Check Point Email Security | Blog

Sending Phishing Emails to Junk Remains a Bad Idea

Written by Jeremy Fuchs | September 21, 2022

A few years back, we coined the term "Dumpster Diving."

Dumpster Diving refers to the practice where marketing emails, subscriptions, and targeted phishing attacks are commingled in the Junk folder, making them immediately accessible to the end-user. Many organizations send all Defender detections to the Junk folder. 

Microsoft has now changed its tune a bit. As they write:

Our data indicates that a user is 30 times more likely to click a malicious link in messages in the Junk Email folder versus Quarantine. Our data also indicates that the false positive rate (good messages marked as bad) for high confidence phishing messages is very low, and admins can resolve any false positives with admin submissions.

Malware and high confidence phishing messages should be quarantined. 

Having your users be your enforcement tool can have disastrous results.  

Avanan catches the targeted attacks that EOP and ATP miss. Because of that, we can limit our false positive rates, meaning your protection is broader and more effective. Your users don’t have to fend for themselves because the Avanan solution is meant to be a unified, all-in-one protection platform.