Spear Phishing Attack

What is a phishing attack

2 min readJul 19, 2021

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. It occurs when an attacker, masquerading as a trusted entity, dupes a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information.

An attack can have devastating results. For individuals, this includes unauthorized purchases, the stealing of funds, or identify theft.

sounds like its dangerous😨

So its see how its done

🛑🛑🛑Caution this is only for educational purpose 🛑🛑🛑

Step one

You need a kali Linux machine simple ways install it and dual boot apart from your main OS or set up a virtual machine

Step two

go to github and clone this repo

git clone https://github.com/jaykali/shellphish.git
cd shellphish
bash shellphish.sh

step three

select the number for desired clone of the website . Then launch it with the ngrok or localhost

step four

search for social engineering tool in linux

Then open it select option
1) social engineering attack

Then select
5) mass mailer attack

Then fill all the select the option 2 to target a specific email

then fill all the basic details and type END in the body to finish the mailer attack

NOTE: Attach the link which you obtained from shellphing

Congratulation no your a hacker😜😜😜😜

Points to Remember

Businesses should employ both technological and human safeguards to counteract the threat of spear-phishing. In addition to typical measures like spam filters, malware detection, and antivirus, companies should advocate phishing simulation exercises, user training, and offering an existing channel for users to report questionable emails to the IT security team.

In addition to user education and awareness, the security department should be proactive in securing procedures to limit attackers’ windows of opportunity. Getting everyone on board with measures to better combat spear-phishing demands a deft touch.