Views:
Suspicious senders are senders of malicious or suspicious email messages. Find patterns in spoofed sender addresses and learn which social engineering techniques are employed. For example, the sender's email address appears as internal addresses, financial services (PayPal, banks), or other services (Gmail, Taobao, Amazon). Check the sender domain addresses and associated risk level to change policy settings or settings on the anti-spam gateway to block the suspicious sender email addresses at your mail gateway.

Procedure

  1. Go to DetectionsSenders.
  2. Specify the search criteria.
    • Sender (email address)
    • Period
  3. Press ENTER.
    All email messages matching the search criteria appear.
  4. View the results.
    Header
    Description
    Sender
    View the sending email address of the detected message.
    Detections
    View the email messages with malicious or suspicious characteristics. Signature-based detection involves searching for known patterns of data within executable code or behavior analysis. Click the number to see more information about the suspicious message.
    High Risk
    View the detected messages with malicious characteristics.
    Medium Risk
    View the detected messages with characteristics that are most likely malicious.
    Low Risk
    View the detected spam messages or detected messages with content violations or suspicious characteristics.
    Spam/Graymail
    View the number of detected spam messages or graymail.
    Content Violation
    View the number of detected messages with content violations.
    DLP Incident
    View the number of detected messages with DLP incidents.
    links-icon.jpg
    View the number of email messages with embedded malicious links.
    attachments-icon.jpg
    View the number of file attachments that are detected by policy rules.
    Latest Detection
    View the most recent occurrence of the detected message.
Keywords: suspicious messages,suspicious senders