Day 12 Phishing

• I have a detailed article about phishing in my SOC Log: phishing
• Also check out day 2 to see how easy it is to craft a phishing email!

Here it also discuss the difference between Spam and Phishing:

Spam:

• Promotion: Advertising products, services, or events. Often unsolicited or low-quality.
• Scams: Spreading fake offers or “get rich quick” schemes to attract clicks.
• Traffic generation (clickbait): Driving users to external sites or boosting ad metrics.
• Data harvesting: Collecting active email addresses for future campaigns.

Phishing Email often use social engineering

Is it the art of manipulating people rather than breaking technology. Attackers craft believable stories, emails, calls, or chat messages that exploit emotions (fear, helpfulness, curiosity, urgency) and real-world context to lure the recipients of a message.

• Impersonation: Is a type of Social Engineering. The attacker is pretending to be McSkidy!
• Sense of urgency: We can observe words such as “urgent” and “immediately” to pressure the recipient.
• Side channel: The attacker tries to discourage the recipients from reaching McSkidy using his standard communication channels (phone and email address).
• Malicious intention: The attacker is trying to trick the user into giving VPN credentials. They can also try to ask for approval of payments, opening malware, or sharing sensitive data.

Here is a good exmaple from Day 12 AoC from TryHackMe

last modified: 2025-12-13 00:02