Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Video: Analyzing a Simple HTML Phishing Attachment - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Video: Analyzing a Simple HTML Phishing Attachment

Reader Carlos submitted an email with an attachment. It's a phishing email, the attachment is an HTML file, although the criminals try to make the recipient believe that it is a PDF file.

In this video, I show how you can use my tool oledump.py to extract the attachment from the email (.msg file) for further analysis, without requiring Outlook (or Windows). I give a couple of simple tips to find the phishing URL(s) quickly.


Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com DidierStevensLabs.com

DidierStevens

372 Posts
ISC Handler
Thank you Didier
Carlos Almeida
Anonymous

Sign Up for Free or Log In to start participating in the conversation!