OpenEFA Daily Threat Brief

July 12, 2026
SANS Threat Level: GREEN

Email Security Overview

1,155
Processed
452
Delivered
168
Quarantined
0
Rejected
14.5%
Block Rate
39.6
Avg Score

Threats Blocked by Category

166
Phishing
165
BEC
168
Impersonation
2
Backscatter

Top Spam Origin Countries

CountryBlockedShare
United States (US)9776.4%
United Kingdom (GB)86.3%
Canada (CA)86.3%
Türkiye (TR)86.3%
The Netherlands (NL)64.7%

Based on emails that reached the content filter. MTA-level blocks (RBL, GeoIP) are not included.

Top Spam Sender Domains

DomainBlockedAvg ScoreVolume
nobleuae.com756.0
goefa.com551.3
outlook.com555.5
messagethenow.com427.7
gmail.com461.1
gid.com.hk382.7
email.guitarcenter.com30.1
axiomaconsultores.mx299.7

Notable High-Score Threats

ScoreSenderSubject
186.581Webmail Account <service@webmail.com>[[redacted]: New Sender] [redacted] Service
180.491Webmail Account <service@webmail.com>[[redacted]: New Sender] [redacted] Service
171.75Federal Tax Authority <ap@tax.gov.ae>[[redacted]: New Sender] URGENT: Action Required - Pe
163.69American Express <dan@[redacted]Unusual Spending Activities Detected.
160.814American Express <dan@[redacted]Unusual Spending Activities Detected.

CISA Known Exploited Vulnerabilities (New)

CVEVendor / ProductRansomware
CVE-2026-56291Balbooa Forms
Balbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE.
Unknown
CVE-2026-48939iCagenda iCagenda
iCagenda contains an unrestricted upload of file with dangerous type vulnerability that allows the upload of arbitrary files in the file attachment feature, ultimately resulting in PHP code upload and execution.
Unknown

Active Malicious URLs (URLhaus)

50
Active URLs
1
Threat Types
1
Unique Hosts

Top threat types:

unknown: 50

Email Threat IOCs (ThreatFox)

20 email-related indicators of compromise in the last 24 hours.

Malware FamilyIOCsSeverity
Stealc8High
Remvio5High
Vidar5High
AsyncRAT2Medium