Open rinon opened 6 years ago
tkh16
commented
6 years ago Alabaster certainly isn't the brightest bulb in the box, but he also isn't the dimmest. He will only fall for specific phishing attacks. Have you performed intelligence gathering based on his existing emails to get an idea of what attacks he is likely to fall for?
rinon
commented
6 years ago I believe that I have included the proper keywords and even sent the email from the proper user. I don't really have a way to verify this though.
rinon
commented
6 years ago It seems that someone manually retrieved the files in the document, however, they do not appear to have been run. Was that you?
I am sending Alabaster a phishing email, but he does not appear to be clinking on links, based on my http server logs for the server hosting the docx file. Messages are getting queued up with responses similar to: