Email Security
How email works, why it can be faked, and how to investigate suspicious messages
How Email Works
Why anyone can send an email pretending to be anyone else, and what hidden information every email contains
Email Authentication
SPF, DKIM, and DMARC: what these security checks do, what "pass" and "fail" mean, and why attackers still get through
Email Investigation
How to view email headers, what to look for, and how to preserve emails as evidence
Investigation Walkthrough: Targeted Phishing Campaign
Investigating a lookalike-domain phishing attack against a hospital network, from detection through incident response