OpenEFA Daily Threat Brief

June 23, 2026
SANS Threat Level: GREEN

Email Security Overview

1,923
Processed
807
Delivered
431
Quarantined
0
Rejected
22.4%
Block Rate
39.8
Avg Score

Threats Blocked by Category

430
Phishing
425
BEC
431
Impersonation
23
Backscatter

Top Spam Origin Countries

CountryBlockedShare
United States (US)31086.1%
France (FR)174.7%
China (CN)133.6%
Japan (JP)113.1%
The Netherlands (NL)92.5%

Based on emails that reached the content filter. MTA-level blocks (RBL, GeoIP) are not included.

Top Spam Sender Domains

DomainBlockedAvg ScoreVolume
gmail.com3747.2
outlook.com1156.6
astrapay.com764.7
dmarc.yahoo.com61.4
booksavvypr.com653.9
kost-gromada.gov.ua663.0
hotmail.com553.5
dmcloud-secure.com565.6

Notable High-Score Threats

ScoreSenderSubject
471.33WeTransfer <timr@rmssmontana.com>[[redacted]: New Sender] You have received a File(s)
310.894DHL Express Customer Service <gr@blistreFW:Parcel Arrival Notice - AWB #9853471443
210.15Webmail Mail Service <Noreply@sadefensejWebmail Account Update Required
184.65Webmail Administrator <Noreply@sadefenseAction Required: : Emails Held in Quarantine 06/23
179.321Webmail Account <service@webmail.com>[[redacted]: New Sender] [redacted] Service

CISA Known Exploited Vulnerabilities (New)

No new CISA KEV entries in the last 48 hours.

Active Malicious URLs (URLhaus)

50
Active URLs
1
Threat Types
1
Unique Hosts

Top threat types:

unknown: 50

Email Threat IOCs (ThreatFox)

20 email-related indicators of compromise in the last 24 hours.

Malware FamilyIOCsSeverity
Vidar13High
XWorm4Medium
Remvio2Medium
AsyncRAT1Low

Generated by OpenEFA Threat Intelligence · 2026-06-23 07:00 UTC

Sources: OpenEFA, CISA KEV, Abuse.ch URLhaus, Abuse.ch ThreatFox, SANS ISC

Back to Advisories · Discuss on the Forum