We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.

Identify a New Incident

  • Last updated on

Use the Barracuda Forensics & Incident Response wizard to identify a new incident:

  1. Log into Barracuda Forensics & Incident Response.
  2. In the Incidents screen, click New Incident.
  3. In the New Incident page, enter the Email Subject and/or Sender Email in the provided fields, and click Search Messages.
  4. The Review recipients page displays all matching results for the entered criteria.

    To view a copy of an email in question, click the View Message (mailPreview.png) icon. Click Back to return to the Review recipients page.

  5. If your search returned too many emails, click Refine Search to better target the suspicious mails. Return to Step 3, described above.
    Otherwise, click Review Users at Risk to create a new incident and proceed to Step 6.
  6. The Users at Risk page presents you with recipients that clicked on a link in an email in the incident. As an added security measure, you can copy the list and send an email to the affected users with instructions on changing their passwords.


    Click Review Remediation Options to proceed.
  7. On the Remediation Options page, select one or more actions, then click Begin Remediation. Note that these actions might take several minutes to complete.
    • Delete selected emails permanently from affected users' inboxes. This action requires Barracuda Sentinel.
    • Send a warning email alert to the affected users. Click Edit Email Alert to customize the message.
  8. Review the suggested additional actions, then click Close.


Last updated on