A tool that will help with automated phishing analysis is PhishTool, and there is a free community edition you can download and use.

PhishTool grabs all the useful information we’ll need regarding the email.

  • Email sender

  • Email recipient (in this case, a long list of CCed email addresses)

  • Timestamp

  • Originating IP and Reverse DNS lookup

We can obtain information about the SMTP relays, specific X-header information, and IP info information.