Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 17:24:16 UTC

Phishing Email Blocked

Medium Open
ALR-00174 · 2026-05-23T01:53:27Z

Description

Phishing email targeting 'p.thomas@company.co.uk' blocked by EmilyAI Triage. Payload: credential harvesting link mimicking Microsoft 365 login.

Alert Metadata

Alert ID
ALR-00174
Timestamp
2026-05-23T01:53:27Z
Severity
Medium
Status
Open
Detection Source
EmilyAI Triage
Assigned Analyst
Sarah Chen

Endpoint Information

Hostname
WS-PC-001
User Account
p.thomas
Source IP
194.163.62.217
Destination IP
10.2.99.155
Origin Country
IR Iran

MITRE ATT&CK Mapping

Tactic
Initial Access
Technique
T1566.001
Reference
attack.mitre.org/techniques/T1566.001

Investigation Timeline

01:53:27 Event ingested by SOC365 Engine
01:53:31 EmilyAI triage started — correlation enrichment
01:53:37 EmilyAI confidence: 90% — escalated to human analyst
01:53:49 Alert assigned to analyst: Sarah Chen
01:56:18 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00152 4h ago Lateral Movement Detected Informational Open WS-PC-001
ALR-00427 6h ago Credential Stuffing Attempt Informational Escalated WS-PC-001
ALR-00331 9h ago Malware Signature Match High Escalated WS-PC-001
ALR-00263 11h ago Phishing Email Blocked Medium Investigating SRV-SQL-01
ALR-00303 15h ago Pass-the-Hash Detected Medium Resolved WS-PC-001