Phishing Email Blocked
Medium
Resolved
ALR-00150 · 2026-04-08T18:22:06Z
Description
Phishing email targeting 'n.clark@company.co.uk' blocked by Endpoint Agent. Payload: credential harvesting link mimicking Microsoft 365 login.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
18:22:06
Event ingested by SOC365 Engine
18:22:07
EmilyAI triage started — correlation enrichment
18:22:21
EmilyAI confidence: 86% — escalated to human analyst
18:22:24
Alert assigned to analyst: Emma Richardson
18:22:52
Investigation started — querying SIEM and threat intelligence
18:28:49
Containment action taken — endpoint isolated
18:36:40
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00371 | 2h ago | Phishing Email Blocked | Informational | Investigating | SW-CORE-01 |
| ALR-00074 | 2h ago | Unusual Outbound Traffic | Low | Resolved | WS-PC-002 |
| ALR-00346 | 6h ago | Phishing Email Blocked | High | Investigating | WS-PC-004 |
| ALR-00185 | 7h ago | Phishing Email Blocked | Informational | Investigating | WS-PC-003 |
| ALR-00432 | 9h ago | Failed MFA Challenge | High | Escalated | WS-PC-002 |