1. First, an attacker creates the replica of original website and check whether there is anything which can be easily detected. After the successful creation, sometimes for surety attacker runs the phishing site on local
the host using the software like
2. Once the phishing site runs with zero error on the local host, attacker register for a fake domain and fake
hosting provided fake information. An attacker tries to keep the domain look similar to the original one.
For ex: original domain like:-twitter.com. Now attacker tries to keep fake domain like:-twinterr.com.
Which is not easily noticed by the user.
3. Once the phishing site is live, now attacker target the user and send phishing link via mail or over chats
in such a way that a user get manipulated and opens the link.
Once user to the link, his credentials are recorded.
Types of phishing attacks:
1. Man in the middle (MITM):
In MITM, Attacker sits between the source and destination.
Attacker monitors and sniffs the activities of the target and tries to get the credentials.
MITM can be performed over HTTP as well as https. Generally, the user is redirected to a proxy server and
real proxy is not used which makes this attack more successful.
The proxy may be of any type but attacker avoids the user to use the real proxy.
3. URL Redirection:
Attacker shares a link to the target user which on opening redirects to the phishing page.
An attacker tries to keep the link as similar to the original so that there are less chances of being caught.
This is one of the traditional methods of performing the phishing attack.
Generally, user shares such links over personal chats or emails.
4. Site cloning:
Site cloning is generally performed directly by the Social Engineering Toolkit (SET) which comes pre-installed
in Kali Linux. It creates the clone of a site on local IP of the attacker.
When target and attacker both shares the same network, site cloning is useful.
5. Keylogger or Malware Based:
The attacker can inject malware into the target system by the means of e-mail or any method or installs
the keylogger which tracks every activity of the target and anonymous sends the data record to the attacker
when target system goes online.
Besides these attacks, there are some other types of phishing attacks which also plays an important role. Some are:
* Fake search engine
* Clint Side Attack
* DNS Redirection Attack