How hackers impersonate email-id’s : Email Spoofing and Phishing Attacks
Email Spoofing is a type of cyber-attack where the attacker sends fake emails which appear to have been sent by a legitimate/known person or entity. It is a common tactic for carrying out phishing attacks or spamming. The receiver of the email will see an email they trust and a name they are familiar with — mostly a friend or a colleague or an organisation they work with) and end up believing the email and taking action as mentioned.
In my previous blogs, I have mentioned how to create trojan and backdoors. When executed, the users sees normal files, but in the background, the evil code gets executed.
Delivering these files can be an application of email spoofing.
How to Spoof Emails
The initial step relies on information gathered and deciding which email you want to spoof. The emails should impersonate emails from a person or an organisation that the target can trust. It’s all social engineering!
If you are impersonating a friend, you can tell the target person to open an image. If you impersonate a support member from an organisation or admin of a website, you can tell the target to log in using a fake login page or tell the target to install an update.
Take a scenario
Suppose I want to impersonate the target person’s friend whose name is Aakashand I know that his email id is email@example.com . I will try to send a fake email to my target impersonating his email id.
It is really easy. Go to google and search for spoof emails online.
You will find a lot of websites providing this service. The problem with sending emails from these websites is that a lot of these emails will end up in the spam directory of the target person and not in the inbox of the person. The reason for this is because these websites are public and a lot of people use these websites for spamming, so mail server like google, yahoo, etc. mark emails received from these servers as spam.
To bypass this you can either use your own web-hosting plan or you can sign up for a free web-hosting plan and use that for sending fake emails.
Using a web hosting plan
The requirement for this method is that the web-hosting provider should support php files, so a static web-hosting won’t work. You can also use your own domain with the web-hosting provider but for this blog I will use a free web-hosting provider. I will be using https://www.000webhost.com/.
This is a paid service but I will be using their free plan for this blog. Go to the above link, scroll down and click on Free Sign Up under the Free Web Hosting .
After signing up, click on Create new site button on the top right.
A pop-up will appear where you would need to add your website name and password. Now remember both of these.
Next open https://files.000webhost.com/ in the same browser where you are logged into the webhost account. You may or may not need to enter the above credentials. If you are prompted, enter the above credentials and proceed. A page similar to the one shown below should be visible.