- 4Case Overview
Case ID: 1000
Analyst: Gabriel Sanchez
Date & Time: May 26th, 2025 at 16:20:22
Severity Level: Low
- Who
Affected Client: TryHatMe
Involved Entities: email reviewed from biibe@hatventuresworldwide.onlinr send to miguel.odennell@tryhackme.com on March 26,2025 16:37:36
- What
Incident Type: Email Phishing attempt
Description:
email reviewed from hatvebturesworldwide.com send to miguel.odennell@tryhackme.com on March 26,2025 16:20:28, offering the receivers a free vacation. - When
Date & Time of Initial Alert: Initial alter March 26,2025 16:20:28
Date & Time of Investigation Start: March 26,2025 16:22
Date & Time of Resolution: March 26,2025, 16:40
- Where
Affected Systems: miguel.odonnell@tryhatme.com
Relevant Logs & Data Sources Used:
Email logs
Correlation with Other Events: Yes Case ID 1010
- Why
Root Cause Analysis:
Due to an un optimized fine-tuning for email detentions this email was not flagged and was able to be received by miguel.odonnell@tryhatme.com, through the use for unusual top level domain.
- Investigation Steps
Initial Alert Review
Opened SOC dashboard and reviewed details
8.Mitigation
Proposed to add domain to block list.