Threats Chart

The Threats chart on the Threats tab of Dashboard displays the total percentage of messages detected as threats.

Select a time period by Date, Week, Month, or Last 12 months to show the total percentage of messages by value for the selected time period.

The specified time period only affects the data shown on this chart and its corresponding thumbnail chart on the Threats tab. Changing these selections does not affect other charts.

The traffic direction slightly changes the data displayed on charts. The following is the specific data displayed:

Table 1. Detected Values on Charts

Detected Values

For Incoming Mail

For Outgoing Mail

Blocked

The number of email messages blocked by connection-based filtering at the MTA connection level or by Hosted Email Security incoming security filtering

Note:

This value does not include messages blocked by content-based filtering.

The number of messages blocked using Hosted Email Security relay mail service filtering

Possible reasons for blocking include:

  • Recipient address is not resolvable (such as someone@???.com).

  • Spammers forged the mail sender address so the message appears to be coming from the customer domain.

  • The customer's MTA is compromised and is sending spam messages (for example, it is an open relay).

Malware (Pattern-based)

The number of email messages that pattern-based scanning detected as containing a malware threat

The number of email messages that pattern-based scanning detected as containing a malware threat

Malware (PML Detected)

The number of email messages that Predictive Machine Learning detected as containing a malware threat

Not available

Analyzed Advanced Threats

The number of email messages containing suspected threats detected by the Advanced Threat Scan Engine or Social Engineering Attack Protection and detected as high risk by Virtual Analyzer

Not available

Probable Advanced Threats

The number of email messages containing suspected threats detected by the Advanced Threat Scan Engine or Social Engineering Attack Protection but not analyzed by Virtual Analyzer

Not available

Ransomware

The number of email messages containing attachments that are detected as ransomware or the URL of sites that directly or indirectly facilitate the distribution of ransomware

The number of email messages containing attachments that are detected as ransomware or the URL of sites that directly or indirectly facilitate the distribution of ransomware

BEC

The number of email messages detected as Business Email Compromise (BEC) attacks

Not available

Phishing

The number of email messages that Hosted Email Security content-based filtering detected as phishing threats

The number of email messages that Hosted Email Security content-based filtering detected as phishing threats

Web Reputation

The number of email messages containing URLs that pose security risks

The number of email messages containing URLs that pose security risks

Spam

The number of email messages that Hosted Email Security content-based filtering detected as spam

The number of email messages that Hosted Email Security content-based filtering detected as spam

Domain-based Authentication

The number of messages that failed SPF, DKIM, and DMARC authentication.

Not available

Graymail

The number of email messages detected as graymail

Not available

Data Loss Prevention

Not available

The number of digital asset transmissions, regardless of the action (block or pass).

Other

The number of email messages detected by content-based policy rules (for example, attachment true file type)

The number of email messages detected by content-based policy rules (for example, attachment true file type)

Clean

The total number of email messages that passed IP reputation-based and content-based filtering

The number of mail messages that passed Hosted Email Security relay mail service filtering

Total

The total number of email messages processed