hi everyone with the rise of fishing attacks going around i thought it would be helpful to raise some awareness around fishing a text by demonstrating how simple it is to create a fake or fishing website i hope this video will remind you to be extra careful before you trust any links or url you received so step 1 create a phishing site using a popular open source tool for fishing a text called black eye and step 2 deliver that phishing site to our target and in other words trick our target to come visit our phishing website and finally step three we wait for the target to bite the bait and collect all kinds of compromising information from them so before we start let me show you how to get the phishing tool simply type in black eye in your browser and click on the result that belongs to a non-day that should bring you to the black guy repository where there are steps to guide you through how to download the tool and use it now with the tool downloaded in our machine we will start creating our phishing website by typing one simple line plain and simple this tool even give us a variety of websites to choose from so you can see how convenient and effortless it is for the scammers out there and in this demonstration we will be creating an amazon phishing site which is index number 34 so we type in number 34 and within seconds the website should be created now once the url has been generated it means that the website is ready so let's check out the phishing website to see how it looks like we pull up our favorite browser we paste the generated link in and enter so what you see on the screen now is the amazon phishing site we have just created together now i'm going to visit the real amazon login page on the right hand side of the screen to see how our fishing site measure up okay so here we are i think we can all agree that the fake one is definitely good enough to catch someone off guard if they are not careful enough now that our website is ready let's move on to the next step to deliver the website to the target there are many ways to do this and in this video we will be demonstrating one of the popular ways which is sending it by an email okay here we have drafted an email ready to send to our target but before that let's insert the fake website url and cover it up with an attractive tagline so that the target is more likely to click on it let's go with check here to validate your email address and now that we have a perfect email let's send it out to the target okay and here we are in our final mile where we wait for our target to bite the bid for demonstration purposes let's assume that the target takes the beat on the left hand side of the screen we have the targets view where he would read through the email thinking that he got lucky and go ahead validating his email he clicks on the link get redirected to our phishing site where we will be notified as shown in the screen here looking at this login page with all the familiar amazon logo and layout the convinced and careless target punched in his email address and password and logs in and that's it we have his credentials the target will be brought to the real amazon page and by this time i hope he realized that he has been tricked now what we have just went through is only a simple example with a little more effort one could also customize and create other popular fishing sites that are lucrative like banking sites it is also crazy to know how simple it is for anyone to create a fishing site to start preying on people so i hope you can all be more vigilant and careful pay attention and verify when in doubt the weakest link in cyber security is often human