AI Guardian is artificial intelligence cloud security platform that protects your email against targeted attacks such as impersonation, payroll fraud, invoice fraud, and zero-day credential phishing. Powered by natural language understanding (NLU), the AI Threat Defense detection engine analyzes thousands of signals across identity, behavior, language, and global threat data to catch attacks missed by legacy solutions.

Note: AI Guardian will be enabled automatically in 2 weeks after it is available for your account. It will be enabled for the accounts with Email Protection and Email Protection +DLP packages only. Read the Knowledge Base article Email Protection: Package Management to change your Email Protection plan.

If you don't want to enable the service for your account, navigate to CONTROL PANEL > Services -> Email Protection -> AI Guardian and click Disable. You can enable the service manually from this page later if needed.


AI Guardian is targeting three primary types of threats:

  • Extortion - emails that threaten users with bad consequences unless they take a particular action
  • Ransomware - emails requesting ransom to reverse a certain action - locking out a user account, malware installed, etc.
  • Phishing - emails that contains links or redirecting to fake login pages of various services

If the inbound email falls in any of the mentioned categories, the message body will be marked with the specific wording.

  • Extortion and Ransomware:
    Potential threat warning - This email looks like could be threatening you with a potentially harmful action/fee - Be cautious clicking on any links/attachments, check the sender's email address, if you believe this to be legitimate, contact your IT team.
  • Phishing:
    Potential phishing warning -This email looks like it could trick you into sharing your credentials with a fake party. Please be cautious when clicking any links in this email or its attachments and check the sender's email address. If in doubt, contact your IT team.