Phishing Email Blocked
Low
False Positive
ALR-00235 · 2026-07-07T20:47:54Z
Description
Phishing email targeting 'k.brown@company.co.uk' blocked by Email Gateway. Payload: credential harvesting link mimicking Microsoft 365 login.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
20:47:54
Event ingested by SOC365 Engine
20:47:56
EmilyAI triage started — correlation enrichment
20:48:04
EmilyAI confidence: 78% — escalated to human analyst
20:48:39
Alert assigned to analyst: EmilyAI (auto)
20:48:55
Investigation started — querying SIEM and threat intelligence
20:55:00
Containment action taken — endpoint isolated
20:59:37
Alert resolved — remediation complete
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00045 | 21m ago | Phishing Email Blocked | Low | Open | WS-PC-001 |
| ALR-00246 | 2h ago | Credential Stuffing Attempt | Informational | Resolved | WS-PC-004 |
| ALR-00014 | 5h ago | Phishing Email Blocked | Medium | Open | WS-LAP-011 |
| ALR-00211 | 8h ago | Ransomware Behaviour Detected | Medium | Open | WS-PC-004 |
| ALR-00112 | 8h ago | Phishing Email Blocked | Low | False Positive | SRV-DC-01 |