Viewing Email Subjects

Suspicious subjects are the email subjects of malicious or suspicious email messages. Find trends in common keywords or other social engineering techniques. Pretexting is the most common way to engage a victim. Look for email subjects that appear familiar to targeted recipients (examples: holiday party invitation, bank statement, or a common subject used in department newsletters) that can trick your users into opening the email message. If users trust the email subject, there is more chance that they will download a malicious attachment or follow a phishing link that appears to be a legitimate request for their domain credentials or customer information.

  1. Go to Detections > Subjects.
  2. Specify the search criteria.
    • Email subject
    • Period
  3. Press ENTER.

    All email messages matching the search criteria appear.

  4. View the results.



    Email Subject

    View the email subject of the suspicious email message.


    View the email messages with malicious or suspicious characteristics. Signature-based detection involves searching for known patterns of data within executable code or behavior analysis. Click the number to see more information about the suspicious message.

    High Risk

    View the detected messages with malicious characteristics.

    Medium Risk

    View the detected messages with characteristics that are most likely malicious.

    Low Risk

    View the detected spam messages or detected messages with content violations or suspicious characteristics.


    View the number of detected spam messages or graymail.

    Content Violation

    View the number of detected messages with content violations.

    DLP Incident

    View the number of detected messages with DLP incidents.

    View the number of email messages with embedded malicious links.

    View the number of file attachments that are detected by policy rules.

    Latest Detection

    View the most recent occurrence of the detected message.