This detection rule identifies callback scam solicitations originating from Monday.com's notification system. It utilizes natural language understanding (NLU) to analyze the content of the messages for specific fraudulent language indicative of a scam. The rule specifically looks for messages coming from the sender's email 'notifications@monday.com' and checks the text of the body in the current thread against a machine learning classifier that identifies intents related to callback scams. The rule serves a medium severity level and aims to mitigate the risk of callback phishing, which relies on social engineering tactics and out-of-band pivots to deceive users into revealing sensitive information or engaging in fraudulent conversations.