We have provided two versions of the model answer for this task:

(1) A version using the task template; and

(2) An annotated version

Email 1:

Is this email Safe or

My Analysis
Malicious?
Safe  It’s clearly not spam as the reply indicates a
previous relationship and that the email was
expected and welcome. The date and time
could indicate that the conversation was
anticipated, as there is next to no delay in a
reply.
 This email is non malicious. It’s a typical
conversation between friends and contains
no potentially dangerous artefacts.

Email 2:

Is this email Safe or

My Analysis
Malicious?
Malicious  The email claims to be from one drive but the
email sender is from a Russian domain which is
well known for malicious emails.
 The email tries to get the user to download a
file, without providing information about the
file’s content, or the sender.
 The email’s format is unprofessional and
contains poor grammar & spelling. Y
 ou would not expect an email from an official
Microsoft service to be formatted and
presented like this.
Email 3:

Is this email Safe or

My Analysis
Malicious?
Malicious  The email is presented as a question from a friend
who cannot access Facebook, and asks the
recipient to follow a link to see if Facebook is
working for them. But the link provided is actually
a phishing link make to look like [Link] at
first glance.
 The senders account could be compromised,
so a malicious email like this could still come
from a trusted friends account.

Email 4:

Is this email Safe or

My Analysis
Malicious?
Safe  This email is an example of generic marketing, it
could be regarded as Spam (unwanted or
unrequested marketing content). It’s been
forwarded twice, but the original sender is a mass
mail service.
 If googled, the site can be seen as a sales
site that contains no malicious content.
 The email contains no links or requests for
information, just pure advertising.
Email 5:

Is this email Safe or

My Analysis
Malicious?
Malicious  The email is requesting the recipient’s
credentials for unusual reasons. They’ve
tried to make the issue seem urgent, which
is a well-known persuasive technique often
used for phishing.
 The email lacks professionalism which gives
more reason to believe it’s a fake.
 Legitimate users/services would not ask for
account details. This is almost always a sign
of malicious activity.

Email 6:

Is this email Safe or

My Analysis
Malicious?
Safe  This email is non malicious. It is a typical
workplace email. There are no files, links or
suspicious requests within the emails, and for the
most part internal work emails can be trusted to
be safe.
  The senders email address matches the
name on the signature, and appears to be
well formatted and professional.

Email 7:

Is this email Safe or

My Analysis
Malicious?
Malicious  The email claims to be from Geico Insurance
but the sender doesn’t have an official Geico
email address, and the URL provided is not
linked to Geico in any way.
 The email sender claims to be someone
called "Mike Ferris", but the display name of
the sender is [Link].
 Legitimate companies would use HTTPS for
any financial transactions. The link provided
is just http, which is another indicator that
this is a fake. HTTPS is secured and
encrypted where as HTTP is not.