This automation identifies email campaigns,
by finding past phishing incidents with high text similarity. If a phishing campaign was
found, the output concentrates details regarding the campaign, such
as, when it occurred, whether it involved senders and recipients, mutual
indicators, email summary, etc. It provides an immediate detailed
background (if found) for a given phishing incident.
This automation finds past similar incidents
based on incident fields similarity. It also includes an option to
display indicators similarity. The model aims to detect similarity through
text or JSON, even if the value is different. The automation provides
the user with these details. For details, see DBotFindSimilarIncidents Script
This automation ingests data such as the screenshot
and HTML of a web page, URL syntax, and domain information, and
predicts if the URL is a phishing attack. For details, see DBotPredictURLPhishing Script.