CYFIRMA - Data Breach and Web Monitoring - Phishing Campaign Detection Rule

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Content Index

---

Detects phishing campaigns targeting enterprise domains, as identified through CYFIRMA's Data Breach and Dark Web Monitoring. These alerts may include malicious URLs used for credential harvesting, domain impersonation, or social engineering. Immediate triage and takedown actions are recommended.

Attribute	Value
Type	Analytic Rule
Solution	Cyfirma Digital Risk
ID	00c7b41c-ddeb-4c49-acd7-2f7897e27fb4
Severity	Medium
Status	Available
Kind	Scheduled
Tactics	InitialAccess, Exfiltration
Techniques	T1566.001, T1566.002, T1566.003
Required Connectors	CyfirmaDigitalRiskAlertsConnector
Source	View on GitHub

Tables Used

This content item queries data from the following tables:

Table	Transformations	Ingestion API	Lake-Only
CyfirmaDBWMPhishingAlerts_CL	?	✓	?

---

Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊

↑ Back to Analytic Rules · Back to Cyfirma Digital Risk