Elena, a first responder at a multinational firm, receives multiple reports from employees claiming they were asked to update their payroll information through an email that appears to be from HR. The email includes a URL directing users to a login page identical to the company’s intranet but hosted on an unfamiliar domain. Elena immediately informs the IH&R team, preserves the email headers, captures screenshots of the spoofed page, and blocks the domain at the network level. What type of email security incident is Elena handling?
Submit