Website Last Update :

Saturday, October 5, 2024

Create A Phishing Website In 10 Steps

Curious how you can clone websites, harvest credentials, and simulate website phishing attacks?

multiple phishing websites banner 

Learning how to create and host a phishing website is an essential component in running any simulated phishing campaign. They're used in just about every form of phishing (e.g., email phishing, SMS phishing, malvertising, etc.) and used to determine if employees would fall victim to credential harvesting attacks.

Just about every service we use has an internet-based component to it; this includes social media, financial services, collaboration platforms, and the list goes on. If a cybercriminal can compromise any of these, the entirety of your online presence is at risk, particularly if you haven't enabled Multi-Factor Authentication (MFA) and have re-used passwords.

While phishing websites are a crucial component of running successful simulated phishing campaigns, there's a lack of information on how to clone websites and host your own. In this blog, we'll outline simple steps you can follow to create your own phishing website from scratch.

Locate A Website To Clone

This is arguably the most important component of creating a phishing website. When choosing a website to clone, you need to choose one that is in use by your target(s). This could be a global service such as Microsoft 365 or Gmail, which most businesses around the world use, or something more personalized such as a Password Manager, Bank, or another service the target(s) may be using.

Clone The Website

Now it's time for what we're all here for! Let's walk through the website cloning process.

Step 1. Identify The Login Page.

Traverse to the website you've decided to clone and locate the login page. For this blog, we'll focus on cloning a Password Manager.

Password Manager Website

 

 

 

 

 

 

 

 

Step 2. Review The Web Page.

Check the web page source and see if external images, CSS, and JavaScript functions include relative paths or are hardcoded. For example, this Password Manager's external references are mostly hardcoded. Also, check to see if the webpage source looks quite empty. Does it contain many of the HTML elements you’d expect to see from the loaded page? If not, then that could indicate that the webpage is being dynamically loaded through various JavaScript functions.

Hardcoded Image URLs

 

 

 

 

 

Step 3. Download The Web Page Source.

Depending on whether the web page is statically or dynamically loaded - which is identified as part of step 2, you'll need to adjust your approach to downloading the web page.

Read More

Friday, October 4, 2024

WESTERNUNION TRANSFER - 04/OCTOBER/2024 - PROOF**

  WESTERN-UNION TRANSFER  

04 October 2024

Note : if you have Trust issues then this place is not for you 

First Read How We Start/Proceed On The Link Below We Are Working With Wu Since 2018 / 2023 Now 

If You Wana See Recent Proof Check The Link Below

Deal / Work / Contact Only With These 3 Contacts 

Dealing Contacts :

We Are Not Responsible if You Get Scammed By Other Contacts Using Our Website Name

SCREEN SHOTS


 



Read More

Wednesday, October 2, 2024

WESTERNUNION TRANSFER - 03 OCTOBER 2024 - PROOF**

  WESTERN-UNION TRANSFER  

03 October 2024

Note : if you have Trust issues then this place is not for you 

First Read How We Start/Proceed On The Link Below We Are Working With Wu Since 2018 / 2023 Now 

If You Wana See Recent Proof Check The Link Below

Deal / Work / Contact Only With These 3 Contacts 

Dealing Contacts :

We Are Not Responsible if You Get Scammed By Other Contacts Using Our Website Name

SCREEN SHOTS





Read More

Tuesday, September 24, 2024

WESTERNUNION TRANSFER - 24/SEP/2024 - PROOF**

  WESTERN-UNION TRANSFER  

24 September 2024

Note : if you have Trust issues then this place is not for you 

First Read How We Start/Proceed On The Link Below We Are Working With Wu Since 2018 / 2023 Now 

If You Wana See Recent Proof Check The Link Below

Deal / Work / Contact Only With These 3 Contacts 

Dealing Contacts :

We Are Not Responsible if You Get Scammed By Other Contacts Using Our Website Name

SCREEN SHOTS





Read More

Monday, September 23, 2024

WESTERNUNION TRANSFER - 23 September 2024 - PROOF**

  WESTERN-UNION TRANSFER  

23 September 2024

Note : if you have Trust issues then this place is not for you 

First Read How We Start/Proceed On The Link Below We Are Working With Wu Since 2018 / 2023 Now 

If You Wana See Recent Proof Check The Link Below

Deal / Work / Contact Only With These 3 Contacts 

Dealing Contacts :

We Are Not Responsible if You Get Scammed By Other Contacts Using Our Website Name

SCREEN SHOTS




Read More