Set up Gmail to Forward Phishing Emails to Radiant Security

Auto-forward Gmail phishing emails to Radiant Security.

In this guide, you will configure Gmail to automatically forward suspected phishing emails to Radiant Security.

The following guide has 3 options depending on how your phishing reporting mailbox is set up. Choose the method that best corresponds to how your environment is set up:

If you currently use a Google Workspace group to receive phishing reports.
If you currently use a dedicated phishing inbox to receive phishing reports.
If you either have the group based or full account based methods of receiving phishing reports.

Add Radiant Security alias to a Google Workspace group

If you use a phishing group to process phishing emails, the Radiant Security alerts alias can be added to this group in order to receive a copy of the user report. To do this:

Open the Google Workspace admin portal.
Navigate to Directory, then Groups.
Find the phishing group in the list.
Click Add members
Add the Radiant Security alias ([email protected]) to the group.

Add a forwarding rule to the phishing email account

Use this method if you have a dedicated Google Workspace phishing account with its own inbox.

Note: This method requires you to have access to the phishing account inbox and settings.

Sign in to the phishing account and open the Gmail inbox.
Click on the Settings cog icon, then See all settings.
Select Forwarding and POP/IMAP.
Use the Add a forwarding address to add the Radiant Security alias ([email protected]).
Set up Forward a copy of incoming mail to send a copy to the added email address, and click Save.

Note: If you are already forwarding a copy to another destination, you may have to add this second destination as a mail rule instead.

Add a default route with an additional recipient

This method should work for both groups and dedicated phishing users. It works by adding a Gmail default route that adds the Radiant Security reporting email as an additional recipient of the emails going to the phishing alias.

Open the Google Workspace admin portal.
Navigate to Apps > Google Workspace > Gmail.
Open the Default routing page.
Click Add another rule.
In the Specify envelope recipients to match section, add the email address of your phishing inbox.

In the If the envelope recipient matches the above, do the following section, check the Also deliver to > Add more recipients box.

In the Envelope recipient section, click Replace recipient and add the Radiant Security email ([email protected]) with the following options.

Important note: It is important to uncheck the Do not deliver spam to this recipient option, as it may prevent phishing emails from being properly forwarded.

Under Options, select Perform this action on non-recognized and recognized addresses.

Click Save.

PreviousOutlook Online Conditional Forwarding (Inbox Rules)NextSet up KnowBe4 on Chrome to forward phishing emails to Radiant Security

Last updated 6 days ago