KEMBAR78
Phishing Analysis | PDF
Scribd
Upload
71 views12 pages

Phishing Analysis

The document outlines a comprehensive methodology for analyzing phishing emails, including steps such as examining headers, sender analysis, and email authentication methods like SPF, DKIM, and DMARC. It emphasizes the importance of content analysis, URL inspection, and attachment analysis, including sandboxing techniques for safe execution. By utilizing both manual and automated tools, users can effectively identify phishing attempts and enhance their security posture.

Uploaded by

purifiedsoulyt
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
71 views12 pages

Phishing Analysis

The document outlines a comprehensive methodology for analyzing phishing emails, including steps such as examining headers, sender analysis, and email authentication methods like SPF, DKIM, and DMARC. It emphasizes the importance of content analysis, URL inspection, and attachment analysis, including sandboxing techniques for safe execution. By utilizing both manual and automated tools, users can effectively identify phishing attempts and enhance their security posture.

Uploaded by

purifiedsoulyt
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

01

What’s Hiding
Inside a Phishing
Email?
02

1. Email Analysis
Methodology
Phishing analysis starts with a
clear process:

📥 Collect raw email (EML/MSG)


🔍 Examine headers, content,
attachments

🛠️ Use manual & automated


tools
03

2. Header & Sender


Analysis
Email headers reveal hidden info:

📨 Check Return-Path, Received,


Reply-To, From

🕵️‍♂️ Compare sender fields to


detect spoofing

✅ Verify SPF, DKIM, DMARC


04

3. Email Authentication
Methods

🔐 SPF – Validates sender IP


🧾 DKIM – Ensures integrity
🛡️ DMARC – Enforces policies
05

4. Email Content
Analysis

🚨 Urgent or threatening
language.

🔗 Hover to preview links


❌ Grammar/spelling issues
06

5. URL Analysis

🧐 Hover to inspect links


🔬 Use VirusTotal, URLScan
🔀 Watch redirects/shorteners
07

6. Attachment Analysis

📄 ZIP, PDF, DOC files


🧪 Analyze in sandbox
⚠️ Look for macros/scripts
08

7. Sandboxing
Attachments

🎯 Run files in sandbox


📂 Detect dropped files
📉 Watch registry changes
09

8. Static MalDoc
Analysis

📌 No execution needed
🔍 Use olevba, oletools
🧱 Spot obfuscated macros
10

9. Static PDF Analysis

📄 Embedded JavaScript/links
🧰 Tools: PDFiD, pdf-parser
🔗 Inspect embedded files
11

10. Automated Analysis

🤖 Use PhishTool, IRONSCALES


🚀 Speed up triage
📧 Scale email detection
Conclusion
By mastering phishing
analysis , spotting red flags,
and using the right tools, you’re
one step ahead of attackers.

You might also like