Spear phishing attack using Kali Linux

Spear phishing attack using Kali Linux

연구 분야: Strategies

학회: Journal of Computing Sciences in Colleges, Volume 37, Issue 4

This assignment is for a course on Cybersecurity for students with no prior knowledge of social Engineering in terms of phishing and spear phishing email attacks. The course instructor explains the social engineering, phishing, and spear phishing attack concepts and the differences between them. The course instructor explains to the students how spear phishing is highly targeted and targets a single individual compared to how the phishing attack targeted and targets hundreds and sometimes thousands of recipients. A spear phishing attack scenario might involve an attacker who is impersonating an organizational IT consultant that sent an email to one or more employees. Their emails will be worded and signed the same way as the IT consultants normally do with their emails. In their way, the company employees will be deceived into thinking that these are authentic emails. This assignment requires using a special software called Kali Linux. The instructor provides the students with the following link to download the Kali Linux software: https://www.kali.org/. Students should download the Kali Linux software image and install it through their virtual box on their machines. In this way, students' computers setting will not be affected. In this assignment, each student chooses a partner, communicates with him/her, and sends simulated phishing emails that contain a suspicious link to a decoy website, such as Google account site, Twitter, Facebook, etc. to his/her partner. Upon receiving the signed email, the student's partner read the email, click on the link, and try to access a decoy website using their username and password (fake username and password). This process should be done in five steps: