Mimecast Alert: phishing email detected
Set up the mimecast integration.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Goal
Detect when Mimecast identifies a phishing email.
Strategy
Targeted Threat Protection - Impersonation Protect tackles the increasing threat of socially engineered “whaling” attacks.
This rule can used to detect an email which contains impersonation attempts that have been flagged as external and malicious with definition as phishing.
For more details: Click here
Triage and response
- Investigate the suspected phishing email, including sender information, email content, and any attachments.
- Verify whether sensitive information has been compromised and assess the impact.
- Apply appropriate remediation steps according to the company’s incident response policy, which may include:
- Marking the email as phishing and reporting it to your security team.
- Investgate sender: {{@senderAddress}} or blocking the sender’s email address.
- Notifying potentially affected users and providing guidance on next steps.
- Updating email filters and security measures to prevent similar attacks.
