Infrastructure setup steps

Step 1: Verify Target's DMARC "p" flag is set to "none" (many are!)

Step 2: Buy a closely related official-sounding domain name (~ $12)

Step 3: Create a Linux VM or cloud-based VPS

Step 4: Verify port 25 outbound traffic is permitted (some clouds block it)

Step 5: Install Postfix

Step 6: Configure your domain's A and SPF records in DNS

Step 7: Craft your phishing email

Step 8: Connect to your Postfix mail server

Step 9: Copy and paste your message

Step 10: Send