easy website builder

SafeToOpen's Features

Email Verification

SafeToOpen instantly processes all internally (from your employees) and externally (from your customers) reported emails for detecting phishing websites targeting your business.

All attachments are scanned on the SafeToOpen Virtual Machine installed in your organisation and only URLs are sent out to SafeToOpen's Central Threat Intelligence (CTI) systems for in-depth analysis. CTI uses your business profile and multiple threat intelligence sources to accurately verify the trustworthiness of the URLs, domain names and IP addresses in reported emails.

Available in: Bronze, Silver, Gold, and Platinum plans

Logo Matching

One of the biggest advantages of using SafeToOpen is to detect new phishing website targeting your brand and business. Unlike other tools in the market, SafeToOpen is tailored to fit the requirements in your environment. For example, with our latest logo matching techniques, SafeToOpen can easily find any phishing websites in reported emails, webservers logs, text messages and social media feeds like no one else.

Once you subscribe to use this feature, our team will ask you for a high-quality (PNG format) of your logo to use in SafeToOpen. Once provided, SafeToOpen can highlight once your logo has been used in websites that do not belong to your business.

SafeToOpen is designed to connect to all URLs in emails, take screenshots of the URLs (that is used for logo matching, Phishing-kit detection, and SafeToOpen in-depth report), and save the content of URL (in form of HTML) for future analysis by your security team.

Please note that SafeToOpen does NOT use your business Internet to connect to the URLs hence it does not expose your environment IP address(es).

Back
Available in: Gold, and Platinum plans

Central Threat Intelligence Subscription

SafeToOpen uses multiple world's most famous threat intelligence feeds (including IBM X-Force Exchange, Google SafeBrowsing and VirusTotal) as well as our local threat feeds to verify the trustworthiness of URLs, domain names and IP addresses. The subscription is already included in our pricing and you do not have to pay an extra fee for using them.

Please note:
* CTI threat feeds is exclusive for SafeToOpen use and you are not able to use them for any other purposes.
** Currently SafeToOpen does not offer CTI as a separate service to other businesses and it is only sold with our email verification system.

Back
Available in: Bronze, Silver, Gold, and Platinum plans

Phishing Simulation Detection

SafeToOpen does not interfere with your phishing awareness program known as phishing simulation practice. To avoid SafeToOpen process the phishing simulation emails, you need to whitelist their "subject line". SafeToOpen not only ignores processing emails but also counts them and create a report on a number of employees that have reported those email.

Back
Available in: Bronze, Silver, Gold, and Platinum plans

Detect Phishing Campaing

SafeToOpen groups similar emails together to detect phishing campaigns and makes it very easy for your security team to detect and respond. This feature also helps you to find mass email senders ( i.e., spammers). 

Back
Available in: Silver, Gold, and Platinum plans

Auto Reply

Responding to reported suspicious emails from your staff can be quite a time-consuming and always involves human error. SafeToOpen's auto-reply replies to all internally reported emails with a recommendation that indicates whether the email is safe to open. A SafeToOpen reply contains the following items:

1- An easy to understand an indication of safe and unsafe emails
2- A link to download the screenshot of the original email
3- A link to download the detailed result of SafeToOpen analysis of the email. The report includes:
- Statistic of the email (email subject line, original sender, date/time of the report, safe of the email, number of URLs, number of attachments, countries that the URLs are pointing to, the result of SafeToOpen analysis)
- In-depth analysis of attachments (including PDF validation, actual file type, antivirus results, etc)
- In-depth analysis of the URLs (including the hyperlink, original URL, last seen (redirected) URL, SSL information, and a screenshot of the URL). Please note that SafeToOpen does NOT process unsubscribe links.
4- PDF version of all attached documents files (including CSV, docs, XLSX, PPXT, ODT, etc)
5- Feedback
6- Report incorrect information 

Back
Available in: Silver, Gold, and Platinum plans

Dashboard Access

The dashboard is the main point of viewing all reported emails and text messages in your environment. It shows how many emails have been reported since a specific time, how many of them were clean, how many were, suspicious and how many were infected. It also shows how your security team has responded to those reported emails. For example, how many of those emails were phishing, how many were spam, etc.

Mobirise
Mobirise


There is more information on the dashboard that helps your security team make better decisions when dealing with malicious emails. Please contact us for more detailed information.

Back
Available in: Silver, Gold, and Platinum plans

SafeToOpen Training

With Subscribing to any of our Silver, Gold, or Platinum plans you are entitled to get a free in-house or Internet-based training. SafeToOpen training is also available for your outsourced managed service company.

* SafeToOpen also provides awareness training for your staff through our trusted partners. Please contact us for more information.

Back
Available in: Silver, Gold, and Platinum plans

Tip of the Week

Every time your staff verify a suspicious email, they receive an automatic response from SafeToOpen. In the email response, they also find tips of the week to improve the awareness of your employee's awareness. Please find examples of weekly tips here.

Back
Available in: Silver, Gold, and Platinum plans

Continues URL Monitoring

When your security team identifies a malicious URL in SafeToOpen, they can send it to URL monitoring section (or monitor-er). You can add multiple URLs to be monitored at the same time. SafeToOpen will connect and take a screenshot of URLs every hour. 

Back
Available in: Silver, Gold, and Platinum plans

Microsoft Outlook Add-in

SafeToOpen's Microsoft Outlook add-in is the best way for your staff to report their suspicious emails. They need to select a suspicious email and click on the verify email button. The add-in will then save the content of the original email and send it to your SafeToOpen instance and your phishing email address. This way of reporting - unlike forwarding - does not change the original content of the suspicious email hence more accurate result.

Back
Available in: Silver, Gold, and Platinum plans

Webserver Log Analysis

SafeToOpen is able to analyse logs from your webservers to detect phishing URLs targeting your business. In very common cases, SafeToOpen informs you once an attacker is designing a new phishing URL so that your security team can issue a URL takedown very quickly to remediate the impact of phishing attacks.


Back
Available in: Gold, and Platinum plans

Define Action on a Sender

This feature enables your security team to define actions on individual emails senders. Actions could be varied: For example, you can categorise the sender as a spammer, a malicious sender or a phisher. Also, you can decide what to do with new emails and previous emails coming from the same sender. i.e., you can block the sender or move all emails from a specific sender to trash.

Mobirise

Please note that you will need to provide SafeToOpen with your email server API with the right permissions.

Back
Available in: Gold, and Platinum plans

SIEM Integration

You can easily integrate SafeToOpen with your SIEM solution and get more meaningful information. For example, along with your web proxy logs, you can find out when any of your staff has clicked on a URL that is known malicious by SafeToOpen. Or you can alert once SafeToOpen has detected a new phishing website.

As well, you can send all SafeToOpen access logs to your SIEM for auditing purpose.

Back
Available in: Gold, and Platinum plans

Local Proxy Connection

One of the biggest difference between SafeToOpen and email security market leading products is the ability of SafeToOpen to connect to the suspicious URL. It is becoming very common for cyberattackers to limit the detection vector by limiting geographical access to their malicious websites. SafeToOpen is designed to connect to the malicious web server using local broadband connections.

Back
Available in: Gold, and Platinum plans

Text Verification

If you are a financial business, you have most likely suffered from text phishing (smishing) attacks. In this attack, cyber attackers send text messages to your customers and encourage them to click on the provided URL ( or a phishing URL ) to steal their credentials. Here is a list of the requirements to use SafeToOpen text verification feature:

    - An easy-to-remember phone number to provide to your customers. This number is used for them to forward the suspicious text messages to.
    - An SMS gateway (provided by SafeToOpen)
    - You need to decide if you want SafeToOpen to reply to the sender of text messages

The SMS gateway will convert the reported text messages to emails and send them to SafeToOpen. SafeToOpen processes them and you can decide if you wish to reply to your customers.

Back
Available in: Platinum plan

Social Media Monitoring

Delivering phishing attacks through social media is becoming very common these days. Cybercriminals often create fake profiles and post eye-catching content in social media that encourage your customers to click on. Traditionally, finding malicious URLs in social media was possible only after someone has been the victim of miscreant activities and reported it to the business.

In contrast, SafeToOpen can capture all URLs in top ten social media platform in the world where the name of your business is mentioned and analyse them to quickly find malicious websites to protect your customers on social media. Please contact us for more information.

Back
Available in: Platinum plan

Web Proxy Integration

This feature allows SafeToOpen to modify your web proxy blacklist. Once SafeToOpen has detected malicious URLs, you can easily block all access from your staff to those URLs using a single click but it requires your web proxy supports API calls. Some web proxy servers are using RESTful APIs to add/remove URLs to their blacklists. If you are not sure your web proxy supports this feature, please contact us.

Back
Available in: Platinum plan

Microsoft Office 365 Integration

If you have already purchased and been using Microsoft Office 365 for your business, you have the ability to manage malicious emails via SafeToOpen quickly and automatically. Once your analysts have identified a malicious sender, they can remove all emails from the sender or they can block all emails originated from that sender. As a result, your staff will have less malicious and spam emails in their mailboxes.

Back
Available in: Platinum plan

DIY URL Takedown

Once your security team has detected a phishing URL, they can issue a URL takedown with SafeToOpen's Do It Yourself takedown templates. Our templates are carefully designed to cover most of the domain registrars and certificate issuers. Your security team only need to submit the pre-built email with their corporate email account. SafeToOpen DIY takedown saves time and money for your team and eases the process of taking down a phishing URL. 

Back
Available in: Platinum plans