Secondary Categories: 02-Initial Access

Creating an email pre-text that is convincing is difficult… Here is what I recommend:

Gathering Information for Ideas

Begin by gathering data relevant to the target:

  • What is the Product or Service that is marketed to the client?
  • Has the company had any acquisitions made or any public collaborations with other companies
  • Business Hours
  • Employee Names from LinkedIn or Data Breaches
    • Understand the company hierarchy structure and positions/titles
  • What would create a sense of urgency?

Creating the Pre-Text

Once you’ve gathered the information you can begin to generate some ideas here are a few that I came up with:

  • Reaching out to the Sales Team through the β€œContact Us” page to speak with someone from sales or marketing - Works great with payloads
  • Reaching out to specific targets to sign a document before date
  • Pose as the IT team and request the target to download a tool to install and run on their system

Leveraging AI to write a phishing email template

With the rise of all AI chat bots like ChapGPT you can leverage these to create a pre-text for you. They aren’t the best, but at least it may help generate template to base you phishing email or message from.

Duplicating Phishing, Spam, or Legit Marketing Emails

Another great method that works is to just download, export, clone, or mimic real marketing emails that are send you your personal inbox.


Resources:

Also Check Out:

  • PLACEHOLDER