https://tryhackme.com/room/phishingemails2rytmuv
Created by: tryhackme, TactfulTurtle
“Each email sample showcased in this room will demonstrate different tactics used to make the phishing emails look legitimate. The more convincing the phishing email appears, the higher the chances the recipient will click on a malicious link, download and execute the malicious file, or even send the prince of some country a wire transfer.”
In Task 2, THM breaks down a spam email regarding a PayPal order.
It also shows a very convincing email, but upon looking at the HTML source, it shows that the clickable link in the email is using a URL shortening service.
In Task 3, we are reviewing an email regarding package tracking. It goes into “tracking pixels(tiny images) that can be put into spam emails.” Again, we are instructed to use CyberChef to defang the URL.
In task 4, an urgent-type email is shown. It breaks it down by showing what eventually happens(credential harvesting) as the user inputs their username and password. To see the full analysis of the email, head over to: https://app.any.run/tasks/12dcbc54-be0f-4250-b6c1-94d548816e5c/#.
The next task covers a Netflix spoofed email.
You will need to do some googling for the next answer. Look at the official site of help.netflix.com.
The next task covers an Apple related spam email.
The next task covers a DHL email. Eventually, the .exe file runs Excel and throws an error message.
