System and method of detecting delivery of malware using cross-customer data

What is claimed is: 1. A computerized method for malware detection conducted by a management platform including processing circuitry and a data store, comprising: receiving a set of indicators of compromise (IOCs) from a first source for storage in the data store, the set of IOCs identified as being caused by a known malware associated with a first message type; receiving, for storage in the data store, one or more IOCs from a second source that is different from the first source where a cause of the one or more IOCs is unknown; and responsive to a triggering event that includes a shift in volume of a given type of IOC at the second source that exceeds a prescribed threshold, conducting a predictive analysis by the processing circuitry of the one or more IOCs received from the second source to determine whether the received IOCs from the second source correspond to the set of IOCs received from the first source, wherein information associated with at least the set of IOCs is used to locate a malware associated with the first message type that is undetected at the second source and is the cause of the one or more IOCs at the second source. 2. The computerized method of claim 1 , wherein the set of IOCs caused by the known malware associated with the first message type includes a set of IOCs associated with an email message that has been previously detected at the first source as being malicious. 3. The computerized method of claim 1 , wherein the set of IOCs caused by the known malware associated with the first message type includes a set of IOCs associated with a text message that has been previously detected at the first source as being malicious. 4. The computerized method of claim 1 , wherein the triggering event associated with the shift in volume of a given type of IOC at the second source includes an increase in volume of the given type of IOC at the second source that exceeds the prescribed threshold. 5. The computerized method of claim 1 , wherein the conducting the predictive analysis of the one or more IOCs received from the second source to determine whether the one or more IOCs received from the second source correspond to the set of IOCs received from the first source comprises determining whether a prescribed number of the received IOCs are present in the set of IOCs associated with the known malware. 6. The computerized method of claim 1 , wherein the conducting the predictive analysis of the one or more IOCs received from the second source to determine whether the one or more IOCs received from the second source correspond to the set of IOCs received from the first source comprises determining whether the one or more IOCs received from the second source are present and in the same chronological order as the set of IOCs associated with the known malware. 7. The computerized method of claim 1 , wherein a degree of correspondence for determining whether the one or more IOCs received from the second source correspond to the set of IOCs received from the first source is dynamic. 8. The computerized method of claim 1 , wherein the determining whether the IOCs received from the second source correspond to the set of IOCs received from the first source further comprises determining a threat level associated with the one or more IOCs, the threat level signifies a degree of confidence that the one or more IOCs are caused by a malicious electronic message; selecting a particular type of response based on the determined threat level. 9. The computerized method of claim 8 , the threat level is determined based, at least in part, on whether the set of IOCs from the first source are detected or observed, where a determined correspondence between the one or more IOCs received from the second source and the set of IOCs that have been observed by the first source is assigned a higher threat level than a determined correspondence between the one or more IOCs received from the second source and the set of IOCs detected by the first source. 10. The computerized method of claim 8 , wherein the threat level is determined based, at least in part, on a timing of the one or more IOCs compared to a timing of the set of IOCs associated with the known malware that includes an identified malicious electronic message. 11. The computerized method of claim 1 , wherein the malware associated with the first message type that is undetected at the second source comprises a first malicious electronic message. 12. The computerized method of claim 11 , the information associated with at least the set of IOCs that is used to locate the first malicious electronic message comprises an arrival time of a second malicious electronic message detected at the first source. 13. The computerized method of claim 11 , the information associated with at least the set of IOCs that is used to locate the first malicious electronic message further comprises information associated with the one or more IOCs received from the second source that include one or more of (i) a geographical origin of the second source, (ii) a group membership of the second source, (iii) a company type of the second source, or (iv) a type of industry to which the second source belongs. 14. The computerized method of claim 1 , wherein the receiving of the set of IOCs from the first source and the receiving of the one or more IOCs from the second source comprises receiving the set of IOCs and the receiving of the one or more IOCs in transit over a network. 15. The computerized method of claim 14 , wherein the receiving of one or more IOCs is conducted automatically over a network. 16. A system comprising: processing circuitry; a first logic in communication with the processing circuitry, the first logic is configured to (i) receive a set of indicators of compromise (IOCs) that are detected to have been caused by a known malware associated with a first message type from a first source, (ii) receive one or more IOCs from a second source that is different from the first source where a cause of the one or more IOCs is unknown, and (iii) determine whether a triggering event has occurred that signifies at least a prescribed likelihood that the one or more IOCs from the second source are caused by a undetected malicious electronic message present at the second source; and a second logic in communication with the processing circuitry, the second logic is configured to (i) conduct a predictive analysis that evaluates whether the received IOCs from the second source correspond to the set of IOCs caused by the known malware associated with the first message type, and (ii) determine a threat level, which signifies a level of confidence that the received IOCs from the second source are caused by the undetected malicious electronic message. 17. The system of claim 16 , wherein the set of IOCs associated with the known malware includes a set of IOCs associated with an electronic mail message that has been previously detected at the first source as being malicious. 18. The system of claim 16 , wherein the set of IOCs associated with the known malware includes a set of IOCs associated with a text message that has been previously detected at the first source as being malicious. 19. The system of claim 16 , wherein the second logic determines whether the received IOCs from the second source correspond to the set of IOCs received from the first source occurs in response to the triggering event. 20. The system of claim 19 , wherein the triggering event includes an increase in volume of a given type of IOC within