Trend Micro Email Security alert: Phishing email detected

This rule is part of a beta feature. To learn more, contact Support.
trend-micro-email-security

Classification:

attack

Tactic:

TA0001-initial-access

Technique:

T1566-phishing

Goal

Detect when Trend Micro Email Security identifies a threat-related email.

Strategy

Monitor Trend Micro Email Security logs for specific threat detection events. This rule aims to identify and respond to potential email threats promptly, ensuring the security of the email infrastructure and recipients.

Triage and Response

  1. Threat event of {{@eventType}} type detected.
  2. Review the email’s headers, body, and attachments for any indicators of malicious activity.
  3. If malicious activity is confirmed, block the sender’s email address and quarantine the affected email(s) to prevent further access and distribution of harmful content.