Fraud Defense: Frequently Asked Questions (FAQ)

General Questions

What Is Fraud Defense?
Fraud Defense is a proactive cybersecurity solution designed to detect and mitigate email-based fraud attempts, including phishing, financial fraud attempts, and impersonation. By analyzing incoming emails for suspicious patterns, domain reputations, and sender behaviors, Fraud Defense provides real-time alerts to help your team stay ahead of threats.

How Does Fraud Defense Protect My Organization?
Fraud Defense continuously monitors your organization’s email traffic and flags suspicious emails based on factors such as unusual formatting, risky sender domains, and compromised email addresses. With real-time alerts, your team can respond quickly to potential threats before they cause damage.

How Are Emails Flagged As Suspicious?
Emails are flagged based on several criteria, including:

• Suspicious email structure (e.g., unusual formatting or deceptive headers).
• Low domain reputation (e.g., newly registered or untrusted domains).
• Sender email analysis (e.g., matches with known compromised or malicious accounts).
• Lookalike domains resembling your organization’s official domain.

Integration & Setup

What Email Platforms Does Fraud Defense Support?
Fraud Defense integrates exclusively with:

• Microsoft 365
• Google Workspace

How Do I Enable Fraud Defense For My Organization?
To enable Fraud Defense, follow these steps:

1. Log in to the At-Bay Stance Application.
2. Navigate to the Fraud Defense section or click here.
3. Click the Join Now button.
4. Choose your mail vendor (Microsoft 365 or Google Workspace) and click Continue
5. Follow the steps to complete the integration.

Is There A Limit To The Number Of Email Accounts I Can Connect?
Yes, each At-Bay Stance account can be linked to only one Microsoft 365 account or one Google Workspace account. Multiple connections within a single At-Bay Stance account are not supported.

Can I Integrate Fraud Defense With Accounts Beyond Microsoft 365 And Google Workspace?
Currently, Fraud Defense is only compatible with Microsoft 365 and Google Workspace. Other email platforms are not supported.

How Do I Disable Fraud Defense?
To disable Fraud Defense, follow these steps:

1. Log in to the At-Bay Stance Application.
2. Navigate to the Fraud Defense section and then to the Configuration Tab.
3. Move the toggle to disable the feature.

Permissions & Requirements

What Administrative Permissions Are Required To Integrate Fraud Defense?
For successful integration, the following permissions are required:

Microsoft 365:

• Sign in and read user profiles.
• Read all audit log data.
• Read directory data.
• Read all Azure AD recommendations.
• Read domains.
• Read mail in all mailboxes.
• Read and write mail in all mailboxes.
• Read all user mailbox settings.
• Read all usage reports.
• Read role management data for all RBAC providers.
• Read all security alerts.
• Read your organization’s security events.
• Read all users’ full profiles.

Google Workspace:

• View usage reports for your G-Suite domain.
• View domains related to your customers.
• See info about users on your domain.
• Associate you with your personal info on Google.
• See your personal info, including any personal info you’ve made publicly available.
• See your primary Google Account email address.

Account Limitations & Support

Can I Onboard Fraud Defense If I Have Over 10,000 Users?

• Self-Onboarding: Available for organizations with up to 10,000 users.
• For organizations with more than 10,000 users: Contact security@at-bay.com for personalized onboarding assistance.

How Many Users Can Fraud Defense Support?
Fraud Defense can support organizations of all sizes. However, personalized onboarding is required for organizations with more than 10,000 users.

Is There A Limit On The Number Of Flagged Emails I Can Review?
No, there is no limit. Fraud Defense allows you to review all flagged emails based on your configured preferences.

Alerts & Notifications

What Types Of Alerts Will I Receive?
Fraud Defense sends two types of alerts:

• In-App Alerts: Detailed issues containing information about flagged emails appear directly within the At-Bay Stance Application for investigation. These are visible only to administrators.
• Email Alerts: Notifications about suspicious activity are sent to designated recipients, such as end users or security teams.

How Are Flagged Emails Prioritized?
Flagged emails are prioritized based on their Risk Score and Confidence Level. Higher scores indicate greater suspicion and urgency, helping your team focus on high-risk emails first.

How Can I Resolve Flagged Emails?
After reviewing a flagged email:

• If it’s legitimate, mark it as “Resolved” (this option is available only in At-Bay Stance). Administrators can document the reasoning for marking emails as resolved.
• If it’s fraudulent, escalate the issue to your security team for further investigation or action.

Managing Threats

What Should I Do If An Email Looks Suspicious?
If you receive a flagged email, follow these steps:

1. Review the sender, subject, and content of the email.
2. Verify the sender’s identity through a trusted communication channel (e.g., official phone number).
3. If the email is confirmed to be fraudulent, escalate the issue and notify impacted users.
4. Document the reasoning for marking the email as resolved if it was falsely flagged.

How Can I Educate My Team On Email Security?
Fraud Defense includes a free Security Awareness Training feature, designed to help employees recognize phishing attempts, social engineering tactics, and other types of fraud. Enable this feature from your dashboard.

Mark as Resolved (Available only in At-Bay Stance):
Once you’ve reviewed an email, you can close the issue:

1. Select the flagged email(s).
2. Choose why the issue is invalid (e.g., trusted sender).
3. Click “Mark as Resolved” to close the issue.

Technical Support

What Should I Do If I Encounter Issues During Setup?
If you experience issues during setup, refer to the Support section of your dashboard or contact our support team at security@at-bay.com for assistance.

How Can I Contact Support If I Have More Than 10,000 Users?
For organizations with more than 10,000 users, reach out to security@at-bay.com for personalized onboarding help.

Where can I see the Terms of Service?
You can view the At-Bay Stance Terms of Service here.

Other Questions

Is Fraud Defense Effective Against All Types Of Email-Based Fraud?
Fraud Defense is highly effective at detecting phishing, business email compromise (BEC), impersonation, and other email-based fraud tactics. However, no system can guarantee 100% protection. It’s essential to stay vigilant and educate your team on cybersecurity best practices.

Are you using data from our environment to train AI models?
No, we do not use your data to train any AI models.

Are you retaining data on servers in other countries?
No, data is processed and stored exclusively in AWS data centers located in the United States.

Is any mailbox or threat data stored or logged outside our tenant?

Yes, mailbox and threat data are processed and logged securely in our US-based AWS environment, outside of your tenant.

Is all data encrypted both in transit and at rest?

Yes, all data is fully encrypted both in transit and at rest, ensuring confidentiality and protection at every stage.

Is access to logged or processed data internally restricted based on role or need-to-know?

Yes, access is strictly limited to the Cyber Research team and is governed by the principle of least privilege.

Do you maintain audit logs of access and actions, and support formal incident response procedures?

Yes, all access and actions are logged. We maintain comprehensive audit trails and adhere to SOC 2 compliance standards, including formal incident response procedures.

Do you offer a FERPA data protection agreement or have any documentation demonstrating FERPA and GLBA alignment?

No, we do not support FERPA or GLBA-specific agreements. However, our solution does not process or access student data—we focus exclusively on protecting company employee data.

If you have additional questions, contact our support team at security@at-bay.com. We’re here to help keep your organization secure!