This is a screenshot of an email I just got. I was wondering if there is anything good that can be done with the tools in Kali to find out details without getting infected by it. Also is there someplace these emails can be forwarded to in order to report them and have them investigated by the proper authorities.
-
CEH-What can be done with a phishing email
-
Daniel,
I hope all is well. Great that you caught this little "phishee" without it biting you.
In terms of reporting it, you can contact Bank of America ( at least that is what it looks like is the bank being spoofed based on the screen shot ) and they may or may not want a copy of it.
Tip for you: if you are not a customer of the bank, they typically are not interested in getting this stuff, so if you are a customer, make sure that you call and speak to a human in customer service, and explain that you have received a phishing e-mail and want to know if they ant a copy, and if so, how to submit it.
In terms of trying to use tools in Kali, or in general, not a good idea for several reasons:
-
Likely to wind up infecting your system, even if it is a VM and sandboxed.
-
Likely to draw attention to yourself and your IP, which is never a good thing, even if it is a VM with a throw away IP and is stealthed with an anonymizer. Bad actors that are good at what they do will be able to figure out where and who you are before you know they have.
-
Even if you do find out anything, at best an IP or a general Geo/Location, what then? Again, you are probably going up against an adversary with more skills than you may have in this area, and you never know who is on the other end of that keyboard....
Stick to identifying and ignoring the e-mails, you will be a lot happier and safer.
Good Luck !!!
Cheers,
Adam
-
-
@Adam-Gordon That's kinda what I was thinking. I did reach out to Bank Of America just in case. At least I can feel like I was trying to do the right thing.
-
Bank of America was interested enough to have me forward it to them. Its good they take an interest in this kind of thing.
-
I get them all the time. Bank of America and most banks have a department for this