Identify Social Engineering
You are the security analyst for a small corporate network. Your manager has received several concerning emails. He has asked you to view his email and determine whether these messages are hazardous or safe.
In this lab, your task is to:
- Read each email and determine whether the email is legitimate.
- Delete any emails that are attempts at social engineering.
- Keep all emails that are safe.
Hold your mouse over the embedded links to see the actual URL in the status bar at the bottom of the screen.
EXPLANATION
In this lab, delete each malicious email.
| Diagnosis | Action | Description | |
| Microsoft Windows Update Center New Service Pack | Phishing | Delete | Notice the various spelling errors and that the link does not direct you to a Microsoft website. |
| Jim Haws Re: Lunch Today? | Malicious Attachment | Delete | This email appears to be from a colleague. However, why would he fail to respond to your lunch question and send you a random attachment in return? |
| Executive Recruiting Executive Jobs | Whaling | Delete | Whaling uses tailored information to attack executives. Clicking the link could install malware that would capture sensitive company information. |
| Human Resources Ethics Video | Safe | Keep | While this email has an embedded link, it is digitally signed, so you know it actually comes from your Human Resources department. In addition, if you hover over the link, you see that it is a secure link to the corporate web server. |
| Riverdale Estates HOA Payment Pending | Phishing | Delete | This is a carefully crafted attempt to get your bank account information. Hover over the link and notice that it does not direct you to your credit union website, but to an unknown IP address instead. |
| Grandma White FW: FW: FW: Virus Attack Warning | Hoax | Delete | Any email that asks you to forward it to everyone you know is probably a hoax. |
| Daisy Knudsen Web Site Update | Spear Phishing | Delete | While this email appears to come from a colleague, notice that the link points to an executable file from a Russian domain name. This probably is not a message a real colleague would send. This file will likely infect the computer with malware. |
| Rachelle Hancock Wow!! | Malicious Attachment | Delete | Emails with attachments from random people who address you as "Dear Friend" are probably not safe. |
| Grandma White Free Airline Tickets | Hoax | Delete | Any email that asks you to forward it to everyone you know is probably a hoax, even if the contents promise you a prize. In addition, there is no way to know how many people the email has been forwarded to. |
| Human Resources IMPORTANT NOTICE-Action Required | Safe | Keep | While this email appears very urgent, it doesn't ask you to click on anything or run any attachments. It does inform you that you need to go a website that you should already know and make sure your courses are complete. |
| Activities Committee Pumpkin Contest | Safe | Keep | This email doesn't ask you to click on anything or run any attachments. |
| Bob Averez Presentation | Safe | Keep | This email doesn't ask you to click on anything or run any attachments. |
Comments
Post a Comment