This detection rule is designed to identify potentially malicious messages that exhibit specific characteristics related to social engineering attacks, particularly Business Email Compromise (BEC) and fraud. It focuses on email messages where the sender's display name contains emoji characters and is associated with financial symbols, such as the US dollar ($), British pound (£), Euro (€), Japanese yen (¥), and the peso (₱). The rule employs regular expressions to detect emoji characters within the Unicode ranges and checks for the presence of financial symbols in the email subject line. Additionally, the rule flags emails if the sender's domain is not included in the top 1 million websites, as determined by Alexa, and has failed DMARC authentication checks. This combination of factors indicates a higher likelihood of the email being a phishing attempt or fraud, despite its low severity classification.