Phishing Email Kit: How to Spot and Avoid Them
Here’s another watchout for your inbox: Scammers using a website to host a “phishing kit.” Through the kit, scammers send phishing emails with links pointing to a webpage created to mimic a real website and asking you to provide your password. This type of phishing email kit usually provides a login page, and when someone puts in their password, it typically either emails the credentials to the scammer or writes it to a log file. Keeping you up to date on the latest scams is part of our cyber security service. So, let’s take a look at this particularly “phishy” ploy.
The Anatomy of a Phishing Scam
If you know what to watch out for, you can be more successful at avoiding these scams. Looking at the image below to the left, it starts with a phishing email with a link pointing to a fake login page. Taking a look at the link itself (below right), you can see that the last part of the link is an email address encoded (base64). This adds more trickery to the phishing site because when a user who receives it clicks on it, it loads that user’s email address into the login page.
Because I didn’t want to tell the scammer which email address clicked on the link, I encoded a fake email address, changed the link and opened it in a safe environment.
Taking a look at the login page (above right), I used software to capture all data that went to the website, and I was able to see what happens when I put a fake password into the site. As with most phishing email kits, I can see that it uses another script on the site to either log or email the credentials to the scammer (below).
By taking a closer look at the website used to host this phishing kit, I was able to find the actual phishing kit with the raw code (below left). You can see in the image below to the right, the referenced email address used in the phishing kit to send the harvested credentials to the scammer.
Email Phishing Kit: Protect Yourself
You don’t have to understand all the behind-the-scenes tech to know this scam is something you want to avoid. Things you can do to protect yourself:
- Always be cautious about what links you click on: If you are not expecting to receive this type of email or it seems “unusual,” err on the side of caution and reach out to the sender on another known contact method.
- Whenever logging into a website, double check the address bar and verify it is the correct site you are expecting.
Spot phishing attempts before you bite. Download Intrust’s Phishing Cheat Sheet to get all the “do’s,” “don’ts” and “nevers” when receiving emails.
Share this Blog
Is Your Name or Birthday a Part of Your Password?
If so, you’re a part of the 59 percent of people who don’t follow proper password hygiene. More than 70 percent of passwords are used for more than one system, meaning if cybercriminals crack one, they can access a lot more accounts.
Our free Enterprise Password Management Guide will give you the best password hygiene practices to help you secure your computer and your business.
Download the Guide
Explore the Latest Trends in IT
How to Hire an IT Company: Top 10 Questions to Ask
Vishing Attacks Surge: What It Could Mean for Your Organization
Information Technology Infrastructure Overview: Building a Resilient Digital Backbone
