Interactive Demo — Simulated data only. Back to SOC in a Box
SOC365 Dashboard
Acme Legal Services Ltd Live 19:45:52 UTC

Phishing Email Blocked

Medium Open
ALR-00269 · 2026-07-07T12:07:00Z

Description

Phishing email targeting 'system@company.co.uk' blocked by SOC365 Engine. Payload: credential harvesting link mimicking Microsoft 365 login.

Alert Metadata

Alert ID
ALR-00269
Timestamp
2026-07-07T12:07:00Z
Severity
Medium
Status
Open
Detection Source
SOC365 Engine
Assigned Analyst
Emma Richardson

Endpoint Information

Hostname
SRV-FILE-01
User Account
system
Source IP
194.224.62.177
Destination IP
10.1.205.246
Origin Country
UA Ukraine

MITRE ATT&CK Mapping

Tactic
Initial Access
Technique
T1566.001
Reference
attack.mitre.org/techniques/T1566.001

Investigation Timeline

12:07:00 Event ingested by SOC365 Engine
12:07:02 EmilyAI triage started — correlation enrichment
12:07:14 EmilyAI confidence: 84% — escalated to human analyst
12:07:33 Alert assigned to analyst: Emma Richardson
12:09:40 Investigation started — querying SIEM and threat intelligence

Related Alerts

ID Time Alert Severity Status Host
ALR-00015 2h ago Phishing Email Blocked Low Escalated SRV-WEB-01
ALR-00352 5h ago Credential Stuffing Attempt Medium False Positive SRV-FILE-01
ALR-00034 5h ago Unusual Outbound Traffic Low Escalated SRV-FILE-01
ALR-00020 5h ago Kerberoasting Attempt Medium Resolved SRV-FILE-01
ALR-00404 7h ago Phishing Email Blocked Medium Open WS-PC-002