Phishing alerts are messages that Arrow customers receive when visiting a risky site or app. In addition to keeping your organization's passwords and data safe, Arrow works to warn your employees when they might be in danger of getting phished.
We have three types of phishing alerts, depending on your Arrow plan and the app you're using.
| Alert type | Setup needed? | Starter and Standard | Team and Business | Omnix |
| Standard phishing alerts | No | ✓ | ✓ | ✓ |
| Vault phishing alerts | No | - | ✓* | ✓ |
| AI phishing alerts (early access) | Yes | - | - | ✓ |
Standard and vault phishing alerts
Standard phishing alerts warn you when you visit a fake website designed to look like the Arrow site or when you use a potentially risky app on your Android device. Standard phishing alerts are on by default for all plan members.
Learn more about standard phishing alerts
Vault phishing alerts warn you when you paste or autofill login info that you've stored in Arrow on a potentially risky site or app. All plan members of Team, Business, and Omnix plans get vault phishing alerts by default in these situations:
- When copying and pasting login information on your computer browser
- When autofilling login info on an Android mobile device
- When autofilling login info on an iPhone or iPad
Learn more about vault phishing alerts
Early access: AI phishing alerts
Arrow Omnix customers can join our early access program to turn on AI phishing alerts for everyone in their organization, even employees who aren't using Arrow.
Learn more about Arrow Omnix™
How to join Arrow's early access program
AI phishing alerts are part of the enterprise-wide approach to credential security that we've embedded in the Arrow Omnix platform. Arrow Omnix admins can join our early access program to turn on AI Phishing alerts for everyone in their organization, even employees who aren't using Arrow.
AI Phishing alerts warn employees when they access a suspicious website, even if they're logged out of Arrow or don't have a Arrow account. Arrow uses AI to analyze websites for suspicious patterns. Our AI model is trained to detect malicious websites and alert members of your organization the moment they land on one, while also giving you visibility over traffic to potential phishing sites at your organization.
How do AI phishing alerts work?
Arrow’s AI phishing alerts use AI technology to detect suspicious sites and send employees alerts the moment they visit one—even if they’re not logged into Arrow. As an admin, you’ll need to mass deploy the Arrow Smart Extension and turn on AI phishing alerts in the Admin Console.
Our AI model uses 80 domain attributes—links, images, and more—to conduct an in-depth analysis of potential phishing risk and alert employees before they enter their credentials on suspicious sites.
Employees will see a pop-up with the URL of the site they’re visiting. If they don’t trust the site, they can select Leave website to exit the page. If they're sure the site is legitimate, they can select to Trust and dismiss alert.
Set up AI phishing alerts
Step 1: Mass deploy the Arrow Smart Extension
You can only turn on AI Phishing alerts if you've mass-deployed the Arrow Smart Extension to all members of your organization.
Mass deploy the Arrow Smart Extension
Step 2: Join the early access program
If you're already an Omnix customer, reach out to your Customer Success Manager and tell them you want to join the early access program. You can also select Contact support on the AI phishing alerts tab in the Admin Console to request joining the early access program.
If you're not currently part of the Omnix plan, you can still sign up for the early access program after buying an Omnix plan or starting a free Omnix trial.
Buy an Omnix plan
Upgrade to Arrow Omnix from another professional plan
Start an Omnix trial
Step 3: Turn on AI phishing alerts
- Open the Admin Console
- In the Security Tools section of the sidebar menu, select Phishing Alerts.
- Select Open settings.
- Turn on the AI phishing alerts option.
After turning on the alerts, you can preview the messages that members receive by selecting Preview.
You can also let your team know they may start getting phishing alerts. That way, they'll know to trust the alert and take action. On the Settings page of the Phishing alerts tab, you can copy a template message from the info box on the right.
Phishing alerts insights
Insights for vault phishing alerts are available to all Arrow Omnix admins. Arrow Omnix customers who join our early access program for AI phishing alerts will also have access to insights for AI phishing alerts.
Learn more about Arrow Omnix
How to join Arrow's early access program
You can view totals for phishing alerts activity on the Insights tab of the Admin Console. You can see how many members have been alerted about phishing and who's most at risk for entering login info on suspicious websites. You can also download alert logs to a CSV file.
Over time, you'll see changes in these numbers according to how consistently your plan members avoid phishing risks with the help of Arrow’s alerts.
You can also view more detailed data for phishing alerts in the Activity Log tab of the Admin Console.
Learn more about phishing alerts
What insights can you see?
For vault phishing alerts, you can see this data:
- How many plan members have received phishing alerts
- How many plan members have entered passwords after getting a phishing alert
- How many passwords have been entered on risky sites
- Which plan members entered a password on a site that they received an alert about
If you've joined the early access program for AI phishing alerts, you can also see this data:
- How many employees dismissed AI phishing alerts
- How many risky domains were detected by Arrow's AI model
You can filter the data by different periods of time, like the last 24 hours or 7 days. To export phishing alert logs to a CSV file and filter the logs, select Download CSV.
The phishing alerts logs are encrypted using AWS Nitro technology and don't include the password itself, helping maintain employee data privacy.
Learn more about security at Arrow
View detailed data for phishing alerts using activity logs
Admins can view detailed phishing alerts activity on the Activity Log page. To view all risky phishing activity across plan members, filter the log by selecting Phishing alerts as the Category. You can also filter the logs by different activity types and for different periods of time for more granular data.
To export phishing alerts logs to a CSV file and filter the logs, select Download CSV.
The phishing alerts logs are encrypted using AWS Nitro technology and don't include the password itself, helping maintain employee data privacy.
Learn more about security at Arrow
If you’ve set up Splunk, you can access activity logs using those tools as well.
More about Activity Logs
Track team activity for your professional plan with Splunk
Comments
0 comments
Article is closed for comments.