Skip to content
← writing
· 2 min read · #kali-linux#security

Kali Linux & Server Mail, for Creating Phishing Emails via Spoofing

Phishing is a social engineering technique used to obtain sensitive information from a user, such as login credentials, financial data, or personal information. Phishing attacks can be carried out through emails, SMS, direct messages on social media, or other channels.

Phishing is a social engineering technique used to obtain sensitive information from a user, such as login credentials, financial data, or personal information. Phishing attacks can be carried out through emails, SMS, direct messages on social media, or other channels.

In this article, we will see how I created fake phishing emails using Kali Linux, a Linux distribution designed for cybersecurity.

Through this technique, one uses email spoofing, so it is possible to send phishing emails as if they were from online shops, couriers, banks,…

The SendInBlue[ex. SendInBlue] Email Server

To start, I created a free account on SendInBlue, an email marketing service that offers a free SMTP server. I then used the login information provided by SendInBlue to configure the SMTP server in Kali Linux.

The Key Role of Kali Linux

Once the SMTP server was configured, I began creating my first phishing email. I chose to create an email that appeared to come from a well-known online shop and informed the recipient that their package had been lost. The email then asked the recipient to click on a link to find it.

This experience was very useful for me to better understand phishing techniques and improve my cybersecurity skills. It also allowed me to gain experience with Kali Linux and email servers.

Responsible Use

I used this opportunity with great caution and only for educational and ethical purposes. I wanted to experiment with social engineering attacks to understand how they work so that I could protect myself from them. Ethics has always been my guide in this journey. Cybersecurity can be a dangerous field, and I have always believed that with knowledge comes the responsibility to use it correctly.

Conclusion

Creating phishing emails can be a dangerous activity, but it can also be a formative experience for those who work in cybersecurity. If you are thinking of creating phishing emails for educational purposes, it is important to follow some precautions:

  • Use a dedicated SMTP server to send your emails. This will help protect your identity and avoid being blocked by email marketing service providers.
  • Never send emails to addresses that do not belong to you. This will help you avoid violating privacy and data protection laws.
  • Always be careful with the emails you receive. If an email seems too good to be true, it probably is.