Hackers can easily hack any device by combining social engineering, one of the most dangerous skills in their arsenal, with phishing. They mostly target individuals who are less advanced or knowledgeable on the technological side with phishing scams. Businesses and individuals are increasingly facing issues due to the emergence of more advanced techniques in the hackerspace. One such technique used by hackers for phishing is creating fake brand URLs using URLCADIZ, which can even confuse professionals. You can easily test these fake URLs by git cloning them.
How to Hack make advanced phishing URLs
- Step 1: Download the URLCadiz Tool with the following command on the Kali Linux terminal:
git clone https://github.com/PerezMascato/URLCADIZ
- Step 2: Download and Install Dependencies
sudo pip3 install pyshorteners
- Step 3: Change the directory to the folder and Run the Tool with the following command:
- Step 4: After running, the tool will ask you which URL you want to select. Select one of the following sites. I am choosing Instagram since its so popular.
- Step 5: After selecting the Instagram option in the above section, you must enter the address of the site that the user must run after the clicking the link to that site (enter the address of your fake phishing page)
- Step 6: After entering the fake page link in the above section, you need to enter the address that the reader will see in the URL. Make sure it’s long enough to get concatenated.
- Step 7: That’s it you now have a phishing URL as shown below:
Most users cannot tell the difference between this and a real URL. They Look so similar that almost everyone thinks that its actually an Instagram page.
Check the image below and see how it looks on the Mozilla browser.
Usage of URLCADIZ for attacking targets without prior mutual consent is illegal. It’s the end user’s responsibility to obey all applicable local, state, and federal laws. This tutorial is for educational purposes only.
That’s all folks. This is how hackers hack Instagram and other social media accounts through phishing URLs and social engineering/hacks. Make sure to stay safe and check URLs before using any links.