Views:

Predictive Machine Learning

Trend Micro Predictive Machine Learning uses advanced machine learning technology to correlate threat information and perform in-depth file analysis to detect emerging unknown security risks through digital fingerprinting, API mapping, and other file features.

 
Disabling Predictive Machine Learning prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect new, previously unidentified, or unknown threats.
 
Data collectedMetadata (attachment name) of suspicious executable files and scripts in email attachments
Console locationSecurity Risk Scan > Target > Advanced Threat Scan Engine
Console settings

Enable Predictive Machine Learning

Predictive Machine Learning

Back to top

Predictive Machine Learning Feedback

Predictive Machine Learning feedback enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment.

 
Disabling Predictive Machine Learning feedback prevents the mentioned data from being sent to Trend Micro, but affects the enhancement of ScanMail to rapidly identify and address new threats.
 
Data collectedSuspicious executable files and scripts in email attachments
Console locationSecurity Risk Scan > Action > Feedback
Console settings

Send Predictive Machine Learning Feedback to Trend Micro Smart Protection Network

Predictive Machine Learning Feedback

Back to top

Virtual Analyzer

Virtual Analyzer is a cloud sandbox designed for analyzing suspicious applications, files, scripts and unrated URLs. Sandbox images allow observation of application, file, script and URL behavior in an environment that simulates endpoints on your network without any risk of compromising the network.

 
Disabling Virtual Analyzer prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect advanced malware in files.
 
Data collected
  • Suspicious applications and executable files
  • Suspicious scripts
  • Suspicious documents with macro
  • Other suspicious files from Trend Micro virus scan engine
  • Other documents, images, videos, sounds, compressed files or any other files with specific extensions as configured
  • Suspicious URLs
Console locationVirtual Analyzer
Console settings

Submit email messages to Virtual Analyzer

Virtual Analyzer

Back to top

Advanced Spam Prevention

ScanMail uses Trend Micro Antispam Engine to provide advanced spam protection, as a complement to the email protection service on your email gateway side, to further protect Exchange Online users from BEC, ransomware, advanced phishing, and other high-profile attacks.

 
Disabling Advanced Spam Protection prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect BEC, phishing, ransomware, and other spam.
 
Data collected
  • Email address
  • Email subject
  • URL in mail body
Console locationAdvanced Spam Prevention
Console settings

Enable Advanced Spam Prevention

Advanced Spam Prevention

Back to top

Advanced Spam Protection Feedback

Advanced Spam Protection feedback enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment.

 
Disabling Advanced Spam Protection feedback prevents the mentioned data from being sent to Trend Micro, but affects the enhancement of ScanMail to rapidly identify and address new spam.
 
Data collected
  • Email addresses
  • Email subjects
  • URLs in email body
Console locationAdvanced Spam Protection > Action > Feedback
Console settings

Send Feedback to Trend Micro Smart Protection Network

Send Feedback to Trend Micro Smart Protection Network

Back to top

Writing Style Training

ScanMail collects email messages sent by high profile users to learn their writing style if writing style analysis is enabled. Email messages are hashed before collecting and cannot be restored.

 
If writing style regular training is not enabled, email messages will not be collected.
 
Data collected
  • Email senders
  • Email subjects
  • Email message body
Console location and settings
  • Advanced Spam Prevention > Advanced Spam Prevention Settings > Business Email Compromise check > High Profile users

    High Profile User

  • Advanced Spam Prevention > Writing Style Training Settings

    Writing Style

Back to top

Writing Style Verification

Writing Style Verification adds an additional layer of security to corporate email messages. The writing style verification for high profile users requires ScanMail to analyze and learn the specific writing style for each user.
If ScanMail detects a suspicious incoming email message, it sends a copy of the original email message to the security/IT group for manual verification.

 
Disabling this option prevents the original email message from being sent to the security/IT group, and therefore limits the ability of security/IT personnel to understand the threat and take appropriate actions.
 
Data collectedOriginal email message from sender
Console locationWriting Style Verification Settings
Console settings

Attach original email message from sender

Writing Style

Back to top

Web Reputation

ScanMail leverages Trend Micro Web Reputation Services to scan URLs contained in files, email bodies and attachments to detect malicious URLs based on their reputation scores.

 
Disabling Web Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.
 
Data collected
  • URLs in email body
  • URLs in email attachments
Console locationATP policy > Web Reputation
Console settings

Enable Web Reputation

Web Reputation

Back to top

URL Time-of-Click Protection

ScanMail leverages Trend Micro’s URL Time-of-Click Protection service to provide the ability to configure ScanMail to rewrite the URLs in the email message body during scanning, and analyze these URLs only when the message recipient clicks on these URLs.

 
Disabling URL Time-of-Click Protection prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.
 
Data collectedURLs in email body
Console locationURL Time-of-Click Protection
Console settings

Enable URL Time-of-Click Protection for incoming mail

URL Time-of-Click Protection

Back to top

Email Reputation

ScanMail leverages Trend Micro Email Reputation Services to verify IP addresses of incoming email messages using one of the world's largest, most trusted reputation database, along with a dynamic reputation database to identify new spam and phishing sources, stopping even zombies and botnets as they first emerge.

 
Disabling Email Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.
 
Data collectedIP addresses of email messages
Console locationSpam Prevention > Email Reputation
Console settings

Enable Email Reputation

Email Reputation

Back to top

Keywords: SMEX notice for data collection,notice for data collection SMEX,data collection disclosure SMEX,data collection disclosure ScanMail