Email client add-ins for user feedback¶

The Coro email client Add-in enables users to report potentially malicious emails for themselves. Users can also report emails that they believe were incorrectly flagged by Coro.

The Coro add-in is compatible with both web interfaces and native applications for:

• Microsoft Outlook

• Gmail

Installing the Coro add-in for Microsoft Outlook¶

You can install the Microsoft Outlook Add-in directly from the Coro console.

To install the Microsoft Outlook add-in:

1. Log into the Coro console and select Control Panel from the toolbar:

   

2. Select Email Security:

   

3. Select the Add-ins tab:

   

4. Select Install for Outlook 365:

   

   The Microsoft AppSource page appears.

5. Follow the on-screen instructions to install the Microsoft Outlook add-in.

Installing the Coro add-in for Gmail¶

You can install the Gmail add-in directly from the Coro console.

To install the Gmail add-in:

1. Log into the Coro console and select Control Panel from the toolbar:

   

2. Select Email Security:

   

3. Select the Add-ins tab:

   

4. Select Install for Gmail:

   

   The Google Workspace Marketplace webpage appears.

5. Select Install.

   The Get ready to install dialog appears:

   

6. Select CONTINUE.

7. Review the request for the Coro Gmail add-in to access your Google Workspace account. Select Allow to proceed with the installation:

   

   The installation starts.

   After the installation completes, a message appears informing you that the Coro Gmail add-in installation was successful:

   

8. Select DONE to complete the installation process.

Using the Coro add-in¶

After installation, the look and feel of the UI depends on whether you are using the add-in in a web interface or native application. The following functionality demonstration uses the Microsoft outlook add-in within the native Microsoft Outlook application.

If you suspect an email as phishing:

• Select the email and then select the Coro icon on the top toolbar:

• The Coro add-in panel is displayed:

• Select the REPORT PHISHING button. A Marked as phishing label is appended to the top of the email:

• The email is automatically moved to the Suspected folder:

To report an email in the Suspected folder as safe:

• Select the email within the Suspected folder, and then select the Coro icon on the top toolbar.
• Select the MARK AS SAFE button. The email is moved from the Suspected folder to your inbox.

How Coro processes user reports¶

Coro processes a user report based on whether or not a ticket was already raised against that email. In other words, Coro might have identified the email as containing malicious content and already raised a ticket in the console before the user report is received.

Equally, in some cases, Coro might receive a user report for an email that does not meet the threshold for suspicious content, and thus no ticket has been raised.

If Coro has already raised a ticket, the outcome of the user report also depends on whether that ticket has been automatically remediated and closed, or remains open for admin user review.

The following matrix summarizes each scenario and the action Coro takes:

In the Ticket Log, tickets affected by a user report are displayed with a "phishing" or "safe" feedback icon: