Windows Analysis Report
Message_2712729.eml

{
    "explanation": [
        "The email urges the recipient to download and review an attachment, which is a common tactic used in phishing to deliver malware or steal information.",
        "The sender's email address 'kori@bydob.com' does not match the domain 'highspirited.com.sg' mentioned in the email, indicating a potential spoofing attempt.",
        "The email content is repetitive and lacks professionalism, which is often a sign of phishing attempts."
    ],
    "phishing": true,
    "confidence": 9,
    "generated_by_ai": false
}

{
    "date": "Wed, 11 Dec 2024 08:31:03 -0800", 
    "subject": "Staff Employment Termination lists and new administrative position 2024", 
    "communications": [
        " Dear referee, Good Day,Find below names of staff whose employment have been terminated with immediate effect. Please find attached/download and review list of Staff Employment Termination lists and new administrative position and transfers/domain-information-deleted/company/employees.PDFKindly note that henceforth they should not be copied in all email correspondences. Find where your name falls and comply accordingly. Thanks and regards, highspirited.com.sg Human ResourcesHR Manager Dear referee, Good Day,Find below names of staff whose employment have been terminated with immediate effect. Please find attached/download and review list of Staff Employment Termination lists and new administrative position and transfers/domain-information-deleted/company/employees.PDFKindly note that henceforth they should not be copied in all email correspondences. Find where your name falls and comply accordingly. Thanks and regards, highspirited.com.sg Human ResourcesHR Manager Dear referee, Good Day,Find below names of staff whose employment have been terminated with immediate effect. Please find attached/download and review list of Staff Employment Termination lists and new administrative position and transfers/domain-information-deleted/company/employees.PDFKindly note that henceforth they should not be copied in all email correspondences. Find where your name falls and comply accordingly. attached/download Thanks and regards, highspirited.com.sg Human ResourcesHR Manager "
    ], 
    "from": "domain-information-deleted <kori@bydob.com>", 
    "to": "info@domain-information-deleted", 
    "attachements": [
        "ScannedDocument120824PDF.html"
    ]
}

{
    "contains_trigger_text": true,
    "trigger_text": "attached/download",
    "prominent_button_name": "unknown",
    "text_input_field_labels": "unknown",
    "pdf_icon_visible": false,
    "has_visible_captcha": false,
    "has_urgent_text": true,
    "has_visible_qrcode": false,
    "contains_chinese_text": false
}

{
  "brands": "unknown"
}

{"classification":"unknown"}

Email:
Detected potential phishing email: The email urges the recipient to download and review an attachment, which is a common tactic used in phishing to deliver malware or steal information.. The sender's email address 'kori@bydob.com' does not match the domain 'highspirited.com.sg' mentioned in the email, indicating a potential spoofing attempt.. The email content is repetitive and lacks professionalism, which is often a sign of phishing attempts.

{
    "contains_trigger_text": true,
    "trigger_text": "View Document Online",
    "prominent_button_name": "View Document Online",
    "text_input_field_labels": ["Email Address", "Password"],
    "pdf_icon_visible": false,
    "has_visible_captcha": false,
    "has_urgent_text": false,
    "has_visible_qrcode": false,
    "contains_chinese_text": false
}

{
    "contains_trigger_text": true,
    "trigger_text": "View Document Online",
    "prominent_button_name": "View Document Online",
    "text_input_field_labels": ["Email Address", "Password"],
    "pdf_icon_visible": false,
    "has_visible_captcha": false,
    "has_urgent_text": false,
    "has_visible_qrcode": false,
    "contains_chinese_text": false
}

{
  "brands": [
    "cPanel"
  ]
}

{
  "brands": [
    "cPanel"
  ]
}

{
    "contains_trigger_text": true,
    "trigger_text": "View Document Online",
    "prominent_button_name": "View Document Online",
    "text_input_field_labels": ["Email Address", "Password"],
    "pdf_icon_visible": false,
    "has_visible_captcha": false,
    "has_urgent_text": false,
    "has_visible_qrcode": false,
    "contains_chinese_text": false
}

{
    "contains_trigger_text": true,
    "trigger_text": "View Document Online",
    "prominent_button_name": "View Document Online",
    "text_input_field_labels": ["Email Address", "Password"],
    "pdf_icon_visible": false,
    "has_visible_captcha": false,
    "has_urgent_text": false,
    "has_visible_qrcode": false,
    "contains_chinese_text": false
}

{
  "brands": [
    "cPanel"
  ]
}

{
  "brands": [
    "cPanel"
  ]
}