Internal analyst-only company registry entry for spoofed sender/domain detection.
Inspect aliases and legitimate infrastructure used by the smishing runtime.