Phishing, e-mail manipulation

The goal of the task is to deliver a fraudulent email to the mailbox of employee John Smith. There are two mail servers available in the task, for the domain cybfut.eu and freeemail.eu.

What to learn in the task

• Basics of email sender spoofing attack.
• Message processing procedure on the mail server (SMTP).
• Direct communication with the mail server.
• Interim tasks.
• Sending and receiving a test message.
• Spoofing the email sender via a third-party mail server.
• Sending an email by direct communication with the mail server.

Interim tasks are

• Sending an email from the client environment.
• Sending an email with a spoofed address sender.
• Sending an email by direct communication with the mail server.
• Email phishing attack.

Workstations are available within the task

• User – Windows OS
• Attacker – Kali OS (Debian)
• Mail server cybfut.eu – (Ubuntu)
• Mail server freemail.eu – (Ubuntu)

Network diagram

The time required for the laboratory task is max. 45 minutes.

To complete the task, you need to have an English keyboard layout installed on your computer (for easier control of remote computers).