Phishing
Use OSINT to find brands and places the victim trusts
Check businesses near victim's office
Look for suppliers, friends, co-workers
Use an urgent-sounding subject line
Use anchor text to spoof links: Click Here https://onlinebank.thm
Phishing Infrastructure
Domain Name
TLS Certificate
Email Server
DNS Records
Web Server
Analytics (track of the emails that have been sent, opened or clicked)
Tools: GoPhish - (Open-Source Phishing Framework) - getgophish.com SET - (Social Engineering Toolkit) - trustedsec.com