Detect malicious mail rules

Attackers use malicious mail rules to backdoor users' mailboxes after a successful phishing campaign, malware infection or account compromise. You can scan all your users’ mailboxes in under two minutes.

Discover malicious rules

Scan your users' mailboxes. It takes less than two minutes.

No credit card needed

What's a malicious mail rule?

A common attack technique where mail rules are created inside a user's mailbox to perform malicious actions, like forwarding emails to an external address. Although companies can be targeted directly, it's often opportunistic, where a rule is created automatically after a successful phishing campaign, malware infection or account compromise. Learn more.

Scan all your users’ mailboxes in under 2 minutes

Connect Office 365 or Google Workpace and get instant visibility of all your mailboxes. Quickly decide if the discovered rules are legit or bad.

Take action directly from the Push platform

Use ChatOps to automatically ask the owner of the mailbox about a suspicious rule. Disable or delete malicious rules to prevent business impact.

Get instant detection and response capability to stop future attacks

Notify your users when a new rule is created in their mailbox. Automatically disable rules they don't recognise, and notify the security team. No SIEM or any other detection infrastructure required.

Supported platforms:

Google Workspace

Microsoft 365

Ready to check your mailboxes for malicious mail rules?

Want to see it in action?

Looking to solve a different SaaS security problem?

#PUSH022

Adopt multi-factor authentication

#PUSH060

Secure OAuth permissions and applications

Need another problem solved?

We're always on the lookout for new SaaS security problems that we can use our automation platform to help our users solve. If you have something in mind, let us know.