Skip to content

Commit

Permalink
TEST - Update headers_russia_return_path.yml
Browse files Browse the repository at this point in the history
Testing removal of prevalence
  • Loading branch information
morriscode authored Nov 7, 2023
1 parent 92a3cb4 commit 779a368
Showing 1 changed file with 0 additions and 7 deletions.
7 changes: 0 additions & 7 deletions detection-rules/headers_russia_return_path.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,6 @@ source: |
type.inbound
and headers.return_path.domain.tld == "ru"
and sender.email.email not in $recipient_emails
and (
profile.by_sender().prevalence in ("new", "outlier")
or (
profile.by_sender().any_messages_malicious_or_spam
and not profile.by_sender().any_false_positives
)
)
attack_types:
- "BEC/Fraud"
- "Credential Phishing"
Expand Down

0 comments on commit 779a368

Please sign in to comment.