Spear Phishing Investigation
The "Spear Phishing Investigation" playbook is designed to detect patterns that indicates a spear phishing attempt by the attacker.
Phishing · 10 tasks · 3 inputs · 0 outputs
Inputs
DomainSquattingResults— Results of the domain squatting investigation.KeywordsToSearch— A comma-separated or list of keywords to search in the email body. for example: name of the organization finance app that the attacker might impost to.MailBody— The phishing mail body.
Commands used
setIncident