How to Perform a Phishing (whaling) attack via Emkei’s Fake Mailer

  • Posted by Husein
  • Date February 28, 2020
In this article, we will see how we can use Emkei’s Fake Mailer in order to perform a phishing (whaling) attack.
The main point here is to actually use social engineering method known as – whaling. The term ‘whaling’ refers to spear phishing attacks directed specifically at senior executives and other high-profile targets. In these cases, the content will be crafted to target an upper manager and the person’s role in the company. The content of a whaling attack email may be an executive issue such as a customer complaint or even a reward – or discount on certain products – like in our case.
For better illustration, I will use Emkei to send an email from ‘sales@XYZcompany’ to my temporary email address. Have in mind that I do not have access to ‘sales@XYZcompany’ and this is a fake email address; but the email content will look like it has been sent from the sales department of XYZ company.
In the email, a hacker – who represents himself as a salesperson from XYZ company – is asking me (the victim) to open the link that will send me directly to website where I need to fill out the form and get 50% discount on latest product; and this is how the social engineering attack is performed in order to get personal information from certain target.

This is how the e-mail should look like in the target inbox:

and

Also, keep in mind that hackers can use attachments to deliver a malicious software to the victims’ e-mail inbox.
Tools that have been used in the article:
https://emkei.cz/ – Emkei’s Fake Mailer

https://temp-mail.org/ – for temporary e-mail address;

author avatar
Husein

an ethical hacker and bug bounty hunter who enjoys listening original soundtracks.

You may also like

Find Your Leaked Passwords of an Email for FREE
Find Your Leaked Passwords of an Email for FREE
5 August, 2025
Find Anyone Online Easily - Face Search
Find Anyone Online Easily – Face Search
22 July, 2025
Discover Malicious Websites in Seconds!
Discover Malicious Websites in Seconds!
16 July, 2025

    3 Comments

  1. Anwar
    March 24, 2020

    Hi Husein,

    Thanks for your article. The emails sent from this and using Emkei’s fake mail will automatically be filtered as Spam. Any ideas how to game that?

    Best,
    Anwar

  2. emma
    May 7, 2020

    same issue email marked as spam any solution

  3. Jyotisko Sengupta
    September 13, 2020

    Emkei’s smart mailer will mark the mail as spam. Use any other website.

Leave A Reply

Privacy Overview
ZSecurity logo featuring a stylized red letter Z

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

3rd Party Cookies

This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping these cookies enabled helps us to improve our website.

Powered by  GDPR Cookie Compliance