• Home
  • Hacking & Security
    • Network Hacking
    • Web Hacking
    • Social Engineering
    • Kali Linux
    Submit An Article
  • Courses
    • All Courses
    • Bundles
    • Masterclass
    • VIP Membership
    • FAQ

    Popular Courses

  • Shop
    • Hardware Bundles
    • Wireless Adapters
    • Pentesting Tools
    • Security
    • Accessories
    • Clothing
    • Books
    • All
  • Competition
  • Services
    Penetration Testing
    Consulting
    Code Review
    One on one Training
    Online Courses
    VPN
  • Blog
      • Cart

    VIP Membership Masterclass
    Got a question?
    [email protected]
    RegisterLogin
    zSecurity
    • Home
    • Hacking & Security
      • Network Hacking
      • Web Hacking
      • Social Engineering
      • Kali Linux
      Submit An Article
    • Courses
      • All Courses
      • Bundles
      • Masterclass
      • VIP Membership
      • FAQ

      Popular Courses

    • Shop
      • Hardware Bundles
      • Wireless Adapters
      • Pentesting Tools
      • Security
      • Accessories
      • Clothing
      • Books
      • All
    • Competition
    • Services
      Penetration Testing
      Consulting
      Code Review
      One on one Training
      Online Courses
      VPN
    • Blog
        • Cart

      Hacking & Security

      How to Perform a Phishing (whaling) attack via Emkei’s Fake Mailer

      • Posted by Husein
      • Date February 28, 2020
      In this article, we will see how we can use Emkei’s Fake Mailer in order to perform a phishing (whaling) attack.
      The main point here is to actually use social engineering method known as – whaling. The term ‘whaling’ refers to spear phishing attacks directed specifically at senior executives and other high-profile targets. In these cases, the content will be crafted to target an upper manager and the person’s role in the company. The content of a whaling attack email may be an executive issue such as a customer complaint or even a reward – or discount on certain products – like in our case.
      For better illustration, I will use Emkei to send an email from ‘[email protected]’ to my temporary email address. Have in mind that I do not have access to ‘[email protected]’ and this is a fake email address; but the email content will look like it has been sent from the sales department of XYZ company.
      In the email, a hacker – who represents himself as a salesperson from XYZ company – is asking me (the victim) to open the link that will send me directly to website where I need to fill out the form and get 50% discount on latest product; and this is how the social engineering attack is performed in order to get personal information from certain target.

      This is how the e-mail should look like in the target inbox:

      and

      Also, keep in mind that hackers can use attachments to deliver a malicious software to the victims’ e-mail inbox.
      Tools that have been used in the article:
      https://emkei.cz/Β – Emkei’s Fake Mailer

      https://temp-mail.org/Β – for temporary e-mail address;

      • Share:
      author avatar
      Husein

      an ethical hacker and bug bounty hunter who enjoys listening original soundtracks.

      Previous post

      Creating Phishing Pages With Social Fish
      February 28, 2020

      Next post

      4 Ways to Make Legal Money Hacking!
      March 12, 2020

      You may also like

      domain-controllers_370x208
      Identifying Domain controller in a network
      24 March, 2023
      storm-braker_370x208
      Access Location, Camera & Mic of any Device πŸŒŽπŸŽ€πŸ“πŸ“·
      23 March, 2023
      Common-Authentication-Bypass-Techniques_370x208
      Common Authentication Bypass Techniques
      16 March, 2023

        3 Comments

      1. Anwar
        March 24, 2020
        Log in to Reply

        Hi Husein,

        Thanks for your article. The emails sent from this and using Emkei’s fake mail will automatically be filtered as Spam. Any ideas how to game that?

        Best,
        Anwar

      2. emma
        May 7, 2020
        Log in to Reply

        same issue email marked as spam any solution

      3. Jyotisko Sengupta
        September 13, 2020
        Log in to Reply

        Emkei’s smart mailer will mark the mail as spam. Use any other website.

      Leave A Reply Cancel reply

      You must be logged in to post a comment.

      Categories

      • Cryptography
      • Cryptography
      • CTF
      • Forensics
      • Hacking & Security
      • Hardware
      • IOT
      • Kali Linux
      • Network Hacking
      • News
      • OSINT
      • Post Exploitation
      • Post Exploitation
      • Privacy
      • Programming
      • Security
      • Social Engineering
      • Uncategorized
      • Web Hacking

      Popular Posts

      Got a Blank Screen After Importing Kali in Virtual Box ? Here’s How To Fix It
      25Jan2018

      Connect with us

      • Facebook
      • Twitter
      • LinkedIn
      • Instagram
      • Youtube

      β€œEverything related to ethical hacking

      & cyber security in one place.”

      Quick Links

      • Home
      • About Us
      • Hacking & Security
      • Download Custom Kali
      • Contact
      • FAQ

      Services

      • Penetration Testing
      • Consulting
      • Code Review
      • One on one training
      • VPN
      • VIP Membership

      Company

      • About Us
      • Contact
      • Vulnerability Disclosure

      Support

      • FAQ
      • Forums

      Copyright Β© 2022 Z IT SECURITY LTD t/a zSecurity. All rights reserved.

      • Privacy
      • Shipping
      • Refunds
      • Terms

      Contribute

      Share your knowledge with the world

      SUBMIT AN ARTICLE

      Login with your site account

      Lost your password?

      Not a member yet? Register now

      Register a new account


      Are you a member? Login now

      Enroll in this course to access this lesson!

      All of our courses include:

      βœ” Lifetime, unlimited access to course materials & training videos.

      βœ” Watch online or download lectures for offline use.

      βœ” Verifiable certificate of completion from zSecurity, signed by the course instructor, Zaid.

      βœ” Get answers from our Support Team within a maximum of 15 hours.

      βœ” Unlimited Updates.

      Get free 1 month VIP membership per course with:

      βœ” Live mentorship and Q&A session with the course instructor, Zaid.

      βœ” Instant support from community members through our private discord channel.

      βœ” Daily updates with the latest tutorials & news in the hacking world.

      βœ” Daily resources like CTFs, bug bounty programs, onion services and more!

      βœ” Access our VIP community & connect with like-minded people.

      βœ” Discounts on other zSecurity products and services.

      We are using cookies to give you the best experience on our website. This includes but is not limited to:

      • Storing your settings and preferences.
      • Remember your access information
      • Track website performance and make our website more relevant to you.

      You can find out more about which cookies we are using or switch them off in settings.

      Privacy Overview

      This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

      Strictly Necessary Cookies

      Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

      3rd Party Cookies

      This website uses Google Analytics and Linkedin to collect anonymous information such as the number of visitors to the site, and the most popular pages.

      Keeping this cookies enabled helps us to improve our website.

      Please enable Strictly Necessary Cookies first so that we can save your preferences!

      Powered by  GDPR Cookie Compliance