Watchlisted Recipients at Risk

Configure the following event notification to notify administrators when Deep Discovery Email Inspector detects malicious or suspicious email messages or attachments sent to watchlisted recipients.

  1. Go to Detections > Notifications > Event Notifications.

    The Event Notifications screen appears.

  2. Click Advanced Threat Activity.

    A list of events appears.

  3. In the Event column, click Watchlisted recipients at risk.

    The Watchlisted Recipients at Risk screen appears.

  4. Specify the following notification settings.



    Email address watchlist

    Type the email addresses to be monitored. Use a semicolon (;) to separate multiple entries.


    Select the risk level of the detections that trigger the event notification.


    Type the number of threats detected by the managed product.


    Specify the time period for the detections.

  5. Select recipients for the notification.
    1. From the Available Users and Groups list, select contact groups or user accounts.
    2. Click >.

      The selected contact groups or user accounts appear in the Selected Users and Groups list.

  6. Enable one or more of the following notification methods.



    Email message

    To customize the email notification template, use supported token variables or modify the text in the Subject and Message fields.

    For more information, see Standard Token Variables and Advanced Threat Activity Token Variables.

  7. To test if recipients can receive the event notification, click Test.
  8. Click Save.