Secure Email Threat Defense API

Techniques

Below are some common detection techniques available in ETD that can be seen in the Message Search API request and response. You can use these techniques in the Search API request to filter messages as desired.

  • Brand impersonation
  • Call to action
  • Data input request
  • Disposable sender address
  • Domain brand impersonation
  • Email address in subject
  • Email without text
  • External admin
  • External support
  • Fake reply
  • Frequent sender
  • Frequent sender for recipient
  • Frequent sender for recipient's domain
  • Hidden text
  • Hidden text injection
  • Image-only email
  • Inferred greeting
  • Internal email
  • Link masquerade
  • Link visit request
  • Low content reputation
  • Low-reputation TLD
  • Malicious HTML attachment
  • Malicious URL
  • Masqueraded file extension
  • Open redirect
  • QR code
  • Rare sender address
  • Rare sender domain
  • Rare sender domain for recipient
  • Rare sender domain for recipient domain
  • Rare sender for recipient
  • Rare sender for recipient domain
  • References to cryptocurrency
  • Reply
  • Request for contact details
  • Request for credentials
  • Request to open attachment
  • Reused URL
  • Sender IP reputation
  • Sender domain brand impersonation
  • Sender domain reputation
  • Sender name brand impersonation
  • Sender name impersonation
  • Sender name mismatch
  • Shortened URL
  • Suspicious button
  • Suspicious sender address
  • Suspicious sender domain
  • Unicode masquerade
  • Urgency
  • User impersonation
  • Username in subject
  • Victim impersonation
  • Victim specific URL
  • Young domain
Next