Tricking the user to go to our fake site

The success of every social engineering attack lies on the ability of the attacker to convince the user and the willingness of the user to follow the attacker's instructions. This recipe will be a series of situations and techniques used by attackers to take advantage of to make their cons more believable to a user and catch them.

In this section, we will see some of the attacks that have worked for previous security assessments, on users who were security conscious at a certain level and wouldn't fall to the classic "bank account update" scam.

How to do it...

  1. Do your homework: If it is a Spear phishing attack, do a thorough research about your target: social networks, forums, blogs, and any source of information ...

Get Kali Linux Web Penetration Testing Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.