Hi dogan,
you must set a threshold of 2 keyowrds in your policy.
in match conditions (under your keyword list) you have a line for that.
Count all matches and only report incidents with at least X matches, than you can set X to 2.
but take care that it will also raise an incident if it found 2 times same keyword in the email.
you also have to take ware if you check "On whole words only" because if not "hack" also match "HACKers" and "HACKer").
Regards.