I-Phishing ama-imeyili awusongo olukhulu lwezokuphepha kumabhizinisi abo bonke osayizi. Eqinisweni, ziyindlela yokuqala izigebengu ezifinyelela ngayo kumanethiwekhi ezinkampani.
Yingakho kubaluleke kakhulu ukuthi abasebenzi bakwazi ukuhlonza ama-imeyili obugebengu bokweba imininingwane ebucayi uma bewabona.
Kulokhu okuthunyelwe kwebhulogi, sizoxoxa ngokuthi ungasebenzisa kanjani ukulingiswa kobugebengu bokweba imininingwane ebucayi be-GoPhish ukuze ufundise abasebenzi bakho ukuthi bangabona kanjani ukuhlaselwa kobugebengu bokweba imininingwane ebucayi.
Sizophinde sinikeze amathiphu okuthi unganciphisa kanjani ingcuphe yokuthi ibhizinisi lakho libe sengozini ukuhlaselwa kobugebengu bokweba imininingwane ebucayi.
Yini i-GoPhish?
Uma ungayazi i-Gophish, iyithuluzi elikuvumela ukuthi uthumele ama-imeyili alingisa obugebengu bokweba imininingwane ebucayi kubasebenzi bakho.
Lena indlela enhle yokubaqeqeshela ukuthi bangahlonza kanjani ama-imeyili obugebengu bokweba imininingwane ebucayi, kanye nokuhlola ulwazi lwabo ngale ndaba.
Ungayisebenzisa kanjani i-GoPhish?
Isinyathelo #1. Thola i-GoPhish Running
Ukuze usebenzise i-Gophish, uzodinga iseva ye-Linux ene-Golang ne-GoPhish efakiwe.
Ungasetha iseva yakho ye-GoPhish futhi uzenzele izifanekiso zakho namakhasi okufika.
Kungenjalo, Uma ufuna ukonga isikhathi futhi uthole ukufinyelela kuzifanekiso zethu nokusekelwa, ungakha i-akhawunti kwenye yamaseva ethu asebenzisa i-GoPhish bese ulungisa izilungiselelo zakho.
Isinyathelo #2. Thola Ukugijima Kweseva ye-SMTP
Uma usuvele uneseva ye-SMTP, ungakwazi ukweqa lokhu.
Uma ungenayo iseva ye-SMTP, bopha!
Abahlinzeki abaningi besevisi yamafu abakhulu, nabahlinzeki besevisi ye-imeyili, benza kube nzima kakhulu ukuthumela i-imeyili ngokohlelo.
Ubukwazi ukusebenzisa amasevisi afana ne-Gmail, i-Outlook, noma i-Yahoo ekuhloleni ubugebengu bokweba imininingwane ebucayi, kodwa njengoba izinketho ezifana nokuthi “Vumela Ukufinyelela Kuhlelo Lokusebenza Oluvikeleke Kancane” zikhutshazwa yilawa masevisi ukuze uthole usekelo lwe-POP3/IMAP, lezi zinketho ziyancipha.
Ngakho-ke yini i-teamer ebomvu noma Ukuphepha kwe-cyber consultant ukwenzani?
Impendulo iwukumisa iseva yakho ye-SMTP kumsingathi we-virtual private server (VPS) evumelana ne-SMTP.
Ngilungiselele umhlahlandlela lapha kubasingathi abakhulu be-VPS abanobungani be-SMTP, nokuthi ungasetha kanjani kalula iseva yakho ye-SMTP evikelekile ekwazi ukukhiqiza usebenzisa i-Poste.io ne-Contabo njengesibonelo: https://hailbytes.com/how -to-set-up-a-working-smtp-imeyili-server-for-phish-testing/
Isinyathelo #3. Dala ukulingisa kwakho kokuhlolwa kobugebengu bokweba imininingwane ebucayi
Uma usuneseva ye-imeyili esebenzayo, ungaqala ukudala ukulingiswa kwakho.
Lapho udala ukulingisa kwakho, kubalulekile ukuzenza kube ngokoqobo ngangokunokwenzeka. Lokhu kusho ukusebenzisa amalogo enkampani yangempela kanye nebhrendi, kanye namagama ezisebenzi zangempela.
Kufanele futhi uzame ukulingisa isitayela sama-imeyili obugebengu bokweba imininingwane ebucayi athunyelwa izigebengu okwamanje. Ngokwenza lokhu, uzokwazi ukunikeza abasebenzi bakho ukuqeqeshwa okungcono kakhulu.
Isinyathelo #4. Ithumela Ukulingisa Kokuhlola Ubugebengu Bokweba imininingwane ebucayi
Uma usudale ukulingiswa kwakho, ungakuthumelela abasebenzi bakho.
Kubalulekile ukuqaphela ukuthi akufanele uthumele ukulingisa okuningi ngesikhathi esisodwa, njengoba lokhu kungase kubaxake.
Futhi, uma uthumela abasebenzi abangaphezu kwe-100 phish ukuhlola ukulingisa ngesikhathi esisodwa, uzofuna ukwenza isiqiniseko sokuthi ufudumeza ikheli le-IP leseva yakho ye-SMTP ukuze ugweme izinkinga zokulethwa.
Ungabheka umhlahlandlela wami mayelana nokufudumala kwe-IP lapha: https://hailbytes.com/how-to-warm-an-ip-address-for-smtp-email-sending/
Kufanele futhi unikeze abasebenzi isikhathi esanele sokuqedela ukulingisa, ukuze bangazizwa bejaha.
Amahora angu-24-72 isikhathi esifanele sezimo eziningi zokuhlola.
#5. Tshela Abasebenzi Bakho
Ngemva kokuba sebeqedile ukulingisa, ungakwazi ukuxoxa nabo ngalokho abakwenze kahle nokuthi bangathuthuka kuphi.
Ukuxoxisana nabasebenzi bakho kungase kuhlanganise ukubuyekeza yonke imiphumela yomkhankaso, okuhlanganisa izindlela zokuhlonza ukulingisa kobugebengu bokweba imininingwane ebucayi okusetshenziswe ekuhlolweni, nokugqamisa izimpumelelo njengabasebenzisi ababike ukulingisa kobugebengu bokweba imininingwane ebucayi.
Ngokusebenzisa ukulingiswa kobugebengu bokweba imininingwane ebucayi be-GoPhish, uzokwazi ukufundisa abasebenzi bakho ukuthi bangawabona kanjani ama-imeyili obugebengu bokweba imininingwane ebucayi ngokushesha nangokuphephile.
Lokhu kuzosiza ukunciphisa ingcuphe yokuthi ibhizinisi lakho libe sengozini ukuhlaselwa kobugebengu bokweba imininingwane ebucayi.
Uma ungayazi i-Gophish, sikukhuthaza ukuthi uyihlole. Kuyithuluzi elihle elingasiza ibhizinisi lakho ukuthi lihlale liphephile ekuhlaselweni kobugebengu bokweba imininingwane ebucayi.
Ungakwazi ukwethula inguqulo esekulungele ukusetshenziswa ye-GoPhish ku-AWS ngosekelo oluvela ku-Hailbytes lapha.
Uma uthole lokhu okuthunyelwe kwebhulogi kuwusizo, sikukhuthaza ukuthi wabelane ngakho nenethiwekhi yakho. Sikumema futhi ukuthi usilandele ezinkundleni zokuxhumana ukuze uthole amanye amathiphu nezeluleko zokuthi ungahlala kanjani uphephile ku-inthanethi. Siyabonga ngokufunda!
Ingabe usebenzisa i-GoPhish phishing simulations enhlanganweni yakho?
Ingabe lokhu okuthunyelwe kwebhulogi kukusize ukuthi ufunde okuthile okusha nge-Gophish? Sazise kumazwana angezansi.
