https://shadow.engineering/tags/phishing/ Recent content in Phishing on Shadow Engineering Hugo -- gohugo.io en © 2026 Tue, 01 Oct 2019 00:00:00 +1000 https://shadow.engineering/posts/teach_a_man_to_phish/ Tue, 01 Oct 2019 00:00:00 +1000 https://shadow.engineering/posts/teach_a_man_to_phish/ <h2 class="relative group">Background <div id="background" class="anchor"></div> <span class="absolute top-0 w-6 transition-opacity opacity-0 -start-6 not-prose group-hover:opacity-100 select-none"> <a class="text-primary-300 dark:text-neutral-700 !no-underline" href="#background" aria-label="Anchor">#</a> </span> </h2> <p><figure><img class="my-0 rounded-md" loading="lazy" decoding="async" fetchpriority="auto" alt="Phish Site" width="968" height="530" src="https://shadow.engineering/posts/teach_a_man_to_phish/image1_hu_1bfab189d9c752e4.png" srcset="https://shadow.engineering/posts/teach_a_man_to_phish/image1_hu_1bfab189d9c752e4.png 800w, https://shadow.engineering/posts/teach_a_man_to_phish/image1.png 1280w" sizes="(min-width: 768px) 50vw, 65vw" data-zoom-src="https://shadow.engineering/posts/teach_a_man_to_phish/image1.png"></figure> </p> <p>I know it may be hard to believe, but this poor looking website above is not the legitimate NAB website, it’s a poor mockery of a NABs internet banking portal based off a phishing kit we’ve seen. How do I know this? Because I made it.</p> <p>It stemmed from a weird need, we often need to showcase our phishing capability to seniors in the bank and as a good educational piece to students and employees. Depending on who we’re showcasing to we’re either demonstrating how we respond and manage the risk to customers, or educating users for simple things they can identify to determine the legitimacy. It also helps to showcase the other side of the phishers themselves; a lot of people don’t seem to realise what’s being gathered.</p>