Threats Details Chart

The Threat Details chart on the Threats tab of Dashboard displays the number of messages detected as threats and the total percentage of blocked messages.

For a summary of the total number of email messages scanned by detected category, click the icon at the top-left of the Threat Details chart on the Threats tab of Dashboard, and refer to the data shown in the table.

The Threat Details table allows you to drill down from overall metrics into policy event logs for more granular data. The drill-down actions are available only for threats detected within the past 30 days.

Select a time period by Date, Week, Month, or Last 12 months to show data for the selected time period.

The specified time period only affects the data shown on this chart and its corresponding thumbnail chart on the Threats tab. Changing these selections does not affect other charts.

The traffic direction slightly changes the data displayed on charts. The following is the specific data displayed:

Table 1. Detected Values on Charts

Detected Values

For Incoming Mail

For Outgoing Mail

Blocked

The number of email messages blocked by connection-based filtering at the MTA connection level or by Hosted Email Security incoming security filtering

Note:

This value does not include messages blocked by content-based filtering.

The number of messages blocked using Hosted Email Security relay mail service filtering

Possible reasons for blocking include:

  • Recipient address is not resolvable (such as someone@???.com).

  • Spammers forged the mail sender address so the message appears to be coming from the customer domain.

  • The customer's MTA is compromised and is sending spam messages (for example, it is an open relay).

Ransomware

The number of email messages containing attachments that are detected as ransomware or the URL of sites that directly or indirectly facilitate the distribution of ransomware

The number of email messages containing attachments that are detected as ransomware or the URL of sites that directly or indirectly facilitate the distribution of ransomware

Malware (Pattern-based)

The number of email messages that pattern-based scanning detected as containing a malware threat

The number of email messages that pattern-based scanning detected as containing a malware threat

Malware (PML Detected)

The number of email messages that Predictive Machine Learning detected as containing a malware threat

Not available

Analyzed Advanced Threats

The number of email messages containing suspected threats detected by the Advanced Threat Scan Engine or Social Engineering Attack Protection and detected as the high risk by Virtual Analyzer

Not available

Probable Advanced Threats

The number of email messages containing suspected threats detected by the Advanced Threat Scan Engine or Social Engineering Attack Protection but not analyzed by Virtual Analyzer

Not available

BEC

The number of email messages detected as Business Email Compromise (BEC) attacks

Not available

Phishing

The number of email messages that Hosted Email Security content-based filtering detected as phishing threats

The number of email messages that Hosted Email Security content-based filtering detected as phishing threats

Web Reputation

The number of email messages containing URLs that pose security risks

The number of email messages containing URLs that pose security risks

Spam

The number of email messages that Hosted Email Security content-based filtering detected as spam

The number of email messages that Hosted Email Security content-based filtering detected as spam

Domain-based Authentication

The number of messages that failed SPF, DKIM, and DMARC authentication.

Not available

Graymail

The number of email messages detected as graymail

Not available

Data Loss Prevention

Not available

The number of digital asset transmissions, regardless of the action (block or pass).

Other

The number of email messages detected by content-based policy rules (for example, attachment true file type)

The number of email messages detected by content-based policy rules (for example, attachment true file type)

Clean

The total number of email messages that passed IP reputation-based and content-based filtering

The number of mail messages that passed Hosted Email Security relay mail service filtering

Total

The total number of email messages processed