MailPhishing
Proto for all phishing alerts with common payload. Supported types are any of the following:
- User reported phishing
- User reported spam spike
- Suspicious message reported
- Phishing reclassification
- Malware reclassification
- Gmail potential employee spoofing
| Fields |
domainId |
object (DomainId)
The domain ID.
|
maliciousEntity |
object (MaliciousEntity)
The entity whose actions triggered a Gmail phishing alert.
|
messages[] |
object (GmailMessageInfo)
The list of messages contained by this alert.
|
isInternal |
boolean
If true, the email originated from within the organization.
|
systemActionType |
enum (SystemActionType)
System actions on the messages.
|
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2024-08-22 UTC.
[null,null,["Last updated 2024-08-22 UTC."],[[["This documentation details the JSON representation for phishing alerts in Google Workspace Alert Center."],["The schema includes fields like `domainId`, `maliciousEntity`, `messages`, `isInternal`, and `systemActionType` to represent alert details."],["Supported alert types encompass user-reported phishing/spam, suspicious messages, and reclassifications for phishing/malware."],["The alert structure uses objects like `DomainId`, `MaliciousEntity`, and `GmailMessageInfo` for comprehensive information."],["The `systemActionType` field indicates any actions taken by the system on the flagged messages."]]],[]]
