LetsDefend Monitoring Alert

Phishing Alert

May, 13, 2024, 09:22 AM

Event ID: 257

Event Time: May, 13, 2024, 09:22 AM

Rule Name: SOC282 - Phishing Alert - Deceptive Mail Detected

Alert Type: Exchange

MITRE Technique:
T1566 - Initial Access - Phishing,
T1059 - Execution - Command and Scripting Interpreter,
T1204 - Execution - User Execution,
T1566.002 - Initial Access - Phishing: Spearphishing Link,

Real World Example:This alert is prepared for the ‘How to Investigate a SIEM Alert’ course. If you haven’t taken the course yet, please complete it first.

Severity: Medium

Security Analyst

2024 © LetsDefend

45305 Catalina ct. Suite 150, Sterling VA 20166