Lena, a SOC analyst, observes a pattern of unusual login attempts originating from multiple foreign IP addresses tied to shared drive links circulating within the organization. These links were embedded in emails appearing to come from the HR department and marked with urgent subject lines. Upon deeper inspection, Lena finds multiple similar messages still pending in the mail server’s delivery queue. To prevent widespread exposure, she takes immediate action to eliminate these messages before they reach employees' inboxes. Which incident response action best describes Lena’s action?
Submit