Skip to content

HexValkyrie/task-2-phishing-analysis

BranchesTags

Repository files navigation

Task 2 – Phishing Email Threat Analysis Report

Date: 28 May 2025
Analyst: Komal R Ratnaparkhe
Task: Cybersecurity Internship – Task 2
Status: Completed

Objective

Analyze a suspicious email to identify common phishing characteristics using threat detection and social engineering concepts.
This report focuses on a phishing email impersonating PayPal. Threat intelligence platforms like VirusTotal and MXToolbox were used to confirm malicious behavior.

Safety Note: All links to the suspicious domain have been obfuscated to prevent accidental access and ensure safe handling.

Sample email Used check file (phishing-email.txt)

From: PayPal Security Team <alert@paypal-verification(dot)com>
Subject: Immediate Action Required – Unusual Login Attempt
Link: https://paypal-login-confirmation(dot)com

Phishing Indicators Identified

  1. Spoofed Email Domain
    The sender domain paypal-verification(dot)com is not official. Real PayPal emails come from @paypal.com.

  2. Urgent Language
    Phrases like “Immediate Action Required” and “account suspension” are used to create panic and urgency.

  3. Suspicious Link
    The displayed link appears legitimate but points to a fake domain not associated with PayPal.

  4. Generic Greeting
    The email begins with “Dear Customer” instead of using the recipient’s actual name.

  5. Social Engineering Tactics
    Attempts to scare the user into acting fast by claiming unusual account activity.

  6. Lack of Personalization
    Legitimate services usually include partial account details or the user’s name for verification.

Tools Used

Techniques:

  • Manual inspection of the email
  • Hovering over links to verify destination URLs
  • Domain name and reputation analysis
  • Common phishing characteristics checklist

Key Concepts Covered

  • Phishing: Fraudulent attempts to obtain sensitive information by pretending to be a trustworthy entity.
  • Email Spoofing: Faking the sender’s address to appear legitimate.
  • Social Engineering: Psychological manipulation used to deceive users.
  • Threat Detection: Identifying malicious or suspicious content in emails.

Files in this Repository

  • README.md – This report summarizes the phishing analysis.
  • phishing-email.txt – Raw content of the phishing email (referenced in the analysis).
  • `Screenshot Evidence

Threat Intelligence Evidence

Note: The links above are obfuscated for safety. Replace (dot) with .

  • VirusTotal Report:
    https://www.virustotal.com/gui/domain/paypal-verification.com/detection

  • MXToolbox Report:
    https://mxtoolbox.com/emailhealth/paypal-verification.com/

About

Analysis of a phishing email for Cybersecurity Internship Task 2.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors