Detect malicious mail rules

Attackers use malicious mail rules to backdoor users' mailboxes after a successful phishing campaign, malware infection or account compromise. You can scan all your users’ mailboxes in under two minutes.

Discover malicious rules

Scan your users' mailboxes. It takes less than two minutes.

No credit card needed

What's a malicious mail rule?

A common attack technique where mail rules are created inside a user's mailbox to perform malicious actions, like forwarding emails to an external address. Although companies can be targeted directly, it's often opportunistic, where a rule is created automatically after a successful phishing campaign, malware infection or account compromise. Learn more.

Scan all your users’ mailboxes in under 2 minutes

Connect Office 365 or Google Workpace and get instant visibility of all your mailboxes. Quickly decide if the discovered rules are legit or bad.

Take action directly from the Push platform

Use ChatOps to automatically ask the owner of the mailbox about a suspicious rule. Disable or delete malicious rules to prevent business impact.

Get instant detection and response capability to stop future attacks

Notify your users when a new rule is created in their mailbox. Automatically disable rules they don't recognise, and notify the security team. No SIEM or any other detection infrastructure required.

Supported platforms:

Google Workspace

Microsoft 365

Ready to check your mailboxes for malicious mail rules?

Want to see it in action?

Looking to solve a different SaaS security problem?

#PUSH022

Adopt multi-factor authentication

#PUSH060

Secure OAuth permissions and applications

#PUSH061

SaaS discovery

Need another problem solved?

We're always on the lookout for new SaaS security problems that we can use our automation platform to help our users solve. If you have something in mind, let us know.

Why Push?

We started Push with a single no-nonsense goal - to help busy security teams get important security controls handled in as little time as possible.

Push is different because where most security tools give you a todo list, we take work away. We don’t find problems that we don’t also solve for you.

Detect malicious mail rules

Discover malicious rules

What's a malicious mail rule?

Scan all your users’ mailboxes in under 2 minutes

Take action directly from the Push platform

Get instant detection and response capability to stop future attacks

Ready to check your mailboxes for malicious mail rules?

Email security: How hackers use mail rules to access your inbox

Should you disable external email auto-forwarding?

Case study: Business Email Compromise (BEC) attack nearly cost us millions

Want to see it in action?

Looking to solve a different SaaS security problem?

Adopt multi-factor authentication

Secure OAuth permissions and applications

SaaS discovery

Need another problem solved?

Why Push?

Discover malicious rules

What's a malicious mail rule?

Scan all your users’ mailboxes in under 2 minutes

Take action directly from the Push platform

Get instant detection and response capability to stop future attacks

Ready to check your mailboxes for malicious mail rules?

Check out these blog posts to learn more:

Email security: How hackers use mail rules to access your inbox

Should you disable external email auto-forwarding?

Case study: Business Email Compromise (BEC) attack nearly cost us millions

Want to see it in action?

Looking to solve a different SaaS security problem?

Adopt multi-factor authentication

Secure OAuth permissions and applications

SaaS discovery

Need another problem solved?