Inbound email detection for self-sent messages: the rule flags messages where the sender emails themselves to a single recipient, with a subject that includes both the sender's email address and their display name (which differ). The body must contain the French terms copier and coller and reference domains such as pages.dev or web.app. This pattern suggests a credential-phishing attempt combined with social engineering and potential evasion via a free subdomain host. The detection relies on header analysis (single recipient, sender equals recipient, sender email different from display name), subject/content matching, and body-domain indicators. It is designed to identify attackers attempting to trick the user into copying and pasting sensitive information, using self-sent messages to bypass some filters. The rule is categorized as medium severity with attack types including Credential Phishing and techniques such as Evasion, Free subdomain host, and Social engineering.