Skip to main content

How to Use Sniff and Detect

  1. Access the App

    • Open Outlook and check the apps panel to ensure Sniff & Detect is listed and accessible.

    • Users can launch it from More apps in Microsoft 365.

image.png

  • A phishing email impersonating Netflix. An arrow points to the SNIFF & Detect icon, indicating where to scan or flag the email as suspicious.

image.png

  • Click the “Scan This Email” button and wait for the scan to complete.

image.png

  • SNIFF & Detect has scanned the email, highlighting possible errors such as
    1. Arrow 1 points to the Language issues section, showing spelling and grammar mistakes found in the phishing email.
    2. Arrow 2 points to the What you should do section, giving safety advice on how to handle the suspicious email.

image.png

  • Arrow 1 – Highlights the AI Insight Results tab in SNIFF & Detect, which contains the automated analysis results of the scanned email.

  • Arrow 2 – Points to the Malicious classification summary. This section briefly explains the reasons the email is flagged, such as suspicious sender details, urgent tone, spelling and grammar errors, and suspicious links.

  • Arrow 3 – Directs attention to the actual phishing email content pretending to be from Netflix, warning about a payment failure and urging the user to update their payment information.

  • Arrow 4 – Indicates the Report as Phishing button, which the user can click to formally report the suspicious email to security for further action.

image.png

  • Click the "Run a deep scan" button, which allows for a more detailed examination of the email to detect hidden threats and malicious indicators.

image.png

  • SNIFF & Detect doing a deep scan on a suspected phishing email pretending to be from Netflix. The scan may take a couple of minutes to finish.

image.png

  • The scan results are now finished and ready to check.

image.png

  • This is the result of a deep scan conducted by the Sniff & Detect tool on a suspicious email impersonating Netflix.
    1. Arrow 1 highlights the domain netflix-billing.com, which is flagged as a spoofed domain used to impersonate Netflix and trick users into entering sensitive information.
    2. Arrow 2 lists phishing-related email addresses such as richmond@cytcehint.com and support@netflix-billing.com, which are likely used to send or support the fraudulent email.
    3. Arrow 3 shows the IP address 192.168.1.45, flagged as part of the phishing infrastructure. Although it's a private IP, its presence suggests internal spoofing or malicious setup.

image.png

If you need further assistance, kindly contact our support at support@cytechint.com for prompt assistance and guidance.

Back to top