Fraud Defense: Frequently Asked Questions (FAQ)

General Questions

1. What Is Fraud Defense?
Fraud Defense is a proactive cybersecurity solution designed to detect and mitigate email-based fraud attempts, including phishing, business email compromise (BEC), and impersonation. By analyzing incoming emails for suspicious patterns, domain reputations, and sender behaviors, Fraud Defense provides real-time alerts to help your team stay ahead of threats.

2. How Does Fraud Defense Protect My Organization?
Fraud Defense continuously monitors your organization’s email traffic and flags suspicious emails based on factors such as unusual formatting, risky sender domains, and compromised email addresses. With real-time alerts, your team can respond quickly to potential threats before they cause damage.

3. How Are Emails Flagged As Suspicious?
Emails are flagged based on several criteria, including:

• Suspicious email structure (e.g., unusual formatting or deceptive headers).
• Low domain reputation (e.g., newly registered or untrusted domains).
• Sender email analysis (e.g., matches with known compromised or malicious accounts).
• Lookalike domains resembling your organization’s official domain.

Integration & Setup

4. What Email Platforms Does Fraud Defense Support?
Fraud Defense integrates exclusively with:

• Microsoft 365
• Google Workspace

5. How Do I Enable Fraud Defense For My Organization?
To enable Fraud Defense, follow these steps:

1. Log in to the At-Bay Stance Application.
2. Navigate to the Fraud Defense section.
3. Click the Join Now button.
4. Choose your mail vendor (Microsoft 365 or Google Workspace) and complete the integration setup.

6. Is There A Limit To The Number Of Email Accounts I Can Connect?
Yes, each At-Bay Stance account can be linked to only one Microsoft 365 account or one Google Workspace account. Multiple connections within a single At-Bay Stance account are not supported.

7. Can I Integrate Fraud Defense With Accounts Beyond Microsoft 365 And Google Workspace?
Currently, Fraud Defense is only compatible with Microsoft 365 and Google Workspace. Other email platforms are not supported.

8. How Do I Disable Fraud Defense?
To disable Fraud Defense, follow these steps:

1. Log in to the At-Bay Stance Application.
2. Navigate to the Fraud Defense section and then to the Configuration Tab.
3. Move the toggle to disable the feature.

Permissions & Requirements

9. What Administrative Permissions Are Required To Integrate Fraud Defense?
For successful integration, the following permissions are required:

Microsoft 365:

• Sign in and read user profiles.
• Read all audit log data.
• Read directory data.
• Read all Azure AD recommendations.
• Read domains.
• Read mail in all mailboxes.
• Read and write mail in all mailboxes.
• Read all user mailbox settings.
• Read all usage reports.
• Read role management data for all RBAC providers.
• Read all security alerts.
• Read your organization’s security events.
• Read all users’ full profiles.

Google Workspace:

• View usage reports for your G-Suite domain.
• View domains related to your customers.
• See info about users on your domain.
• Associate you with your personal info on Google.
• See your personal info, including any personal info you’ve made publicly available.
• See your primary Google Account email address.

Account Limitations & Support

10. Can I Onboard Fraud Defense If I Have Over 10,000 Users?

• Self-Onboarding: Available for organizations with up to 10,000 users.
• For organizations with more than 10,000 users: Contact security@at-bay.com for personalized onboarding assistance.

11. How Many Users Can Fraud Defense Support?
Fraud Defense can support organizations of all sizes. However, personalized onboarding is required for organizations with more than 10,000 users.

12. Is There A Limit On The Number Of Flagged Emails I Can Review?
No, there is no limit. Fraud Defense allows you to review all flagged emails based on your configured preferences.

Alerts & Notifications

13. What Types Of Alerts Will I Receive?
Fraud Defense sends two types of alerts:

• In-App Alerts: Detailed issues containing information about flagged emails appear directly within the At-Bay Stance Application for investigation. These are visible only to administrators.
• Email Alerts: Notifications about suspicious activity are sent to designated recipients, such as end users or security teams.

14. How Are Flagged Emails Prioritized?
Flagged emails are prioritized based on their Risk Score and Confidence Level. Higher scores indicate greater suspicion and urgency, helping your team focus on high-risk emails first.

15. How Can I Resolve Flagged Emails?
After reviewing a flagged email:

• If it’s legitimate, mark it as “Resolved” (this option is available only in At-Bay Stance). Administrators can document the reasoning for marking emails as resolved.
• If it’s fraudulent, escalate the issue to your security team for further investigation or action.

Managing Threats

16. What Should I Do If An Email Looks Suspicious?
If you receive a flagged email, follow these steps:

1. Review the sender, subject, and content of the email.
2. Verify the sender’s identity through a trusted communication channel (e.g., official phone number).
3. If the email is confirmed to be fraudulent, escalate the issue and notify impacted users.
4. Document the reasoning for marking the email as resolved if it was falsely flagged.

17. How Can I Educate My Team On Email Security?
Fraud Defense includes a free Security Awareness Training feature, designed to help employees recognize phishing attempts, social engineering tactics, and other types of fraud. Enable this feature from your dashboard.

Mark as Resolved (Available only in At-Bay Stance):
Once you’ve reviewed an email, you can close the issue:

1. Select the flagged email(s).
2. Choose why the issue is invalid (e.g., trusted sender).
3. Click “Mark as Resolved” to close the issue.

Technical Support

18. What Should I Do If I Encounter Issues During Setup?
If you experience issues during setup, refer to the Support section of your dashboard or contact our support team at security@at-bay.com for assistance.

19. How Can I Contact Support If I Have More Than 10,000 Users?
For organizations with more than 10,000 users, reach out to security@at-bay.com for personalized onboarding help.

Other Questions

20. Is Fraud Defense Effective Against All Types Of Email-Based Fraud?
Fraud Defense is highly effective at detecting phishing, business email compromise (BEC), impersonation, and other email-based fraud tactics. However, no system can guarantee 100% protection. It’s essential to stay vigilant and educate your team on cybersecurity best practices.

If you have additional questions, contact our support team at security@at-bay.com. We’re here to help keep your organization secure!