Скачать или смотреть Email Forensics: How to Trace IP from Emails & Track Location (Investigating Deeper Network Scam)

Email Forensics: How to Trace IP from Emails & Track Location (Investigating Deeper Network Scam)

Скачать Email Forensics: How to Trace IP from Emails & Track Location (Investigating Deeper Network Scam) бесплатно в качестве 4к (2к / 1080p)

У нас вы можете скачать бесплатно Email Forensics: How to Trace IP from Emails & Track Location (Investigating Deeper Network Scam) или посмотреть видео с ютуба в максимальном доступном качестве.

Для скачивания выберите вариант из формы ниже:

Информация по загрузке:

Cкачать музыку Email Forensics: How to Trace IP from Emails & Track Location (Investigating Deeper Network Scam) бесплатно в формате MP3:

Если иконки загрузки не отобразились, ПОЖАЛУЙСТА, НАЖМИТЕ ЗДЕСЬ или обновите страницу
Если у вас возникли трудности с загрузкой, пожалуйста, свяжитесь с нами по контактам, указанным в нижней части страницы.
Спасибо за использование сервиса video2dn.com

Описание к видео Email Forensics: How to Trace IP from Emails & Track Location (Investigating Deeper Network Scam)

🚨 Phishing Case Study: Real Email Investigation 2025 🚨

In this video, I perform a step-by-step forensic analysis of a phishing campaign that combined:

1. A Deeper Network scam email pretending to offer withdrawal rewards
2. A Brazilian NF-e XML electronic invoice attachment (Nota Fiscal Eletrônica)
3. Delivery via Bling ERP mail servers (bling.com.br), which passed SPF, DKIM, and DMARC

I’ll show how attackers abused legitimate infrastructure to bypass spam filters, and how I validated the message using professional tools.

🔍 Investigation Workflow

1. Extracting the EML

The suspicious email was exported as an .eml file.
I analyzed it safely offline using SysTools EML Viewer, preventing accidental clicks.

2. Header Analysis

Loaded the raw headers into Gaijin Email Header Analyzer and MXToolbox Header Analyzer.

Identified mismatches:
• Return-Path: [email protected]
• From: Deeper Network Support ([email protected])
• Reply-To: [email protected]
• Confirmed the abuse of Bling’s ERP infra (Amazon AWS IP 52.20.105.213).

3. Email Verification

• Used Hunter.io Email Verifier and ZeroBounce to check legitimacy of sender domains.
• Results showed inconsistencies with the reply-to address, confirming spoofing/social engineering.

4. Attachment Analysis (NF-e XML)

• Parsed the XML invoice fields (issuer, recipient, totals, tax info).
• While structurally valid, its presence was purely a lure to appear trustworthy.

⚠️ Key Findings

• The email passed SPF, DKIM, and DMARC because it originated from a legitimate ERP platform (bling.com.br).
• Attackers used multi-domain spoofing (Used different Return-Path and Reply-To).
• The withdrawal reward lure was a front for phishing/credential theft.
• The XML invoice attachment served as a social engineering reinforcement, not a payload.

🗂 Tools Mentioned

SysTools EML Viewer: https://www.systoolsgroup.com/eml-vie...
Gaijin Email Header Analyzer: https://www.gaijin.at/en/tools/e-mail...
MXToolbox Header Analyzer: https://mxtoolbox.com/EmailHeaders.aspx
Hunter.io Email Verifier: https://mxtoolbox.com/EmailHeaders.aspx
ZeroBounce Email Validation: https://www.zerobounce.net/

Комментарии

Информация по комментариям в разработке