Our goal is to help your team make safe decisions at a glance. This FAQ explains what the color‑coded banners mean and how to handle emails accordingly.
What is the NUMENTIS Email Security Banner?
The banner is an interactive, color‑coded notice inserted at the top of emails after analysis by our security platform (powered by Kaseya INKY) to highlight sender details and potential risks in real time.
Why am I seeing banners on my emails?
Because your organization is protected by NUMENTIS. The security system analyzes mail and adds a small banner, so users instantly know whether a message appears safe, requires caution, or is dangerous (and whether it’s internal or external).
What do the banner colors mean?
Gray — Informational
No unusual or suspicious indicators were found. Still confirm the sender and context if anything feels off.
Yellow — Caution
Something is unexpected (e.g., first‑time sender, marketing/graymail, unusual characteristics). Yellow does not always mean malicious—proceed thoughtfully.
Red — Danger
Likely phishing or malicious (e.g., brand impersonation, spoofed internal sender, blocked/phishing links). Treat red banners as high risk.
Why am I seeing more yellow banners recently?
During initial rollout Learning Mode, the system is more cautious; yellow banners may be more frequent for ~30 days as it learns your communication patterns. This is normal and will taper.
Can I remove a banner from an email?
No. Users cannot remove banners—this keeps security warnings visible. If a message seems misclassified, use Report This Email or contact NUMENTIS.
Do recipients see banners when I forward or reply?
No. Banners are automatically removed on forwards/replies so external recipients don’t see internal warnings, and the message can be rescanned appropriately.
Why did a legitimate message receive a yellow banner?
Even legitimate messages can earn a caution banner—for example, first‑time senders, graymail/newsletters, or messages with unusual traits. This is expected behavior.
What should I do with a yellow banner?
Verify the sender and the request; be careful with links and attachments. When uncertain, don’t click—contact NUMENTIS Support.
What should I do with a red banner?
The safest option is to delete the message or report it. Some organizations choose to quarantine red mail automatically, while others deliver it with a red warning depending on policy.
What does “Report This Email” do?
It opens a simple page where you can mark the message Safe, Spam, or Phishing. Your feedback improves accuracy for your mailbox and helps our team tune protection.
Can I manage personal allow/block lists?
Yes. After using the reporting flow (and authenticating with Microsoft 365/Google), you can maintain personal allow/block preferences that affect only your mailbox.
What happens if I click a suspicious link by accident?
You may see a warning page with a screenshot of the destination, an explanation, and options to Proceed or Do Not Proceed—an extra safety net against credential theft.
Is the banner experience customizable for our company?
Yes. NUMENTIS can configure branding (logos/links), language, how much detail appears in the banner vs. the Details page, when to show banners for certain message types, and more. Core warning language remains standardized for safety.
Tips from NUMENTIS for everyday use
- Treat yellow as “verify,” red as “don’t touch.” Verify via another channel (e.g., call/chat) if unsure.
- Use “Report This Email.” It takes seconds and helps protect everyone.
- Expect fewer banners over time. Accuracy improves after the learning period.
Need help?
If something looks suspicious—or if you’re unsure—contact NUMENTIS. Our security team is here to help, train your staff, and fine‑tune policies for your environment. (The technology is powered by Kaseya INKY.)
