Office spamming and BEC job

[sendingthings]

Bro can you sell the redrum to me pls i need it

 

[RonyKingSourcingINC]

Any mailer that allows for multiple sending accounts?

 

[sendingthings]

Very curious how it lack of updates, are you informed for them? Are you member even of it? Because every month or less there is update on it, before 2 weeks near there was a big update.

Can you please give me where to buy the redrum mailer

 

[wiseguy01]

I used to spam 2FA o365 with warmed up SMTPs for initial access for getting logins to network, mostly VPN or if asked dumped all email and gave to contractor.
You think I can do BEC?

 

[churk]

I used to spam 2FA o365 with warmed up SMTPs for initial access for getting logins to network, mostly VPN or if asked dumped all email and gave to contractor.
You think I can do BEC?

Yes
You just need first to collect as much as Office365 acceses you can
get good bankdrops

and after that you are only looking for invoices being sent in and out
when you have enough emails you are just watching one and another and so

 

[wiseguy01]

How can I modify invoice? Do I MitM between the email accounts or email accounting to instruct to transfer money to drop?
Also how are you guys getting drops? I have very old friend who was into banking and fintech he gave me drop during Kronos banker era with webinjects etc but I still don't know how someone get drop for a large like 6 or 7 digit transfers?

 

[wiseguy01]

RonyKingSourcingINC AMS mailer bspdev.ru I think it costs $30 between $50 my partner gave his key, I wish I could share with you guys but AMS 2.99.7 nulled version is out there!

 

[Winnie-the-Puff]

It doesn't work like that; MitM will not work. I shared how it works in my post /threads/108380/

To get a bank drop, you should make a fake company whose business is payment processing. Then find unsuspecting people who will be ready to work with you; they will open bank accounts, warm it up with their own cash, register on crypto exchanges, and buy crypto several times from their bank account using their money.

Then you'll have a bank account linked to a crypto exchange. It takes about a month if you have the experience to do that.

If not, you just find someone who has these drops, and they will work for a share of the money you send

 

[wiseguy01]

One tip for the beginners, focus on getting minimal and small leads like instead of targeting 1K email randomly with a bulk letter, just target 20 CFOs or sales managers with spear attacks that are targeted.
Like that you maximize your profit and work less.

 

[wiseguy01]

Question guys, where to get good CEO and CFO leads? Google is shitty source source as all emails are already spammed with pharma and my other issue is how can get company names to search for CFO or CEO in like crunchbase?
Found my answer) LinkedIn Premium)

 

[springwater1]

most people use linkedin apollo and there a few other leads websites on internet

 

[slidi97]

most people use linkedin apollo and there are a few other leads websites on internet

Do you have a tool to scrape large lists from them

 

[springwater1]

Do you have a tool to scrape large lists from them

no sorry unfortunately i do not at the moment maybe someone offering tool as a service on the forum i have not checked !

 

[wiseguy01]

Do you have a tool to scrape large lists from them

large list doesn't matter, targeting them correctly matters

 

[springwater1]

large list doesn't matter, targeting them correctly matters

yes but some people like to get a large list and filter them too see email providers to continue choosing targets and also filter out dead emails also most people like to just spam in general only a few are spear phishing

 

[wiseguy01]

yes but some people like to get a large list and filter them too see email providers to continue choosing targets and also filter out dead emails also most people like to just spam in general only a few are spear phishing

filtering valid emails can be done even with open source projects but spamming bulk is bullshit, even when I spam when I need ccs or logins for specific site, I use victim first name in the email) spearing is professionals task)

 

[iamnopiracy]

Question guys, where to get good CEO and CFO leads? Google is shitty source source as all emails are already spammed with pharma and my other issue is how can get company names to search for CFO or CEO in like crunchbase?
Found my answer) LinkedIn Premium)

start from a good social engineering analysis, small company with international running deal. Check references from social, most of them didn't have MFA and with a bit of luck you can easily find some credential already leaked.

 

[wiseguy01]

start from a good social engineering analysis, small company with international running deal. Check references from social, most of them didn't have MFA and with a bit of luck you can easily find some credential already leaked.

I do full analysis of victim, I look up social media, if they have iCloud, leaked DBs for extra info like IPs and extra info and then phish.
I found way to get leads with full data easily)

 

[springwater1]

I do full analysis of victim, I look up social media, if they have iCloud, leaked DBs for extra info like IPs and extra info and then phish.
I found way to get leads with full data easily)

yeah this spear phishing definitely most effective method and has highest rates of success as well

 

[lekinrib]

What sites do you recommend to get internals company employee leads that havent been raped – phone numbers email LinkedIn >

Apollo and more similar