Phishing Email Blocked
Low
Investigating
ALR-00414 · 2026-07-10T07:30:44Z
Description
Phishing email targeting 'system@company.co.uk' blocked by Cloud Connector. Payload: credential harvesting link mimicking Microsoft 365 login.
Alert Metadata
Endpoint Information
MITRE ATT&CK Mapping
Investigation Timeline
07:30:44
Event ingested by SOC365 Engine
07:30:45
EmilyAI triage started — correlation enrichment
07:30:55
EmilyAI confidence: 97% — escalated to human analyst
07:30:59
Alert assigned to analyst: EmilyAI (auto)
07:32:51
Investigation started — querying SIEM and threat intelligence
Related Alerts
| ID | Time | Alert | Severity | Status | Host |
|---|---|---|---|---|---|
| ALR-00145 | 5h ago | Phishing Email Blocked | Medium | False Positive | WS-LAP-011 |
| ALR-00021 | 6h ago | Phishing Email Blocked | Low | False Positive | WS-LAP-010 |
| ALR-00350 | 7h ago | Pass-the-Hash Detected | Medium | Investigating | SRV-FILE-01 |
| ALR-00468 | 12h ago | Phishing Email Blocked | Medium | Open | SRV-FILE-01 |
| ALR-00209 | 13h ago | Phishing Email Blocked | Low | Escalated | SRV-SQL-01 |