Activity 10.2: Analyze a Phishing Email*
You probably already have great source material for this lab exercise: simply open your email spam folder and find a likely phishing attack email.
Part 1: Manually analyze an email header
Once you have identified a suspected phishing email, you will need to open the headers for the email. If you’re not familiar with the process, most email providers have help available on how to access the headers. It can help to print the headers out for analysis or to import them into your favorite text editor to allow for markup as you track what you have found.
Review the headers and identify what clues you can find.
a) where it was sent from
b) who sent it, and
c) what path it traveled before you received it.
c) What red flags stand out,
d) What would you do to identify future phishing emails based on the header information?
Part 2: Analyze the email content
Now that you have reviewed the header, you can move on to the body of the email. In this phase, review the content of the message, paying particular attention to common artifacts found in phishing emails. You should look for embedded links and record any deceptive links or embeds. You can also identify typos, poor grammar, and other typical elements of a phishing email.
Once you have identified these components, check the links against a tool like those found at zeltser.com/lookup-malicious-websites/.
Is the link or domain a known-bad link?
Part 3: Use an automated tool
Use one or more automated email header analyzers to review the header from part 1.
if you identify additional useful data and what that data is.
(Many sites are available; you can start with www.whatismyip.com/email-header-analyzer/ or mxtoolbox.com/EmailHeaders.aspx.)
Write a one paragraph conclusion on what you learned.
Chapple, Mike; Seidl, David. CompTIA CySA+ Study Guide Exam CS0-002 (p. 373). Wiley. Kindle Edition.
Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.
You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.Read more
Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.Read more
Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.Read more
Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.Read more
By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.Read more