Email Header Analysis and Forensic Investigation

Do you know how to properly read and analyze an email message header? In this episode, we’ll take a look at two examples – one legitimate, and one not-so-legitimate. We’ll learn which header fields are most commonly referenced for analysis, how to determine a message’s true origin, how to read SPF and DKIM information, and we’ll even take a quick look at DMARC. Whether you’re completely new to this concept or a seasoned veteran, this episode has something for you. 🙏Special thanks to Arman Gungor (@armangungor) for lending his expertise in making this episode. *** If you enjoy this video, please consider supporting 13Cubed on Patreon at patreon.com/13cubed. *** Leveraging DKIM in Email Forensics: https://www.metaspike.com/leveraging-dkim-email-forensics/ What is DMARC?: https://dmarc.org/ Email Header Plugin for Sublime Text 3: https://packagecontrol.io/packages/Email%20Header Background Music Courtesy of Anders Enger Jensen: https://www.youtube.com/user/HariboOSX #Forensics #DigitalForensics #DFIR #ComputerForensics #WindowsForensics #EmailForensics