threats

The Threats section provides information on the threats that have been detected in your organization’s email.

The following information is displayed in the Threats table:

  • Received – The most recent (or first) date on which this email was received by someone in your company.
  • Number of Recipients – The total number of people in your company that got this email threat.
  • Sample Recipient — Information for one of the recipients who got the email threat in your organization. This person will be chosen at random.
  • Email – This email threat’s subject line and sender information. Also, see the section below on Action.
  • Attack Type — The type of attack that this email threat belongs to. To learn more about an attack-type, hover over it.

To learn more about the email threat, click View Email. See the section below on how to see the email.

To find a certain threat or threat category, use the following steps:

  • Searching — In the Search threats box, type one or more search phrases.
  • Filtering — To select a certain assault-type, click the Filter area. By default, the filter shows All Attack Types, and the table shows all emails with all attack types.

Examining an Email

To learn more about the email threat, click View Email. To return to the scan report, click Dismiss.

For further information, see the Employees section’s Viewing an Email section.

DMARC Protection Status of Your Domains

This section displays your system’s domains as well as their DMARC protection status. The top of the Domains section displays the total number of domains you have.

Each domain’s DMARC protection status is displayed.

To learn more about each domain, click View Details. If one or more of your domains are not configured for DMARC, the scan strongly suggests getting Barracuda Sentinel to put it up.

Use the Search domains box to narrow down the list of domains presented. You could use phrases like a whole or partial domain name or status in your search.

Configuring SPF, DKIM, and DMARC, as well as Configuring and Enabling DMARC on Your Domain Using Sentinel, provide more information on DMARC.

Sharing the Scan Report

You have the option of downloading a PDF or sharing a private link to share the scan report with others.

How to Make a PDF?

  1. Click Share in the upper right corner of the scan results.
  2. Select PDF as the output format.

The PDF is immediately downloaded to your default download location.

The date you exported your scan results is included in the file name of the PDF.

Developing a Shared Link

  1. Click Share in the upper right corner of the scan results.
  2. Check to see if the slider is set to green Enabled. (For further information, see Disabling Sharing.)
  3. Copy the secret, one-of-a-kind link to your clipboard by clicking Copy.
  4. Copy the link and send it to your recipients in a secure message.

When recipients click the link, they will be taken to your scan report.

Expiration of the link

After you create the scan, the shareable link will expire in 7 days. Below the share link is the expiration date. Your recipients will no longer be able to read your scan report after this date.

Repeat the procedures above if necessary to receive a fresh link to the same report.

Sharing is disabled.

You can disable others’ access to your report if you decide you no longer wish to share it with them.

  1. To prevent the scan report from being shared, follow these steps.
  2. Click Share in the upper right corner of the scan results.
  3. Make sure the slider is set to Disabled.

The link will be removed automatically, and recipients will no longer be able to access your scan results.

Steps to Follow

Getting ahold of Barracuda Sentinel

The Barracuda Email Threat Scanner displays all of the dangers that have made it into your employees’ inboxes. For 14 days, try Barracuda Sentinel for free to see how well it can detect these attacks.

Click Start a Free Trial in the upper and lower right corners of your completed scan report to get a free 14-day trial.

Getting Rid of Attacks Discovered During the Scan

If attacks were discovered during the scan, install Barracuda Sentinel and proceed with Removing Attacks Discovered During a Barracuda Email Threat Scan.