Phishing Email Blocked
Low
False Positive
ALR-00034 · 2026-05-26T12:36:59Z
Description
Phishing email targeting 'n.clark@company.co.uk' blocked by EmilyAI Triage. Payload: credential harvesting link mimicking Microsoft 365 login.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
12:36:59
Event ingested by SOC365 Engine
12:37:00
EmilyAI triage started — correlation enrichment
12:37:13
EmilyAI confidence: 80% — escalated to human analyst
12:37:39
Alert assigned to analyst: EmilyAI (auto)
12:38:31
Investigation started — querying SIEM and threat intelligence
12:44:10
Containment action taken — endpoint isolated
12:54:22
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00275 | 3h ago | Certificate Anomaly | Medium | Escalated | SRV-DC-01 |
| ALR-00303 | 5h ago | C2 Beacon Activity | Low | Resolved | SRV-DC-01 |
| ALR-00492 | 8h ago | Phishing Email Blocked | Low | Escalated | WS-PC-002 |
| ALR-00142 | 1d ago | Phishing Email Blocked | Informational | Investigating | WS-PC-004 |
| ALR-00013 | 1d ago | Certificate Anomaly | Informational | Resolved | SRV-DC-01 |