Detecting a Phishing Attack with (PIE)


Humans are the most vulnerable part of any digital transaction. Ninety-seven percent of people globally are unable to identify a sophisticated phishing email.

Unsuspecting users may click on weaponized links or download attachments, unknowingly exposing your organization to risk. Phishing attempts have grown 65 percent in the last year—and chances are you’re not adequately protected.

With most phishing attempts, threat actors often try to gain financial information or steal a user’s credentials to access sensitive or private corporate information. In fact, 76 percent of breaches reported in 2017 were financially motivated.

Hackers have time and again proven to be are unrelenting in their attempts to penetrate corporate networks, and often won’t quit until they are successful.


LogRhythm’s Phishing Intelligence Engine (PIE) is a free, open-source PowerShell framework that enables you to automatically detect phishing attacks, validate active threats, and reduce your attack surface.

LogRhythm’s PIE determines the risk level of emails by analyzing subject lines, sender addresses, recipients, message body, links, and attachments—automatically responding to threats by quarantining suspicious emails, blocking senders, and recursively searching for clicks.

Download Use Case PDF US

PIE Benefits

PIE streamlines and automates the process of tracking, analyzing, and responding to phishing emails. Beyond the core functions, PIE features three key benefits. They include:


The PIE infrastructure integrates security orchestration, automation, and response (SOAR) into its framework, automating specific actions normally performed by hand. PIE reduces the time required to manually identify and respond to phishing attacks from hours to minutes.

A Repeatable Process

PIE allows you to create a repeatable process so you won’t worry about skipping an important step. This automated, repeatable process ensures that your team consistently investigates and remediates phishing attempts every time.


With PIE, you can identify patterns and see the larger picture over time through dynamic tagging. This mechanism allows you to track the number of phishing attacks that have occurred and the specifics of each, improving your time to detect and respond to an attempted attack.