In this article, we will see how we can use Emkei’s Fake Mailer in order to perform a phishing (whaling) attack.
The main point here is to actually use social engineering method known as – whaling. The term ‘whaling’ refers to spear phishing attacks directed specifically at senior executives and other high-profile targets. In these cases, the content will be crafted to target an upper manager and the person’s role in the company. The content of a whaling attack email may be an executive issue such as a customer complaint or even a reward – or discount on certain products – like in our case.
For better illustration, I will use Emkei to send an email from ‘sales@XYZcompany’ to my temporary email address. Have in mind that I do not have access to ‘sales@XYZcompany’ and this is a fake email address; but the email content will look like it has been sent from the sales department of XYZ company.
In the email, a hacker – who represents himself as a salesperson from XYZ company – is asking me (the victim) to open the link that will send me directly to website where I need to fill out the form and get 50% discount on latest product; and this is how the social engineering attack is performed in order to get personal information from certain target.
This is how the e-mail should look like in the target inbox:
Also, keep in mind that hackers can use attachments to deliver a malicious software to the victims’ e-mail inbox.
Strictly Necessary Cookies
Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.
3rd Party Cookies
This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookies enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!