Clone Website Attack: Stop Hackers Before They Start! #shorts

One of the ones that is my favorite is this a cloned website. When we're doing attacks, okay, we will clone a customer's website for the purposes of a spear fishing engagement. All I need is a user ID, password, two-factor authentication, something like that. I clone that website and then I send an email to the victims at that organization and then they go to that website. I intercept their user ID, password, two-factor authentication and now I'm them in their cloud service. This is standard level attacks that happen again and again and again. What this does is awesome. So I can put in a domain. That means this is the domain. If this JavaScript ever fires on this domain,

don't do anything. So when it executes, it knows the domain of the website that it's on. I can put in my email address and then I can put in a little note to myself. Here we go. And then I create the Canary token and it creates this JavaScript. Um, this is amazing because it says if the Windows location does not equal Black Hills infosc, then it's going to go to Canary tokens and it's going to trigger this alert. What this does, and by the way, you can totally offiscate this like so. What this does is when a hacker clones your website, it automatically takes this JavaScript with it. Now, when the attacker runs that website, it runs the

JavaScript. It sees it's not on a Black Hills.com domain and then it automatically triggers an alert and I get the IP address of that cloned website before they have ever sent a single spear fishing email into my organization.