Endida Anti-Phishing Solution (EAPS) is an email protection product that uses sophisticated machine learning and artificial intelligence to analyse incoming messages for signs of phishing, spam, and other email-based threats.
The color-coded banners are inserted by Endida to alert you of any possible threats in your emails. The banners also display the email sender’s address and mark if an email is internal (from someone in your organisation) or external. If you see these banners, it means that your IT staff has deployed EAPS and included you in the group of protected users.
A gray banner indicates that EAPS did not find anything unusual or suspicious about the message. Even though the message was not classified as threatening, you should always check the displayed sender address and the source type to be sure it makes sense (e.g., an external webmail address for a message from a colleague may be cause for concern).
A yellow banner indicates that EAPS found something unusual about the email message. It is not necessarily phishing or dangerous but something you should be aware of. For example, a request for sensitive personal information should be given extra scrutiny. Mail that seems out of the ordinary or is spammy in some way may receive a yellow banner.
A red banner indicates that EAPS thinks the message is suspicious and likely to be phishing or dangerous in some other way. This includes brand impersonations (e.g., a fake “account alert” email from your IT department), blocked phishing URLs, or attempts to spoof mail to look like it came from an internal company account.
Look carefully at who the mail is from and whether it is from someone you trust. Be especially careful about clicking any links in the body of the email or opening any attachments.
In most cases, you can simply delete the message and move on. In many EAPS deployments, your IT staff, security team, or email administrator will configure your mail server to quarantine or delete “red-flagged” mail before it reaches your mailbox. In other cases, the mail will still be delivered with the banner telling you to be careful.
If you think EAPS has made a wrong classification, or if you just want to confirm that EAPS got it correct, click the “Report This Email” link found in the bottom right corner of each banner. This will take you to a web form where you can indicate that the message is truly Safe, Spam, or Phishing. You can also provide a comment describing your assessment. This feedback is used to automatically improve EAPS’ predictions in the future. Your submissions are also manually reviewed to improve the overall system and ensure INKY provides the most accurate security possible.
Part of EAPS’ protection is the ability to perform real-time checks on any links you click. If this feature is enabled, clicking on links in a yellow or red banner email will take you to a page reiterating that EAPS found the message to be unusual or suspicious. In some cases, a message that originally only had a gray banner contains a link that is later detected as a dangerous phishing URL. In that case, when you click the link, EAPS’ real-time check will detect you clicked on a bad link, and you’ll be met with a blocker page alerting you of that fact.