Skip to main content

Auto Response Notifications

  • Updated

Create an Automatic Reply Template

Only users with the Organization Administrator role can create automatic reply templates.

  1. Go to Settings > Manage.
  2. Click Add Template.
  3. Select a Template. A template includes which event triggers a reply and suggested content for that reply.
  4. Enter a descriptive Name.
  5. Decide whether you want to use this template for automatic responses to phishing reporters.
  6. Make any desired changes to the response content. See Automatic Reply Template Settings for details.
  7. Click Create

Edit an Automatic Reply Template

Only users with the Organization Administrator role can edit automatic reply templates.

  1. Go to Settings > Manage.
  2. Click a Template Name.
  3. In the Edit Template dialog box, make any desired changes. See Automatic Reply Template Settings for details.
    Note : You cannot change the value of the Template field.
  4. Click Update.

Automatic Reply Template Settings

This topic describes the settings for Phishing Response automatic replies.

Setting Description
Template

The template defines what event triggers a response to a phish reporter. Select from:

  • Investigation Created Notification - To have messages sent when a reported phish creates a new investigation or is added to an existing investigation.
  • Investigation Closed Notification - To have messages sent when an investigation that contains a reported phish is closed.
Name The name of the template. This is what appears in the list of templates. You can enter free-form text here. A good name is one that summarizes what the messages are for and what it contains.
Auto Respond

A checkbox that determines whether the template is used to send out messages when the defined event occurs.

Because you can define more than one template for an event, it is possible that phish reporters or others could receive multiple messages per event. Be careful how many templates you design and enable for each event and who gets those messages.
To Enter the email addresses and the {{PHISH_REPORTER}} variable where the messages needs to be sent. See the Template Variables section below for details about all the variables you can use.
Subject This is the subject line of the messages sent and can contain any variable. See the Template Variables section below for details about all the variables you can use.
Content This is the body of the messages sent and can contain any variable. See the Template Variables section below for details about all the variables you can use.


Template Variables

Template content can contain variables. When messages are sent, message instances of the variables are replaced with their values.

Variables must be formatted correctly to work. The format you must use is 2 opening braces, followed by the variable name in ALL CAPS, followed by 2 closing braces, like this: {{VARABLE_NAME}}. The following table lists all the variables you can use in automatic reply template content.

Variable Name Value Description
{{CURRENT_DATE}} The UTC (Coordinated Universal Time) date that the message is sent.
{{CURRENT_TIME}} The UTC time that the message is sent.
{{CURRENT_DATETIME}} The UTC date and time that the message is sent.
{{PHISH_SUBJECT}} The subject line of the message reported as a phish.
{{PHISH_REPORTER}} The name of the person who reported the phish.
{{PHISH_RECEIVED_AT}} The date and time (in UTC) that Phishing Response received the phish report.
{{INVESTIGATION_ASSIGNEE}} The name of the Phishing Response user who is assigned the investigation at the time the automatic response is sent.
{{INVESTIGATION_ID}} The unique identifier of the Phishing Response investigation that the phish report creates or is added to.
{{INVESTIGATION_CLASSIFICATION}} The classification of the Phishing Response investigation at the time the automatic response is sent. See Investigations for more information about investigation classifications.
{{INVESTIGATION_PRIORITY}} The priority of the Phishing Response investigation at the time the automatic response is sent. See Investigations for more information about investigation priorities.
{{INVESTIGATION_STATE}} The state of the Phishing Response investigation at the time the automatic response is sent. See Investigations for more information about investigation states.
{{ORGANIZATION_NAME}} The name of your organization as listed in your Phishing Response organization settings. See Phishing Response Settings for details.

 

Related articles

Comments

0 comments

Please sign in to leave a comment.