Views:

Predictive Machine Learning

Trend Micro Predictive Machine Learning uses advanced machine learning technology to correlate threat information and perform in-depth file analysis to detect emerging unknown security risks through digital fingerprinting, API mapping, and other file features.

Disabling Predictive Machine Learning prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect new, previously unidentified, or unknown threats.

Data collected	Metadata (attachment name) of suspicious executable files and scripts in email attachments
Console location	Security Risk Scan > Target > Advanced Threat Scan Engine
Console settings	Enable Predictive Machine Learning ^{Click the image to enlarge.}

Predictive Machine Learning Feedback

Predictive Machine Learning feedback enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment.

Disabling Predictive Machine Learning feedback prevents the mentioned data from being sent to Trend Micro, but affects the enhancement of ScanMail to rapidly identify and address new threats.

Data collected	Suspicious executable files and scripts in email attachments
Console location	Security Risk Scan > Action > Feedback
Console settings	Send Predictive Machine Learning Feedback to Trend Micro Smart Protection Network ^{Click the image to enlarge.}

Virtual Analyzer

Virtual Analyzer is a cloud sandbox designed for analyzing suspicious applications, files, scripts and unrated URLs. Sandbox images allow observation of application, file, script and URL behavior in an environment that simulates endpoints on your network without any risk of compromising the network.

Disabling Virtual Analyzer prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect advanced malware in files.

Data collected	Suspicious applications and executable files Suspicious scripts Suspicious documents with macro Other suspicious files from Trend Micro virus scan engine Other documents, images, videos, sounds, compressed files or any other files with specific extensions as configured Suspicious URLs
Console location	Virtual Analyzer
Console settings	Submit email messages to Virtual Analyzer ^{Click the image to enlarge.}

Advanced Spam Prevention

ScanMail uses Trend Micro Antispam Engine to provide advanced spam protection, as a complement to the email protection service on your email gateway side, to further protect Exchange Online users from BEC, ransomware, advanced phishing, and other high-profile attacks.

Disabling Advanced Spam Protection prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect BEC, phishing, ransomware, and other spam.

Data collected	Email address Email subject URL in mail body
Console location	Advanced Spam Prevention
Console settings	Enable Advanced Spam Prevention ^{Click the image to enlarge.}

Advanced Spam Protection Feedback

Advanced Spam Protection feedback enables you to participate, share and leverage Trend Micro’s global database of threat related intelligence to rapidly identify and defend against potential threats within your unique network environment.

Disabling Advanced Spam Protection feedback prevents the mentioned data from being sent to Trend Micro, but affects the enhancement of ScanMail to rapidly identify and address new spam.

Data collected	Email addresses Email subjects URLs in email body
Console location	Advanced Spam Protection > Action > Feedback
Console settings	Send Feedback to Trend Micro Smart Protection Network ^{Click the image to enlarge.}

Writing Style Training

ScanMail collects email messages sent by high profile users to learn their writing style if writing style analysis is enabled. Email messages are hashed before collecting and cannot be restored.

If writing style regular training is not enabled, email messages will not be collected.

Data collected	Email senders Email subjects Email message body
Console location and settings	Advanced Spam Prevention > Advanced Spam Prevention Settings > Business Email Compromise check > High Profile users ^{Click the image to enlarge.} Advanced Spam Prevention > Writing Style Training Settings image

Writing Style Verification

Writing Style Verification adds an additional layer of security to corporate email messages. The writing style verification for high profile users requires ScanMail to analyze and learn the specific writing style for each user.
If ScanMail detects a suspicious incoming email message, it sends a copy of the original email message to the security/IT group for manual verification.

Disabling this option prevents the original email message from being sent to the security/IT group, and therefore limits the ability of security/IT personnel to understand the threat and take appropriate actions.

Data collected	Original email message from sender
Console location	Writing Style Verification Settings
Console settings	Attach original email message from sender image

Web Reputation

ScanMail leverages Trend Micro Web Reputation Services to scan URLs contained in files, email bodies and attachments to detect malicious URLs based on their reputation scores.

Disabling Web Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.

Data collected	URLs in email body URLs in email attachments
Console location	ATP policy > Web Reputation
Console settings	Enable Web Reputation ^{Click the image to enlarge.}

URL Time-of-Click Protection

ScanMail leverages Trend Micro’s URL Time-of-Click Protection service to provide the ability to configure ScanMail to rewrite the URLs in the email message body during scanning, and analyze these URLs only when the message recipient clicks on these URLs.

Disabling URL Time-of-Click Protection prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.

Data collected	URLs in email body
Console location	URL Time-of-Click Protection
Console settings	Enable URL Time-of-Click Protection for incoming mail ^{Click the image to enlarge.}

Email Reputation

ScanMail leverages Trend Micro Email Reputation Services to verify IP addresses of incoming email messages using one of the world's largest, most trusted reputation database, along with a dynamic reputation database to identify new spam and phishing sources, stopping even zombies and botnets as they first emerge.

Disabling Email Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.

Data collected	IP addresses of email messages
Console location	Spam Prevention > Email Reputation
Console settings	Enable Email Reputation ^{Click the image to enlarge.}

Cloud App Security Integration

Cloud App Security can integrate with one or several ScanMail servers deployed within your organization to provide visibility of policy violation logs from these servers.

Not enabling Cloud App Security integration prevents ScanMail from sending logs to Cloud App Security.
Cloud App Security automatically deletes logs older than 90 days.

Data collected	Email senders Email recipients Email subjects Email delivery time Email message ID Email location Attachment names Malicious URLs in email message body Malicious URLs in email attachments ScanMail server host name
Console settings	^{Click the image to enlarge.}

Keywords: SMEX notice for data collection,notice for data collection SMEX,data collection disclosure SMEX,data collection disclosure ScanMail

ScanMail for Exchange 14.0 Data Collection Notice

Product / Version includes:

ScanMail for Exchange14.0

Last updated: 2024/06/28

Solution ID: KA-0010182

Category: Configure

Summary

The following sections outline the features that collect data, the data transmitted, and the locations on the product console where you can disable the features.

Predictive Machine Learning
Predictive Machine Learning Feedback
Virtual Analyzer
Advanced Spam Prevention
Advanced Spam Prevention Feedback
Writing Style Training
Writing Style Verification
Web Reputation
URL Time-of-Click Protection
Email Reputation
Cloud App Security Integration

To see where this data is processed, refer to our list of data centers and authorized data subprocessors and their locations.

SMEX 14.0 Data Collection Disclosure includes all contents of Data Collection Disclosure SMEX 12.5. After applying SMEX 14.0 Patch 2, Cloud App Security Integration can be enabled, and ScanMail violation logs can be sent to CAS.

Predictive Machine Learning

Data collected	Metadata (attachment name) of suspicious executable files and scripts in email attachments
Console location	Security Risk Scan > Target > Advanced Threat Scan Engine
Console settings	Enable Predictive Machine Learning ^{Click the image to enlarge.}

Predictive Machine Learning Feedback

Disabling Predictive Machine Learning feedback prevents the mentioned data from being sent to Trend Micro, but affects the enhancement of ScanMail to rapidly identify and address new threats.

Data collected	Suspicious executable files and scripts in email attachments
Console location	Security Risk Scan > Action > Feedback
Console settings	Send Predictive Machine Learning Feedback to Trend Micro Smart Protection Network ^{Click the image to enlarge.}

Virtual Analyzer

Disabling Virtual Analyzer prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect advanced malware in files.

Data collected	Suspicious applications and executable files Suspicious scripts Suspicious documents with macro Other suspicious files from Trend Micro virus scan engine Other documents, images, videos, sounds, compressed files or any other files with specific extensions as configured Suspicious URLs
Console location	Virtual Analyzer
Console settings	Submit email messages to Virtual Analyzer ^{Click the image to enlarge.}

Advanced Spam Prevention

Disabling Advanced Spam Protection prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect BEC, phishing, ransomware, and other spam.

Data collected	Email address Email subject URL in mail body
Console location	Advanced Spam Prevention
Console settings	Enable Advanced Spam Prevention ^{Click the image to enlarge.}

Advanced Spam Protection Feedback

Disabling Advanced Spam Protection feedback prevents the mentioned data from being sent to Trend Micro, but affects the enhancement of ScanMail to rapidly identify and address new spam.

Data collected	Email addresses Email subjects URLs in email body
Console location	Advanced Spam Protection > Action > Feedback
Console settings	Send Feedback to Trend Micro Smart Protection Network ^{Click the image to enlarge.}

Writing Style Training

ScanMail collects email messages sent by high profile users to learn their writing style if writing style analysis is enabled. Email messages are hashed before collecting and cannot be restored.

If writing style regular training is not enabled, email messages will not be collected.

Data collected	Email senders Email subjects Email message body
Console location and settings	Advanced Spam Prevention > Advanced Spam Prevention Settings > Business Email Compromise check > High Profile users ^{Click the image to enlarge.} Advanced Spam Prevention > Writing Style Training Settings image

Writing Style Verification

Data collected	Original email message from sender
Console location	Writing Style Verification Settings
Console settings	Attach original email message from sender image

Web Reputation

ScanMail leverages Trend Micro Web Reputation Services to scan URLs contained in files, email bodies and attachments to detect malicious URLs based on their reputation scores.

Disabling Web Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.

Data collected	URLs in email body URLs in email attachments
Console location	ATP policy > Web Reputation
Console settings	Enable Web Reputation ^{Click the image to enlarge.}

URL Time-of-Click Protection

Disabling URL Time-of-Click Protection prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.

Data collected	URLs in email body
Console location	URL Time-of-Click Protection
Console settings	Enable URL Time-of-Click Protection for incoming mail ^{Click the image to enlarge.}

Email Reputation

Disabling Email Reputation prevents the mentioned data from being sent to Trend Micro, but severely affects the ability of ScanMail to detect malicious URLs.

Data collected	IP addresses of email messages
Console location	Spam Prevention > Email Reputation
Console settings	Enable Email Reputation ^{Click the image to enlarge.}

Cloud App Security Integration

Cloud App Security can integrate with one or several ScanMail servers deployed within your organization to provide visibility of policy violation logs from these servers.

Not enabling Cloud App Security integration prevents ScanMail from sending logs to Cloud App Security.
Cloud App Security automatically deletes logs older than 90 days.

Data collected	Email senders Email recipients Email subjects Email delivery time Email message ID Email location Attachment names Malicious URLs in email message body Malicious URLs in email attachments ScanMail server host name
Console settings	^{Click the image to enlarge.}

Was this article helpful?

Featured

Automation Center

Education Portal

Online Help Center

Service Status

TrendConnect

ScanMail for Exchange 14.0 Data Collection Notice

Predictive Machine Learning

Predictive Machine Learning Feedback

Virtual Analyzer

Advanced Spam Prevention

Advanced Spam Protection Feedback

Writing Style Training

Writing Style Verification

Web Reputation

URL Time-of-Click Protection

Email Reputation

Cloud App Security Integration

ScanMail for Exchange 14.0 Data Collection Notice

Product / Version includes:

Summary

Predictive Machine Learning

Predictive Machine Learning Feedback

Virtual Analyzer

Advanced Spam Prevention

Advanced Spam Protection Feedback

Writing Style Training

Writing Style Verification

Web Reputation

URL Time-of-Click Protection

Email Reputation

Cloud App Security Integration