The cybersecurity response team at a global enterprise receives an alert from an employee regarding a suspicious email that appears to be from a senior executive. During the investigation, the team analyzes the email header and notices that the sending IP address originates from a foreign country that has no affiliation with the organization. A WHOIS lookup confirms that the IP is registered under an unknown entity. What key element helped identify the suspicious activity?
Submit