<![CDATA[Abstract - The Directorate of Innovation and Business Incubator (DIIB) at Bina Darma University often receives emails from external sources, increasing the risk of phishing, spoofing, and malware threats. This study applies the Digital Forensic Research Workshop (DFRWS) framework comprising Identification, Preservation, Collection, Examination, Analysis, and Presentation to analyze suspicious emails using forensic tools such as MXToolbox, Whois Lookup, Talos Intelligence, Sucuri SiteCheck, and VirusTotal. Ten suspicious emails were examined. Most failed one or more authentication checks (SPF, DKIM, DMARC), indicating weak verification and potential spoofing. Domain and IP analyses showed public domains like Gmail and Yahoo were most exploited, while official domains such as Upj.ac.id and Maranatha.ac.id had moderate risk. Sucuri classified most domains as medium to high risk, and VirusTotal found no active malware. The study concludes that phishing and spoofing pose greater threats than direct malware, highlighting the importance of forensic email analysis to enhance cybersecurity awareness at DIIB. Keywords – DIIB, Email, DFRWS, Malware, Tools]]>
Copyrights © 2025
