Link Click Analysis

Link Click Analysis provides details relating to links within received emails that users in your organization clicked. This content explains the data presented in this view. 

Threat Trend

The Threat Trend bar graph shows dates and times when users within your organization may have clicked potentially harmful links. You can filter the table by clicking on a specific point on the bar graph to show only that date/time based on the Time column.

Threat Detection Engines (TDE)

• Standard - Items found with the Standard TDE are known to be malicious
• DeepLink - Items in the threat table labeled with DeepLink should be given special consideration as these could potentially indicate a new, unknown threat or a targeted attack. 

You can filter the table by clicking on the desired Threat Detection Engine (Standard or DeepLink) in the donut chart to show only that category. 

Categories

Links that are clicked are categorized in one of the following ways:

• Malicious - Items categorized as Malicious are known malicious sites
• Suspect - Items that have been identified as suspicious sites, possibly unknown threats
• Spam - Items that have been identified as spam based on your configured policies

In cases of items marked as Malicious, Suspect, or Spam, you can select that line item for more details such as the affected URL, the user who clicked the link, their IP and browser version, as well as the sending email address and when the email was received. You can filter the table by clicking on the desired category (Malicious or Suspect) in the donut chart to show only that category.

Top Domains

A list of the top 5 domains with suspicious or known malicious URLs sent to emails within your organization. You can filter the table by clicking on the desired domain in the Top Domains list to show only that domain under the URL column.

Top Link Clickers

A list of the top 5 users who click suspicious or known malicious URLs within their email. You can filter the table by clicking on the desired user in the Top Link Clickers list to show only that user under the Link Clicker column.

Top Senders

A list of the top 5 email addresses that send suspicious or known malicious URLs via email to your organization. You can filter the table by clicking on the desired email address in the Top Senders list to show only that address under the Sender column.

Threat Explorer

Threat Explorer provides details about all types of threats within emails that users in your organization received. This content explains the data presented in this view. 

You can choose date ranges by clicking on the dates in the top-right corner.

Threat Trend

The Threat Trend bar graph shows dates when potentially threatening mail was received within your organization. You can filter the table by clicking on a specific point on the bar graph to show only that date/time based on the Time column.

Threat Detection Engines

• Sandbox - Attachment Sandboxing Add-on is required for this; indicates the percentage of potentially harmful attachments that were caught and quarantined
• Virus Scanner - Indicates the percentage of emails with potential viruses caught and quarantined
• Spam Scanner - Indicates the percentage of spam emails caught and quarantined

You can filter the table by clicking on the desired Threat Detection Engine (Sandbox, Virus Scanner, or Spam Scanner) in the donut chart to show only that category. 

Categories

Emails that are received are categorized in one of the following ways:

• Suspect - Items categorized as Suspect are suspicious but not confirmed threats
• Malicious - Items categorized as Malicious are known threats
• Spam - Items categorized as Spam are based on your configured policies
• Bulk - Items categorized as Bulk are based on the bulk email filter and are generally “newsletter” type messages
• Phishing - Items categorized as Phishing are based on the Spam scanner and your configured policies

In all cases, you can select that line item for more details such as the sending email address and when the email was received, and more. You can filter the table by clicking on the desired category in the donut chart to show only that category.

Top Attack Vectors

A list of the top 5 types of attacks sent via email. (For example, 29.74% EXE, 24.03% ZIP, 13.04% URL would indicate 29.74% of the attacks were in the form of an executable file, 24.03% were in the form of a .zip file, and 13.04% were in the form of a malicious link.) You can filter the table by clicking on the desired vector in the Top Attack Vectors list to show only that category.

Top Recipients

A list of the top 5 email addresses in your organization that receive suspicious or known malicious messages. You can filter the table by clicking on the desired email address in the Top Recipients list to show only that address under the Recipient column.

Top Senders

A list of the top 5 email addresses that send suspicious or known malicious messages to your organization. You can filter the table by clicking on the desired email address in the Top Senders list to show only that address under the Sender column.