Queries for the EmailEvents table

Article
02/20/2024

Phishing emails from the top 10 sender domains

Get the number of phishing emails from the top ten sender domains.

EmailEvents
| where ThreatTypes has "Phish"
| summarize Count = count() by SenderFromDomain
| top 10 by Count

Emails with malware

Get the number of phishing emails from the top ten sender domains.

EmailEvents
| where ThreatTypes has "Malware"
| limit 500

Feedback

Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.

Submit and view feedback for

This product This page

View all page feedback

Share via

Queries for the EmailEvents table

Phishing emails from the top 10 sender domains

Emails with malware

Feedback

Feedback

Additional resources