For full text search please use the '?' prefix. e.g. ? Onboarding

Phishing Analysis 2

  1. What is the sending email address? (1 points)

    Answer: amazon@zyevantoby.cn

  2. What is the recipient email address? (1 points)

    Answer: saintington73@outlook.com

  3. What is the subject line of the email? (1 points)

    Answer: Your Account has been locked

  4. What company is the attacker trying to imitate? (1 points)

    Answer: Amazon

  5. What is the date and time the email was sent? (As copied from a text editor) (1 points)

    Answer: Wed, 14 Jul 2021 01:40:32 +0900

  6. What is the URL of the main call-to-action button? (1 points)

    Answer: https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Famaozn.zzyuchengzhika.cn%2F%3Fmailtoken%3Dsaintington73%40outlook.com&data=04%7C01%7C%7C70072381ba6e49d1d12d08d94632811e%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637618004988892053%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=oPvTW08ASiViZTLfMECsvwDvguT6ODYKPQZNK3203m0%3D&reserved=0

  7. Look at the URL using URL2PNG. What is the first sentence (heading) displayed on this site? (regardless of whether you think the site is malicious or not) (1 points)

    Answer: This web page could not be loaded.

  8. When looking at the main body content in a text editor, what encoding scheme is being used? (1 points)

    Answer: Base64

  9. What is the URL used to retrieve the company's logo in the email? (1 points)

    Answer: https://images.squarespace-cdn.com/content/52e2b6d3e4b06446e8bf13ed/1500584238342-OX2L298XVSKF8AO6I3SV/amazon-logo?format=750w&content-type=image%2Fpng

  10. For some unknown reason one of the URLs contains a Facebook profile URL. What is the username (not necessarily the display name) of this account, based on the URL? (1 points)

    Answer: amir.boyka.7

Tags

  1. email (Private)
  2. phishing (Private)
  3. 10 points (Private)
  4. easy (Private)