Harvesting email addresses

- [Instructor] Email is one of our main forms of communication in the business world and is a coveted target for malicious actors. In this segment, we'll learn how to harvest or craft a list of email addresses, which then can be used in spear-phishing and spoofing attacks. In the wrong hands, having a list of valid email addresses can be very dangerous. For example, here is a notification of a recent attack. A group of malicious cyber actors have compromised and stolen sensitive information from various government and commercial networks. The attack used malicious files, often through embedded links and spear-phishing emails. As a result, part of an ethical hacking exercise might include locating and harvesting a valid email list. Well, how can we get a list of email addresses? Let's talk about a couple of ways. One way is we can purchase an email list. Now, if we do a search for "purchase email lists," we'll see that there are plenty of opportunities to purchase verified lists. Another method is to search a company's website. Let's take a look. I'm at the Landon Hotel website, which is a fictitious website used for training. And I'll look for a way to contact someone there at the Landon Hotel. Now, because many companies are aware that they should not have any email addresses on a public-facing website, you might not find any email addresses or lists to harvest. Now, we'll search around, and if we don't find one on the website, which, I didn't find any, we can then craft an email list. Now we'll need to start by using either a Contact Us form, or we might use a generic email address where we can start the process. Now, the Landon Hotel doesn't have a Contact Us form. However, there is a link that you can download more information right here. So I've downloaded the information and I've opened it in a new tab. And then, once there, we can search to find an email address. And here, we'll find one: info@landonhotel.com. So now let's talk about how we can use this information. Now, here is an example of what we might send. "I'd love to have some information on your deluxe suites." And then, once sent, I'll probably get a response back. All right, we see that the email has come from Barb Roberts. And now we see the way the email is structured, BRoberts. So the first initial and the last name @LandonHotel.com. Well, just imagine if I searched around a little bit more. I may have found a list of employees on that website. And then after finding that list of employees, which is sometimes available, maybe not on that website, but through other avenues, I can then craft an email address list using that same structure. So first initial and last name @LandonHotel.com. Now I have what I feel would be a valid email list. If you can't obtain an email list from the company, you can also generate one by going to a generator that you can find online. For example, I'm here at this site, and I'll scroll down here. This is where you would enter the field values: name, surname, and company domain. Now I've entered the following, Barb Roberts, Landon Hotel, and then I'll select Generate. And on the right-hand side, you'll see a list of all the email addresses for Barb Roberts. Now, if you throw enough of these at an email system, some of them might even get through. So now let's test your knowledge. Discuss ways you can harvest or craft a list of email addresses, which can then be used in spear-phishing and spoofing attacks. You can record your answer on the Challenge worksheet.