April 04, 2010

E-mail Forging

E-mail Forging allows an attacker to disguise the source of an e-mail and send it to the victim. Most attackers use this technique to fool the victim into believing that somebody else has sent the particular e-mail.

Q.How to use this technique?
A. Let's Start:
Step 1) Start the Shell Prompt or Command Prompt and type the command below which is bold:
$> telnet mailserver.com 25

I am using the word "mailserver.com", who does not really exist. This is your home work to find the
real mailserver.

Step 2) Once you are connected to the mail daemon of a remote mail server, you would be greeted with a
message similar to the following:
220 mailserver.com ESMTP Sendmail 8.12.11/8.12.11; Wed,
5 May 2003 00:18:26 -0700

Step 3) Now in command prompt write the commands sequentially as follows which are bold:
i) helo microsoft.com
ii) mail from: billgates@microsoft.com
iii) rcpt to: abc@victim.com
iv) data
v) Dear Victim,
My name is Bill Gates and I am the chairman of Microsoft Corporation. I would like to offer you
a job. If you are interested in working for me, then please reply to this e-mail or give me call at
xx-xxxxxxxxxxxx.
Thanks,
William Gates
vi) . (This dot is necessary after writing mail)

No comments:

Post a Comment