Forum Discussion

cllee's avatar
cllee
Brass Contributor
Apr 08, 2020

Risky Sign-In Capture for Email Client

Hi,

If the "fraudster" somehow managed to set up the user account in an email client, without anyone noticing it. And the account is already in-sync with the Exchange server.

Will the risky sign-in features track such scenario? Since he no longer required to perform the manual "sign-in" process.

Thanks.

  • Moe_Kinani's avatar
    Moe_Kinani
    Bronze Contributor

    cllee,

     

    It always capture whether from Risky sign in or cloud app security. You can easily find out from MCAS if you know the user.

     

    If you are asking about notification via email, it will notify you anytime accessing from unfamiliar location.

     

    Sorry if I’m not understanding the scenario correctly!

     

    Hope this helps!
     Moe

Resources