PhishingTest

Paused

App Files Files Community

PhishingTest / knowledge_base /knowledge_base.txt

dungeon29

Rename knowledge_base.txt to knowledge_base/knowledge_base.txt

23e4119 verified 18 days ago

raw

history blame

1.62 kB

	# Phishing Knowledge Base

	## Common Phishing Indicators
	1. Urgency and Threats: Phishing emails often use urgent language (e.g., "Account Suspended", "Immediate Action Required") to panic users into clicking without thinking.
	2. Mismatched URLs: The visible link text (e.g., "paypal.com") does not match the actual destination URL (e.g., "paypal-secure-login.com").
	3. Generic Greetings: Legitimate organizations usually use your name. Phishing emails often use "Dear Customer" or "Dear User".
	4. Request for Personal Information: Legitimate companies rarely ask for sensitive info (passwords, SSN) via email.
	5. Suspicious Domains: Look for misspellings (e.g., "goog1e.com", "paypaI.com") or unusual TLDs.

	## URL Analysis Techniques
	- Typosquatting: Attackers register domains that look similar to popular domains (e.g., "faceboook.com").
	- Subdomain Abuse: Using long subdomains to hide the actual domain (e.g., "paypal.com.security-check.com" - the real domain is "security-check.com").
	- URL Shorteners: Using bit.ly or tinyurl to hide the destination.

	## Social Engineering Tactics
	- Authority: Impersonating CEOs, IT support, or government agencies.
	- Scarcity: "Only 24 hours left to claim your prize".
	- Curiosity: "Look at these photos of you".

	## Example Cases
	- PayPal Phishing: Emails claiming unauthorized transactions, asking to click a link to "dispute" the charge.
	- Google Docs Phishing: Fake login pages that look like Google Drive login screens.
	- Bank Fraud: SMS messages (Smishing) claiming a bank account is locked.

	# Phishing Knowledge Base

	## Common Phishing Indicators
	1. Urgency and Threats: Phishing emails often use urgent language (e.g., "Account Suspended", "Immediate Action Required") to panic users into clicking without thinking.
	2. Mismatched URLs: The visible link text (e.g., "paypal.com") does not match the actual destination URL (e.g., "paypal-secure-login.com").
	3. Generic Greetings: Legitimate organizations usually use your name. Phishing emails often use "Dear Customer" or "Dear User".
	4. Request for Personal Information: Legitimate companies rarely ask for sensitive info (passwords, SSN) via email.
	5. Suspicious Domains: Look for misspellings (e.g., "goog1e.com", "paypaI.com") or unusual TLDs.

	## URL Analysis Techniques
	- Typosquatting: Attackers register domains that look similar to popular domains (e.g., "faceboook.com").
	- Subdomain Abuse: Using long subdomains to hide the actual domain (e.g., "paypal.com.security-check.com" - the real domain is "security-check.com").
	- URL Shorteners: Using bit.ly or tinyurl to hide the destination.

	## Social Engineering Tactics
	- Authority: Impersonating CEOs, IT support, or government agencies.
	- Scarcity: "Only 24 hours left to claim your prize".
	- Curiosity: "Look at these photos of you".

	## Example Cases
	- PayPal Phishing: Emails claiming unauthorized transactions, asking to click a link to "dispute" the charge.
	- Google Docs Phishing: Fake login pages that look like Google Drive login screens.
	- Bank Fraud: SMS messages (Smishing) claiming a bank account is locked.