Social Engineering Attack Protection detects suspicious behavior related to social engineering attacks in email messages.
For more information about social engineering attack detections, see Social Engineering Attack Log Details
The Spam, Phishing, Graymail, Web Reputation, or Social engineering attack criteria allow you to create rules that take actions on these types of potentially unwanted messages.
Hosted Email Security does not apply content-based heuristic spam, BEC, phishing, graymail, Web reputation, or social engineering attack rules to email messages received from email addresses and domains listed on the Approved Senders screen.
Select Enable Virtual Analyzer, and then select the security level from the drop-down list, to perform further observation and analysis for threats detected by Social Engineering Attack Protection.
If Virtual Analyzer is enabled, Hosted Email Security performs observation and analysis on samples in a closed environment. It takes 3 minutes on average to analyze and identify the risk of an attachment, and the time could be as long as 30 minutes for some attachments.
Hosted Email Security logs advanced threats as follows:
"Probable Advanced Threats": Suspected threats detected by the Advanced Threat Scan Engine or Social Engineering Attack Protection but not analyzed by Virtual Analyzer
Some detected files may be safe. Trend Micro recommends selecting the Quarantine action for suspected threats detected by Social Engineering Attack Protection.
"Analyzed Advanced Threats": Suspected threats detected by the Advanced Threat Scan Engine or Social Engineering Attack Protection and detected as the high risk by Virtual Analyzer
if the High security level is configured, then the action will be applied on all messages that exhibit any suspicious behavior.
if the Medium security level is configured, then the action will be applied on messages that have moderate to high probability of being malicious.
if the Low security level is configured, then the action will be applied only on messages that have high probability of being malicious.