Improved detection and protection against business email compromise (…

…BEC) such as CEO fraud

modules/imap/handler_modules.php

@@ -2194,3 +2194,19 @@ function process_move_messages_in_screen_email_enabled_callback($val) { return $
         process_site_setting('move_messages_in_screen_email', $this, 'process_move_messages_in_screen_email_enabled_callback', true, true);
     }
 }
+
+/**
+ * Process setting_ceo_detection_fraud in the settings page
+ * @subpackage core/handler
+ */
+class Hm_Handler_process_setting_ceo_detection_fraud extends Hm_Handler_Module {
+    public function process() {
+        function process_ceo_use_trusted_contact_callback($val) { return $val; }
+        function process_ceo_suspicious_phrases_callback($val) { return $val; }
+        function process_ceo_rate_limit_callback($val) { return $val; }
+
+        process_site_setting('ceo_use_trusted_contact', $this, 'process_ceo_use_trusted_contact_callback');
+        process_site_setting('ceo_suspicious_phrases', $this, 'process_ceo_suspicious_phrases_callback');
+        process_site_setting('ceo_rate_limit', $this, 'process_ceo_rate_limit_callback');
+    }
+}

modules/imap/output_modules.php

@@ -1470,3 +1470,40 @@ protected function output() {
         return $res;
     }
 }
+class Hm_Output_setting_ceo_detection_fraud extends Hm_Output_Module {
+    protected function output() {
+        $settings = $this->get('user_settings', array());
+        $ceo_use_trusted_contact = "checked";
+        $ceo_suspicious_phrases = "wire transfer, urgent, account details, payment instruction";
+        $ceo_rate_limit = "100";
+        if (array_key_exists('ceo_use_trusted_contact', $settings)) {
+            if ($settings['ceo_use_trusted_contact']) {
+                $ceo_use_trusted_contact = "checked";
+            } else {
+                $ceo_use_trusted_contact = "";
+            }
+        }
+
+        if (array_key_exists('ceo_suspicious_phrases', $settings) && $settings['ceo_suspicious_phrases']) {
+            if ($settings['ceo_suspicious_phrases']) {
+                $ceo_suspicious_phrases = $settings['ceo_suspicious_phrases'];
+            }
+        }
+        if (array_key_exists('ceo_rate_limit', $settings) && $settings['ceo_rate_limit']) {
+            if ($settings['ceo_rate_limit']) {
+                $ceo_rate_limit = $settings['ceo_rate_limit'];
+            }
+        }
+
+        $res = '<tr class="general_setting"><td><label for="ceo_use_trusted_contact">'.
+            $this->trans('CEO fraud: Use Trusted Contacts as Valid emails').
+            '</label></td><td><input class="form-check-input" type="checkbox" role="switch" id="ceo_use_trusted_contact" name="ceo_use_trusted_contact" '. $ceo_use_trusted_contact .' ></td></tr>';
+        $res .= '<tr class="general_setting"><td><label for="ceo_suspicious_phrases">'.
+            $this->trans('CEO fraud: Suspicious Phrases or Requests(separate by ",")').
+            '</label></td><td><textarea class="form-control form-control-sm w-auto" role="switch" id="ceo_suspicious_phrases" name="ceo_suspicious_phrases">'. $ceo_suspicious_phrases .'</textarea></td></tr>';
+        $res .= '<tr class="general_setting"><td><label for="ceo_rate_limit">'.
+            $this->trans('CEO fraud: Rate-Limit or Monitor Unusual Requests').
+            '</label></td><td><input class="form-control form-control-sm w-auto" type="number" min="0" role="switch" id="ceo_rate_limit" name="ceo_rate_limit" value="'. $ceo_rate_limit .'" ></td></tr>';
+        return $res;
+    }
+}

modules/imap/setup.php

@@ -45,6 +45,7 @@
 add_handler('settings', 'process_auto_advance_email_setting', true, 'imap', 'date', 'after');
 add_handler('settings', 'process_first_time_screen_emails_per_page_setting', true, 'imap', 'date', 'after');
 add_handler('settings', 'process_setting_move_messages_in_screen_email', true, 'imap', 'process_first_time_screen_emails_per_page_setting', 'after');
+add_handler('settings', 'process_setting_ceo_detection_fraud', true, 'imap', 'process_setting_move_messages_in_screen_email', 'after');
 add_output('settings', 'imap_server_ids', true, 'imap', 'page_js', 'before');
 add_output('settings', 'start_sent_settings', true, 'imap', 'end_settings_form', 'before');
 add_output('settings', 'sent_since_setting', true, 'imap', 'start_sent_settings', 'after');
@@ -62,6 +63,7 @@
 add_output('settings', 'imap_auto_advance_email', true, 'imap', 'imap_pagination_links', 'after');
 add_output('settings', 'first_time_screen_emails_per_page_setting', true, 'imap', 'imap_auto_advance_email', 'after');
 add_output('settings', 'setting_move_messages_in_screen_email', true, 'imap', 'first_time_screen_emails_per_page_setting', 'after');
+add_output('settings', 'setting_ceo_detection_fraud', true, 'imap', 'default_sort_order_setting', 'after');
 
 /* compose page data */
 add_output('compose', 'imap_server_ids', true, 'imap', 'page_js', 'before');
@@ -438,5 +440,8 @@
         'tag_id' => FILTER_DEFAULT,
         'first_time_screen_emails' => FILTER_VALIDATE_INT,
         'move_messages_in_screen_email' => FILTER_VALIDATE_BOOLEAN,
+        'ceo_use_trusted_contact' => FILTER_VALIDATE_BOOLEAN,
+        'ceo_suspicious_phrases' => FILTER_DEFAULT,
+        'ceo_rate_limit' => FILTER_VALIDATE_INT,
     )
 );