hxxp://True Positive[:] Security Event User "jonathan[.]hewitt@invesco[.]com" clicked on a URL which is classified as phishing[.] acquired email copy and analysed[.] email is confirmed as phishing email delivered to user[.] BP clicked on a phishing link however they did not post any credentials[.] BP changed credentials as per precautionary measure request[.] No other user clicked on similar link[.] malicious link is blocked in PP and categorized as phishing by PA[.] sender is blocked and all emails are purged[.] NFAR[.] CLosing ticket

Sharing

Target

http://True Positive: Security Event User "[email protected]" clicked on a URL which is classified as phishing. acquired email copy and analysed. email is confirmed as phishing email delivered to user. BP clicked on a phishing link however they did not post any credentials. BP changed credentials as per precautionary measure request. No other user clicked on similar link. malicious link is blocked in PP and categorized as phishing by PA. sender is blocked and all emails are purged. NFAR. CLosing ticket