To analyze real-world phishing emails, identify structural security flaws, and verify email authentication records.
- Gmail Web Client: For extracting raw email text and routing metadata via 'Show Original'.
- MXToolbox: For analyzing email headers, tracking delivery hops, and checking security rules.
- Documentation & Storage: Utilizing MS Word and GitHub to build the evidence repository.
Each suspicious email sample was audited against key phishing indicators:
- Sender Domain Mismatch: Display names mimicking trusted brands while hiding unrelated sender domains.
- Psychological Triggers: Using artificial urgency and major financial baits to trick targets.
- Hidden Hyperlinks: Obfuscating tracking or redirect links behind legitimate-looking buttons.
- Generic Targeting: Addressing victims by generic placeholders or email handles instead of actual names.
- Domain Policy Exploitation: Leveraging weak or un-enforced security policies to bypass default inbox filters.
All analyzed email campaigns were scored 10/10 (High Risk) due to clear fraud indicators. Tracking revealed shared backend server footprints and identical distribution logic, confirming a coordinated threat campaign.
This analysis demonstrates hands-on proficiency in capturing live threat metrics, parsing technical email headers, and building actionable user-awareness guidelines to protect enterprise systems.
Adithyan. V | Cybersecurity Analyst & Researcher