The other day i had to perform some brief and remote social engineering tasks. (1 day and telephone only)
I was attempting to trick a target into downloading a malicious executable by calling up, pretending to be BT (British Telecom) and then requesting that the user downloads a Speed Test in order for me to perform some “diagnostics”.
I provided the link to the customer as btsupport.com.phillips321.co.uk, unfortunately the phillips321.co.uk part is a total give away and I knew that much when I was communicating the link over the phone. As such domain names are now mega cheap; thus I purchased default.me.uk and aspx.me.uk.
I can now trick users with better looking links: btsupport.com.index.aspx.me.uk & btsupport.com.default.me.uk
Leave a Reply
You must be logged in to post a comment.