The most common way attackers steal passwords, install malware on a victim's computer, or get employees to grant them unauthorized access to critical business systems is through so-called phishing attacks. A phishing attack is surprisingly low-tech, which is part of what makes it so devastatingly effective. Learning to spot these attacks is one of the most important things you can do to protect yourself online, since a hacker's tricks, called "lures," can appear anywhere from an email, to a Facebook message, to a real website that looks exactly like one you recognize! In this attack/defense exercise workshop, you'll learn how frighteningly easy it is for these scam sites to be built from the ground up, both manually and with tools like the Social Engineer's Toolkit. You'll also learn all about the tricks they use to fool you into falling for them.

https://wiki.hope.net/index.php?title=Launch_Your_Own_Website_Phishing_Attacks_workshop