Threat Review Console

Endpoint Protection · Detections
Last scan: today, 09:41 · 2 detections need review
2
Needs review
1
High severity
0
Submitted
0
Acknowledged
Active detections
High Phishing · Credential harvesting

Credentials submitted to spoofed sign-in page

09:38 AM

A user clicked a link in a suspicious email and entered their work credentials into a counterfeit Microsoft sign-in page hosted on a look-alike domain. The account should be treated as compromised pending review.

Spoofed domainlogin.microsft-secure.com
Delivered viaEmail · "Action required"
Detection sourceSafe Links
Medium Phishing · Malicious attachment

Phishing email with fake invoice quarantined

08:52 AM

An inbound email impersonating a known vendor carried an HTML attachment that redirects to a credential-stealing page. It was quarantined before delivery, but six other mailboxes received a similar message.

Senderbilling@vendor-portal.net
AttachmentInvoice_4471.html
Detection sourceAnti-phishing policy
All detections reviewed — your queue is clear.
Thank you for reviewing.