Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security Blue - Phishing Analysis > Lab) Categorizing Phishing Emails Solution > Flashcards

Lab) Categorizing Phishing Emails Solution Flashcards

1
Q

Question 1 - Email One - What category do you believe this emails fits into? (Spam, Recon, Malicious Attachment, Credential Harvester)

A

In email one, we notice that the sender is trying to get the recipient to respond to the email. It is also sent from a random email address, where the sender name does not match and uses a different Reply-to address to receive the email response (if the recipient replies). The email is not asking us to click a link or download a file, so based on this information, it is a recon email trying to get a response from the user and begin a conversation, or it could be used simply to check if the target mailbox exists and can receive emails (although typically those emails don’t bother writing anything in the email body).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Question 2 - Email Two - What category do you believe this emails fits into? (Spam, Recon, Malicious Attachment, Credential Harvester)

A

Firstly, considering the context of the email, it is posing as a fraud alert for our Amazon account. However the email doesn’t show any Amazon branding or styling, and the sending address is actually non-reply@email.lanhdaotaiba.com, which definitely isn’t an Amazon email address. The email is using a sense of urgency to get users to click on the button without thinking properly. The email is asking us to confirm some information about ourselves to verify we own the account. Based on this information, this email is most likely to be a credential harvester, trying to extract private information from email recipients.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Question 3 - Email Three - What category do you believe this emails fits into? (Spam, Recon, Malicious Attachment, Credential Harvester)

A

This email doesn’t show any suspicious or malicious indicators and based on the information contained within the email body, this is a spam/newsletter email and is non-malicious (also known as junk mail).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Question 4 - Email Four - What category do you believe this emails fits into? (Spam, Recon, Malicious Attachment, Credential Harvester)

A

The first thing we notice about this email is the subject line which is creating a sense of urgency, which is often utilized by malicious emails. We also notice that this email has an attachment which we should be careful with, in case it is actually malicious. The sending address is a Gmail address, which is very suspicious considering it is claiming to be from a ‘Finance and Collection Department’ of a company. Based on this information provided, this is a malicious attachment email, where the email recipient is being convinced to open the attached docx file (which could contain malicious macros or a link to a malicious website) by claiming there will be financial consequences to the company.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Tactics and Techniques Used

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly

Security Blue - Phishing Analysis (62 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions