Skip to content

happychappieshat/solution-pack-phishing-email-response

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

73 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Release Information

  • Version: 1.0.1
  • Certified: Yes
  • Publisher: Fortinet
  • Compatible Version: FortiSOAR v7.2.0 and later
  • Release Notes

Overview

The Phishing Email Response solution pack contains a set of investigation playbooks that help you respond to suspicious emails. It also includes a scenario that generates a demo alert of the type Suspicious Email and demonstrates the available actions.

The use case deals with investigation and containment procedures that come into effect when end-users report a suspicious email by sending it to a designated mailbox in any of the following formats:

  • As an attachment in .msg format
  • As an attachment in .eml format
  • Inline, as a forwarded email

This solution pack, along with its included playbooks, investigates suspicious emails for:

  • Spoofing - by checking sender and reply-to address
  • Suspicious terms - terms like bitcoin, free money, or free membership

Moreover, you can manually upload emails in .eml or .msg format to investigate and enrich extracted indicators.

Following is a demonstration video on how to use the Phishing Email Response solution pack:

Video: Using Phishing Response Solution Pack

Next Steps

Installation Configuration Usage Contents

About

No description, website, or topics provided.

Resources

License

Stars

Watchers

Forks

Packages

No packages published