This rule aims to identify suspicious emails requesting financial information that may be associated with Business Email Compromise (BEC) or fraud. The detection criteria focus on various factors surrounding the email communication, such as the sender's identity and trustworthiness, the content within the email subject and body, as well as the presence of specific instructions or requests related to financial matters like accounts receivable reports. The rule employs several checks to ascertain if the sender is suspicious based on their email domain, the age of their email address, and the financial language used in the email. If any part of the criteria is met—including the use of free email domains, or if the sender has been known for less than three days—the email is flagged as potentially fraudulent. The severity level of this rule is classified as high due to the sensitive nature of financial information and the potential risk of significant loss to the organization.