PhishingBox offers a template for creating USB (or any local storage) drops that can be placed around selected locations. If a target picks up the storage device and loads a .html file and clicks a link that is on the device, then a clicked link action can be recorded. USB drops allow you to test your organization's vulnerability to potential device drop attacks. Follow the instructions below to configure a USB drop template.
- Create several aliases or actual emails on your email system with distinguishing names, such as email@example.com, firstname.lastname@example.org, etc. These emails will be used for each location where a USB/CD will be placed. We also recommend creating one additional email for testing to ensure the configuration works properly.
- NOTE: These are not emails for the client, but emails that you are able to receive.
- Import these emails into a Group in PhishingBox.
- Create a social engineering test with these emails using the template named 'USB-CD-DROP'. You can find this template in the template library. Make any changes to the template as you see fit. When a target clicks on the file in the USB or CD, they will be taken to the landing page just configured.
- When the emails are received from the test configured in step three, copy the HTML body of the email and place it in a text file with a .html extension and upload the file to a storage device. You can name the file whatever you would like, but you need to keep track of where you place each file at the target site.
- NOTE: A file should be created for each unique email address. Each email should be used for a specific location. We also recommend creating at least one additional file for testing to ensure the configuration works properly.
- Place the devices at the desired physical locations.
- The actions of the target, such as opening the file, will be recorded. However, the actions will not identify a specific individual. In most cases, it will report the public IP address of the location where the file was accessed—as such, knowing which file was placed where is key to a successful test. Depending on the security settings of the target's computer system, they may be warned about opening such a file. If they cancel the opening of the file, no actions will be recorded.