The anatomy of a phishing email | Smart Thinking Solutions

Phishing email cyber-attacks have to be the most common cyber-attack directed at any organisation. Most are trying to get the victim to reveal their credentials, often for Microsoft 365. Every week I spend time with clients discussing or investigating phishing emails and helping them put systems in place to help defend against these types of attacks. Team training and excellent email AV and filtering are some of the best ways to defend yourself.

However I am often asked how a phishing email functions – here is a good example explained on SANS Internet Storm by Jan Kopriva:

Phishing page with trivial anti-analysis features – SANS Internet Storm Center

Now this may not be a terribly sophisticated attack, however what it does illustrate is the with a small amount of knowledge and some help from the Internet and Dark Web even the less technically able hacker can get into your systems.

Do you want to know more?

Clive Catton MSc (Cyber Security) – by-line and other articles

Cyber Security Awareness Training

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.