Tryhackme - Phishing Emails in Action

Tryhackme – Phishing Emails in Action

In this walk through, we will be going through the Phishing Emails in Action room from Tryhackme. In this room, we will learn the different indicators of phishing attempts by examining actual phishing emails. So, let’s get started without any delay.

Phishing Emails in Action

Task 1 – Introduction

Task 1 - Introduction

Task 2 – Cancel your PayPal order

Question 1 – What phrase does the gibberish sender email start with?

Task 2 - Cancel your PayPal order

Task 3 – Track your package

Question 1 – What is the root domain for each URL? Defang the URL.

Task 3 - Track your package

Task 4 – Select your email provider to view document

Question 1 – This email sample used the names of a few major companies, their products, and logos such as OneDrive and Adobe. What other company name was used in this phishing email?

Task 4 - Select your email provider to view document

Task 5 – Please update your payment details

Question 1 – What should users do if they receive a suspicious email or text message claiming to be from Netflix?

Beware of links

Task 5 - Please update your payment details

Task 6 – Your recent purchase

Question 1 – What does BCC mean?

Question 2 – What technique was used to persuade the victim to not ignore the email and act swiftly?

Task 6 - Your recent purchase

Task 7 – DHL Express Courier Shipping notice

Question 1 – What is the name of the executable that the Excel attachment attempts to run?

Task 7 - DHL Express Courier Shipping notice

Task 8 – Conclusion

Task 8 - Conclusion

Also Read: Tryhackme – Mustacchio

So that was “Phishing Emails in Action” for you. We learned all the different indicators of phishing attempts by examining actual phishing emails. We started off with an alleged email from PayPal which was regarding cancellation of a order. Next, we looked into tracking scam related to DHL. Further, an Microsoft OneDrive credential harvesting attack. Moving on, a Netflix and Apple support email with a PDF and DOC attachments as lure. At last, looked into a DHL email that has a excel file with macros enabled to run the payload. On that note, i would take your leave and will meet you in next one. Till then, “Happy hacking”.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top