Exciting news! We are redesigning the Arctic Wolf Help Documentation site to provide a better user experience. Our new site will launch on May 1, 2024.

Managed Security Awareness

Managed Security Awareness Portal User Guide

Updated Mar 18, 2024

View threat details of reported emails

You can use the threat details of reported emails to get a better understanding of how end users interact with phishing emails, and to analyze reported emails for security threats.



  1. Sign in to the MA Portal.

  2. In the menu bar, click Reported Phishing.

  3. Click Reported Emails list, and then search for the reporter, date, or threat level to filter the listed results.

  4. In the Threat Level column, click View Threat Details.

    The reported emails table includes this information:

    • Date Reported — The date and time the email was reported as phishing.

    • Reporter Email — The email address of the user who reported the email as phishing.

    • Graph Message ID — The unique message ID of the email reported as phishing.

      See Track a suspicious email using a Graph Message ID for more information.

    • Overall Score — The overall score categorization for the email.

      See View reported emails for more information.

    • Sub-scores — Sub-scores assess the email, and then assign it a risk score. The sub-scores together form the overall score. Sub-score sections are:

      • Header AnalysisLow, Medium, or High risk.
      • Content (Body Content)Low, Medium, or High risk.
      • Content (URL)Low, Medium, or High risk.
      • AttachmentLow, Medium, or High risk.
  5. Click X to exit the Expanded Scoring window.