Phishing is a type of social engineering attack where an attacker sends a fraudulent message pretending to be from a trusted entity. Phishing is ussually done via email, Smishing is a phishing attack carried out via the Short Message Service (SMS). Phishin can lead to the deplyment of malicious software on the victim's machine, or trick users into revealing sensitive informatiom
Disclaimer
- This playbook is intended for educational purposes and may not necessarily represent the state-of-the-art, as such it might be updated from time to time. The goal is to introduce students/beginners to incident response. Feel free to contribute content relevent to the topic
- It is adviced that investigations be carried out in an isolated enviroment such as a VM to avoid accidentally infecting your machine
Table of Contents
Additional Information
- Cyber CSI: Learn How to Forensically Examine Phishing Emails to Better Protect Your Organization
- Incident Response Playbooks – Indispensable in Future Crisis situations
- incident-response-plan-template
- KnowBe4 blog
- KnowBe4 resources
- Malware Forensics: Investigating and Analyzing Malicious Code
TODO: model around Investigate, Remediate (contain, eradicate), and Communicate
TODO: add an enviroment setup to be able to perform anaylsis in a contained enviroment