Phishing Analysis 2

What is the sending email address? (1 points)

Why does it look strange .-.

Do you realize?

amazon@zyevantoby.cn

What is the recipient email address? (1 points)

saintington73@outlook.com

What is the subject line of the email? (1 points)

oh @~@

Your Account has been locked

What company is the attacker trying to imitate? (1 points)

Here it is!!! Did you notice? lol

amazon

What is the date and time the email was sent? (As copied from a text editor) (1 points)

Wed, 14 Jul 2021 01:40:32 +0900

What is the URL of the main call-to-action button? (1 points)

It’s easy but you don’t have to copy it

https://emea01.safelinks.protection.outlook.com/?url=https%3A%2F%2Famaozn.zzyuchengzhika.cn%2F%3Fmailtoken%3Dsaintington73%40outlook.com&data=04%7C01%7C%7C70072381ba6e49d1d12d08d94632811e%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637618004988892053%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=oPvTW08ASiViZTLfMECsvwDvguT6ODYKPQZNK3203m0%3D&reserved=0

Look at the URL using URL2PNG. What is the first sentence (heading) displayed on this site? (regardless of whether you think the site is malicious or not) (1 points)

Now let’s go to URL2PNG to check

This web page could not be loaded

When looking at the main body content in a text editor, what encoding scheme is being used? (1 points)

So easy ~.~

What is the URL used to retrieve the company’s logo in the email? (1 points)

https://images.squarespace-cdn.com/content/52e2b6d3e4b06446e8bf13ed/1500584238342-OX2L298XVSKF8AO6I3SV/amazon-logo?format=750w&content-type=image%2Fpng

For some unknown reason one of the URLs contains a Facebook profile URL. What is the username (not necessarily the display name) of this account, based on the URL? (1 points)

Have you ever wondered what the code below is encoding? Go to CyberChef to check it out.

After reading for a while, here it is

amir.boyka.7

goodbye, thank you for reading until now //~//