Taking the bait with phishing
Phishing is a cyberattack that makes up around 70% of breaches endured by victim organizations. This less-technical deception technique typically involves an attacker making some type of payload that is then sent to a victim, or many victims. The payload consists of an email with some type of malicious software or links that trick users into clicking on them. This is used through the art of deception and pretexting, and typically has some kind of bait used to lure the target.
Now, let's move forward and take a look at how we can apply phishing in an educational setting. The goal of this is to help you, the reader, understand the basic technical attributes in how a simple yet effective phishing website can be executed.
Executing phishing with AWS
Now that we understand what phishing is, let's take a look at a quick but very fun example of an exercise for using our AWS Kali Linux machine to help us execute the phishing attack. Before...
