Set up Gmail to Forward Phishing Emails to Radiant Security
Auto-forward Gmail phishing emails to Radiant Security.
In this guide, you will configure Gmail to automatically forward suspected phishing emails to Radiant Security.
The following guide has 3 options you can choose from, depending on how your phishing reporting mailbox is set up. Choose the method that best matches your environment:
If you currently use a Google Workspace group to receive phishing reports.
If you currently use a dedicated phishing inbox to receive phishing reports.
If you either have the group-based or full-account based method of receiving phishing reports.
Add the Radiant Security alerts alias to a Google Workspace group
If you use a phishing group to process phishing emails, the Radiant Security alerts alias can be added to this group in order to receive a copy of the user report. To do this:
Open the Google Workspace admin portal.
Click Directory, then Groups.
Find the phishing group in the list.
Click Add members.
Add the Radiant Security alias:
[email protected]
to the group.
Add a forwarding rule to the phishing email account
Use this method if you have a dedicated Google Workspace phishing account with its own inbox.
Sign in to the phishing account and open the Gmail inbox.
Click the settings icon, then click See all settings.
Select Forwarding and POP/IMAP.
Use the Add a forwarding address to add the Radiant Security alias:
[email protected]
.Set up Forward a copy of incoming mail to send a copy to the added email address and click Save.
Add a default route with an additional recipient
This method should work for both groups and dedicated phishing users. It works by adding a Gmail default route that then adds the Radiant Security reporting email as an additional recipient of the emails sent to the phishing alias.
Open the Google Workspace admin portal.
Navigate to Apps > Google Workspace > Gmail.
Open the Default routing page.
Click Add another rule.
In the Specify envelope recipients to match section, enter the Email address of your phishing inbox.

In the If the envelope recipient matches the above, do the following section, select the Also deliver to > Add more recipients checkbox.

In the Envelope recipient section, click Replace recipient and enter the Radiant Security email:
[email protected]
.
Important note: It is important to unselect the Do not deliver spam to this recipient option, as it may prevent phishing emails from being properly forwarded.

Under Options, select Perform this action on non-recognized and recognized addresses.

Click Save.
Last updated