This workflow template addresses the critical task of safeguarding Outlook mailboxes from phishing threats. It automatically activates upon receiving a new message through a webhook, at which point the analysis for malicious content kicks off, powered by VirusTotal. This process scrutinizes URLs, attachments, and email headers to identify potential threats. Based on the findings, it updates the message labels to reflect the level of suspicion or threat and provides feedback to the sender. This proactive approach facilitates real-time detection of phishing attempts, helping protect sensitive data and maintain the integrity of business communications.
Trigger
Microsoft 365 Graph Subscription
Use Cases
Phishing
Workflow Breakdown
On trigger from the webhook on a new message, change the label to Sacn-Started on the new message.
Retrieve URLs, attachments and headers that are part of the message and scan with VirusTotal
Use VirusTotal findings to append the suspicious or malicious data to return to the user
Update the email categories on the message in the folder with the resulting verdict.
Send a response message to the originator of the message when the analysis is complete
Vendors
Utils, VirusTotal, Microsoft Outlook, Microsoft 365
Workflow Output
Analysis information via email back to the originating user and labels on the mailbox message with the verdict.