OP 18 April, 2023 - 09:09 PM
Ideology
First a phishing mail has to be convincing and interact with human emotions to do the irrational and quick decisions.
Quick and irrational decisions mostly leads to human error and to overlook apparent attack flaw. For example the link of phishing site
should not be noticed as its usually some sketchy domain.
Domain
Well, I would advice domain to look as the legit domain you are trying to clone to. Lets say amazon.com, how many people
would slip up on the name armzon.com. Well that's only a small detail, but might it only what it would need for a split of a second. As I've mentioned above, irrational decisions, makes us ignore the less important details.
SSL
SSL probably more important then the above one, as modern browsers do show weather the site has SSL or not (https://) it shows a lock in every page and in every browser. And hence every modern site has SSL turned on, theres no way the precious victim would go any further. To avoid that at cost efficiently, there's a free way how to certificate your domain if needed. Simply google the certbot.
![[Image: YUtV3aZ.png]](https://i.imgur.com/YUtV3aZ.png)
an example image of input without SSL turned on.
Delivery
Well, have you wondered what SMTPs shops does, there are so many, not advertising, but giving a hint (here in the marketplace plenty..)
Don't just buy one ???? as you will only will be able to send approximately 150~ every hour. And before you do, have a go trying if it sends, many shops
have integrated functionality to test them out before the purchase. Well, finally you have you dreamy SMTP, whats now!?
Login obviously! ???? It might be not working.. After all
So, once logged in, choose Roundcube (integrated client).
Head to compose >> Edit Entities >>
Display name: Amazon.co.uk (or whatever you are planning to impersonate) >>
Email: (the actually senders email) >> Save..
Once you in 'compose' window (again), in the From drop down menu, chose your Amazon.co.uk selection.
Subject, also please choose something very similar what would Amazon email would look alike.
e.g. 'Your Armzon.co.uk order #782-8327736-8729618 of 1 item'
Well and the email content is obvious, but if you still need an inspiration - do not hesitate to contact.
??Though: the steps might be different in other Roundcube versions, but you get the drill.
A short video of all these steps.
https://drive.google...?usp=share_link
Final Words
There's much more to discuss, but that's for another's guides to come. For example the sender could be spoofed so it would look like from legitimate sender (it can't be spotted), also there's redpages which you need to take into consideration for successful attack.
I'm sharing the method stolen from other place, but there's many other ways to phish.
First a phishing mail has to be convincing and interact with human emotions to do the irrational and quick decisions.
Quick and irrational decisions mostly leads to human error and to overlook apparent attack flaw. For example the link of phishing site
should not be noticed as its usually some sketchy domain.
Domain
Well, I would advice domain to look as the legit domain you are trying to clone to. Lets say amazon.com, how many people
would slip up on the name armzon.com. Well that's only a small detail, but might it only what it would need for a split of a second. As I've mentioned above, irrational decisions, makes us ignore the less important details.
SSL
SSL probably more important then the above one, as modern browsers do show weather the site has SSL or not (https://) it shows a lock in every page and in every browser. And hence every modern site has SSL turned on, theres no way the precious victim would go any further. To avoid that at cost efficiently, there's a free way how to certificate your domain if needed. Simply google the certbot.
an example image of input without SSL turned on.
Delivery
Well, have you wondered what SMTPs shops does, there are so many, not advertising, but giving a hint (here in the marketplace plenty..)
Don't just buy one ???? as you will only will be able to send approximately 150~ every hour. And before you do, have a go trying if it sends, many shops
have integrated functionality to test them out before the purchase. Well, finally you have you dreamy SMTP, whats now!?
Login obviously! ???? It might be not working.. After all
So, once logged in, choose Roundcube (integrated client).
Head to compose >> Edit Entities >>
Display name: Amazon.co.uk (or whatever you are planning to impersonate) >>
Email: (the actually senders email) >> Save..
Once you in 'compose' window (again), in the From drop down menu, chose your Amazon.co.uk selection.
Subject, also please choose something very similar what would Amazon email would look alike.
e.g. 'Your Armzon.co.uk order #782-8327736-8729618 of 1 item'
Well and the email content is obvious, but if you still need an inspiration - do not hesitate to contact.
??Though: the steps might be different in other Roundcube versions, but you get the drill.
A short video of all these steps.
https://drive.google...?usp=share_link
Final Words
There's much more to discuss, but that's for another's guides to come. For example the sender could be spoofed so it would look like from legitimate sender (it can't be spotted), also there's redpages which you need to take into consideration for successful attack.
I'm sharing the method stolen from other place, but there's many other ways to phish.
