YCG Email Protection
YCG Email Protection is an email product that uses sophisticated machine learning and artificial intelligence to analyze incoming messages for signs of phishing, spam, and other email-based threats.
The banners are inserted by YCG Email Protection to alert you of any possible threats in your emails. The banners also display the email sender’s address and mark if an email is internal (from someone in your organization) or external. If you see these banners, it means that your IT staff has deployed Email Protection and included you in the group of protected users.
A gray banner indicates that YCG Email Protection did not find anything unusual or suspicious about the message. Even though the message was not classified as threatening, you should always check the displayed sender address and the source type to be sure it makes sense (e.g., an external webmail address for a message from a colleague may be cause for concern).
A yellow banner indicates that Email Protection found something unusual about the email message. It is not necessarily phishing or dangerous, but something you should be aware of. For example, a request for sensitive personal information should be given extra scrutiny. Mail that seems out of the ordinary or is spammy in some way may receive a yellow banner.
A red banner indicates that Email Protection thinks the message is suspicious and likely to be phishing or dangerous in some other way. This includes brand impersonations (e.g., a fake “account alert” email from your IT department), blacklisted phishing URLs, or attempts to spoof mail to look like it came from an internal company account.
Look carefully at who the mail is from and whether it is from a source you trust. Be especially careful about clicking any links in the body of the email or opening any attachments.
What should I do if I receive an email with a red banner? Why did I receive it if it’s considered dangerous?
In most cases, you can simply delete the message and move on. In many YCG Email Protection deployments, your IT staff, security team, or email administrator will configure your mail server to quarantine or delete “red flagged” mail before it reaches your mailbox. In other cases, the mail will still be delivered with the banner telling you to be careful.
What does the “Report This Email” link do? How do I provide feedback on YCG Email Protection’s analysis?
If you think YCG Email Protection has made a wrong classification, or if you just want to confirm that Email Protection got it correct, click the “Report This Email” link found in the bottom-right corner of each banner.
This will take you to a web form where you can indicate that the message is truly Safe, Spam, or Phishing. You can also provide a comment describing your assessment. This feedback is used to automatically improve Email Protection’s predictions in the future. Your submissions are also manually reviewed to improve the overall system and ensure Email Protection provides the most accurate security possible.
Part of YCG Email Protection is the ability to perform real-time checks on any links you click. If this feature is enabled, clicking on links in a yellow or red banner email will take you to a page reiterating that Email Protection found the message to be unusual or suspicious. In some cases, a message that originally only had a grey banner contains a link that is later detected as a dangerous phishing URL. In that case, when you click the link, Email Protection’s real-time check will detect you clicked on a bad link, and you’ll be met with a blocker page alerting you of that fact.
Please contact your IT staff, security team, or email administrator who can pass your feedback along to the appropriate YCG support person. They will be able to fine-tune your Email Protection policies and settings to help make things work as smoothly as possible.