Spear Phishing ?

[Str0ng]

well, I have a question to ask, I have access to the mail of a company, I can send messages directly from their main mail to employees, my question is if it is a good idea to send xlsm files that then download a malware on the laptops of employees and what method I can use to convince employees to download and run the malicious payload, and if you know a better method than office files that is not pdf, tanks!

 

[Script_186]

It is difficult to give a concrete answer, because you need to do research and collect as much information as possible about the company. For example, let's say you sent an encrypted file with the extension ".xslm" to FUD crypt, hoping that they are using a windows computer, and the result of the VT scan is even 0/61, and if the company's the user's sandbox or just Lynx or OS X will not work, in that case you cannot infect employees' computers and you may lose access to e-mail

I advise you to collect as much information as possible about the company, the company's equipment, the software used, employees, and by analyzing that information it is possible to come to the right conclusion whether to send a fatal ".xslm" file or just send a clone to a phishing site to steal VPN credentials. (or credentials from other portals if the company has them)

 

[Str0ng]

It is difficult to give a concrete answer, because you need to do research and collect as much information as possible about the company. For example, let's say you sent an encrypted file with the extension ".xslm" to FUD crypt, hoping that they are using a windows computer, and the result of the VT scan is even 0/61, and if the company's the user's sandbox or just Lynx or OS X will not work, in that case you cannot infect employees' computers and you may lose access to e-mail

I advise you to collect as much information as possible about the company, the company's equipment, the software used, employees, and by analyzing that information it is possible to come to the right conclusion whether to send a fatal ".xslm" file or just send a clone to a phishing site to steal VPN credentials. (or credentials from other portals if the company has them)

Thanks for the advice, I had planned to make a website similar to the one they have for the VPN, I suppose that is a better idea than sending malware, since I only need a domain similar to the one for the VPN and a vps of course, and if it is true that You should investigate well beforehand, they have Cisco vpn, I couldn't find software that works to do brute force, I could program it, but if I don't have valid credentials I don't know how to program a brute force for that

 

[Str0ng]

It is difficult to give a concrete answer, because you need to do research and collect as much information as possible about the company. For example, let's say you sent an encrypted file with the extension ".xslm" to FUD crypt, hoping that they are using a windows computer, and the result of the VT scan is even 0/61, and if the company's the user's sandbox or just Lynx or OS X will not work, in that case you cannot infect employees' computers and you may lose access to e-mail

I advise you to collect as much information as possible about the company, the company's equipment, the software used, employees, and by analyzing that information it is possible to come to the right conclusion whether to send a fatal ".xslm" file or just send a clone to a phishing site to steal VPN credentials. (or credentials from other portals if the company has them)

And it is true that they could have another system other than Windows, but as we all know, people normally use Windows, I would say that it is 70% likely that they are Windows, at least 9 out of 10