2020-05-05 - 4 EXAMPLES OF PHISHING EMAILS WITH FAKE LOGIN PAGES
NOTICE:
- The zip archives on this page have been updated, and they now use the new password scheme. For the new password, see the "about" page of this website.
ASSOCIATED FILES:
- 2020-05-05-phishing-emails-4-examples.zip 8.5 kB (8,542 bytes)
- 2020-05-05-phishing-email-example-01.eml (3,383 bytes)
- 2020-05-05-phishing-email-example-02.eml (2,274 bytes)
- 2020-05-05-phishing-email-example-03.eml (5,125 bytes)
- 2020-05-05-phishing-email-example-04.eml (33,670 bytes)
- 2020-05-05-fake-login-page-traffic-4-pcaps.zip 646.6 kB (646,597 bytes)
- 2020-05-05-fake-login-page-traffic-example-01.pcap (36,332 bytes)
- 2020-05-05-fake-login-page-traffic-example-02.pcap (120,224 bytes)
- 2020-05-05-fake-login-page-traffic-example-03.pcap (541,662 bytes)
- 2020-05-05-fake-login-page-traffic-example-04.pcap (81,148 bytes)
NOTES:
- To sanitize these emails, I changed the original recipeints to my email address brad@malware-traffic-analysis.net.
- Links from the phishing emails were all HTTPS, but I used HTTP when checking the fake login pages for the pcaps.
IMAGES
Shown above: Screen shot from 1st email example.
Shown above: Fake login page using link from 1st email example (used link as HTTP instead of HTTPS).
Shown above: Screen shot from 2nd email example.
Shown above: Fake login page using link from 2nd email example (used link as HTTP instead of HTTPS).
Shown above: Screen shot from 3rd email example.
Shown above: Fake login page using link from 3rd email example (used link as HTTP instead of HTTPS).
Shown above: Screen shot from 4th email example.
Shown above: Fake login page using link from 4th email example (used link as HTTP instead of HTTPS).
Click here to return to the main page.