Report an email address

Tags that should be applied. See detailed descriptions below for more information.

• account_takeover - Legitimate email has been taken over by a malicious actor
• bec - Business email compromise, whaling, contact impersonation/display name spoofing
• brand_impersonation - Impersonating a well-known brand (e.g. Paypal, Microsoft, Google, etc.)
• browser_exploit - The hosted website serves an exploit
• credential_phishing - Attempting to steal user credentials
• generic_phishing - Generic phishing, should only be used if others don't apply or a more specific determination can't be made or would be too difficult
• malware - Malicious documents and droppers. Can be direct attachments, indirect free file hosting sites or droppers from malicious websites
• scam - Catch-all for scams. Sextortion, payment scams, lottery scams, investment scams, fake bank scams, etc.
• spam - Unsolicited spam or spammy behavior (e.g. forum submissions, unwanted bulk email)
• spoofed - Forged sender email (e.g. the envelope from is different than the header from)
• task_request - Request that the recipient perform a task (e.g. gift card purchase, update payroll, send w-2s, etc.)
• threat_actor - Threat actor/owner of phishing kit