Open source tool aimed at penetration testers lets them customize phishing attacks on their organizations

By Kelly Jackson Higgins
Senior Editor, Dark Reading
AUGUST 19, 2008 | 5:45 PM

A researcher next month will unleash a new, free open-source tool for conducting targeted phishing attacks in-house.

Targeted phishing attacks, also known as spear-phishing, are increasingly becoming the hacker’s method of choice for infecting and/or infiltrating a specific organization. These attacks can be eerily convincing, often using identical message footers and IP addresses as those within an organization, and can easily dupe unsuspecting users into opening them and following their malicious links.   [Comments...]