Tag phishing_risk_zendesk on tickets, no rules for this
Hi folks, I'm seeing a tag be added on ticket creation, that there are no rules for in rule analysis, and just started appearing today. I have no idea why or what it means, is this part of a new release? The tag is "phishing_risk_zendesk" and it just started showing up today.
+1 on recently noticing this tag and not finding any info about it. I'd like to "turn it off" if possible.
Hey CJ and Thomas,
It looks like this is a new feature that was mentioned in this article towards the bottom: What's New quarterly roundup: May 2022
Our Team is slowly releasing a new feature that would let the Agents/Admins know that the ticket is a potential phishing email. This helps agents by alerting them when a potential email phishing attack has been detected in a ticket conversation. So the tag you are seeing “phishing_risk_zendesk” being added to tickets is part of this feature. Agents who have access to editing tags/Admins can just remove and add the tag and submit the ticket if they identified that a ticket is a phishing attempt or not. Once the feature is fully deployed, you will see the alert in the ticket that would look like this if the tag is present on the ticket.
If you prefer not to have this tag added to a ticket, you could create a trigger that looks for this tag and then removes it.
Let me know if you have any other questions!
Brett Bowser are you referring to this line from May's "Coming Soon" section?
- Agent warnings when potential email phishing attacks are detected in a ticket conversation.
Are there plans to announce this feature more fully? Is there any additional information about this feature, or places to submit feedback? It's marking tickets from a well-known fortune 500 as phishing risks every time, for example.
This is marking invitations sent to us by clients from our own software as a phishing risk, not to mention emails from trusted clients. We use tags for visibility of important information, and this is creating noise for our agents.
We'll implement Brett's suggestion of a trigger, but I can't understand why this wasn't implemented as a setting or trigger we can turn off, rather than something we have to create a custom trigger to remove.
Hey CJ and Nicky,
I agree that it would be beneficial that there was a simple checkbox that could toggle this feature off instead of setting up a separate trigger.
I'd recommend sharing that feedback in our Feedback - Ticketing System (Support) topic and I'll be sure to share that with our PM in charge of this functionality.
Thanks so much for bringing this to our attention!
Nicky Clark said it best. This is creating Noise. Every ticket sent to us from our application goes through our server first before it is sent to Zendesk. Since the "Reply-To" email (customer using the application) is different from the received from email/domain (our servers), the new tag is flagging everything.
Brett Bowser I appreciate you bringing this up to your PM
You guys are really causing issues in 2022, and zero solutions when called out other than strange workarounds. Like everyone else in this thread, this "feature" is a BUG, and it is spreading across all of our accounts. Can we reset the simulation to 2021 please?
I did not see a post in the Feedback topic so I have created one.
Hi everyone, in case you haven't seen it, there's a new help center article on this functionality: Using ticket alerts to help defend against email phishing attacks
Turns out this feature hasn't even released fully:
Please sign in to leave a comment.