Phishing is a social engineering technique used to obtain sensitive information from a user, such as login credentials, financial data, or personal information. Phishing attacks can be carried out via email, SMS, social media direct messages, or other channels.

In this article, we will see how I created fake phishing emails using Kali Linux, a Linux distribution designed for cybersecurity.

This technique uses email address spoofing, so it is possible to send Phishing emails as if they came from online shops, couriers, banks,…

Brevo Mail Server[ex. SendInBlue]
To get started, I created a free account at SendInBlue, an email marketing service that offers a free SMTP server. I then used the login information provided by SendInBlue to set up the SMTP server in Kali Linux.

The Key Role of Kali Linux
Once I had my SMTP server configured, I began creating my first phishing email. I chose to create an email that appeared to be from a well-known online store, informing the recipient that their package had been lost. The email then asked the recipient to click on a link to find it.

This experience was very useful to me in understanding phishing techniques and improving my cybersecurity skills. It also gave me experience with Kali Linux and mail servers.

Responsible use
I have used this opportunity with great caution and only for educational and ethical purposes. I wanted to experience how social engineering attacks work to understand how to protect myself from them. Ethics have always been my guide in this journey. Cybersecurity can be a dangerous field, and I have always believed that with knowledge comes the responsibility to use it correctly.

Conclusion
Creating phishing emails can be a dangerous activity, but it can also be a learning experience for those involved in cybersecurity. If you are considering creating phishing emails for educational purposes, it is important to follow a few precautions:

• Use a dedicated SMTP server to send your emails. This will help protect your identity and avoid being blocked by email marketing service providers.
• Never send emails to email addresses that are not yours. This will help you avoid breaking privacy and data protection laws.
• Always be careful about the emails you receive. If an email seems too good to be true, it probably is.

All articles on this site are written with the OpenAI ChatGPT AI, model 3.5.
This is an advanced language model that helped generate the site's content, ensuring quality and consistency in the language.