A high profile user may have more than one mailbox for different uses, for example, one for business connections and one for personal life, and use different writing styles in composing email messages for various purposes. In most cases, BEC attacks tend to target business mailboxes, with the goal of initiating an unauthorized wire transfer.
In addition, some applications with an email system may have the function of automatically sending system-generated messages in the name of a high profile user.
To avoid these types of email messages from being classified as BEC attacks and help reduce false positives, specify the email addresses related to high profile users for which you want Cloud App Security to skip the scanning for BEC.
As a global setting, the specified High Profile User Exception List is applicable to all Advanced Spam Protection enabled policies for your email service, that is, Exchange Online or Gmail.
Click Add, on the Add Email Address screen that appears, specify the email address related to a high profile user that you want Cloud App Security to skip from scanning for writing style verification, and then click Save.
A maximum of 500 email addresses can be added.
Select one or multiple email addresses, click Delete to remove them from the exception list, and then click OK.