Phishing Pot is a collection of real phishing samples collected via honey pots. The purpose of this repository is to provide a reliable database for researchers and developers of detection solutions. Pentesters and Red Teamers: This is not a repository of phishing templates!
You can contribute samples to this repository, however, remember to anonymize the files hiding information that could identify the address of your Honey Pot. All sensitive information should be replaced with phishing@pot. Sometimes the email address is contained within the content, either in the body of the message or in malicious URL arguments. Be sure to check these fields. If the content is encoded in base64, decode it, change the necessary values, re-encode it in base64 (respecting the indentation). You can use the command below to remove the original addresses of all files in a directory:
sed -i 's/[email protected]/phishing@pot/' *.eml
Also, follow the filename convention. You can redirect phishing messages to [email protected] so that they are indexed too. But please, be a normal human being and send samples in eml format. .msg, .pst or similar files will be rejected.
- Your website or platform allows users to register any email and there is no validation.
- Your marketing team is using leaked email lists and sending spam.
- Your servers are not configured correctly and allow attackers to carry out email spoofing attacks.
See
If you found the Phishing Pot data useful, please consider donating some satoshis to keep the project going. Part of the funds received will be redirected to privacy-focused projects.
bc1q7e3mf5nwmjk9sw8thy35s9r7rq27ta7lzj0d7l
