Vircom Portal - Security - Outbound Virus

Created by Yves Lacombe, Modified on Thu, 23 Sep 2021 at 04:32 PM by Yves Lacombe

Text of the alert:


1 outbound virus(es) caught for exampledomain.com between 08/26/2021 03:00 and 08/26/2021 04:00 Eastern Daylight Time



Meaning:


We detected at least one message from sender that was caught outbound at (timestamp).



Importance:


It is vitally important to take immediate action.  If someone is sending out viruses that are getting caught outbound by Proofpoint, it implies that you may have a compromised workstation on your network that needs to be shut down immediately.


Since Proofpoint only records the egress IP coming say, from your O365 tenant or your exchange server (if on prem), it does mean you should check the mail flow logs on office365 (or exchange) to see where the actual message originated from in terms of which machine is affected.


At least the messages are getting caught by Proofpoint if you're getting this alert!


Was this article helpful?

That’s Great!

Thank you for your feedback

Sorry! We couldn't be helpful

Thank you for your feedback

Let us know how can we improve this article!

Select atleast one of the reasons

Feedback sent

We appreciate your effort and will try to fix the article