Phishing Email Blocked
Medium
Resolved
ALR-00040 · 2026-07-05T20:21:51Z
Description
Phishing email targeting 'system@company.co.uk' blocked by Email Gateway. Payload: credential harvesting link mimicking Microsoft 365 login.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
20:21:51
Event ingested by SOC365 Engine
20:21:52
EmilyAI triage started — correlation enrichment
20:22:06
EmilyAI confidence: 91% — escalated to human analyst
20:22:30
Alert assigned to analyst: Emma Richardson
20:22:42
Investigation started — querying SIEM and threat intelligence
20:30:26
Containment action taken — endpoint isolated
20:39:07
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00314 | 2h ago | Phishing Email Blocked | Medium | Open | WS-PC-001 |
| ALR-00360 | 4h ago | Data Exfiltration Attempt | Medium | Investigating | FW-EDGE-01 |
| ALR-00342 | 6h ago | Phishing Email Blocked | Critical | Open | AP-WIFI-03 |
| ALR-00438 | 9h ago | Shadow IT Discovery | Low | Escalated | FW-EDGE-01 |
| ALR-00201 | 20h ago | Phishing Email Blocked | Low | Resolved | WS-LAP-010 |