In general, phishing includes fraudulent attempts to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. In some cases, the disguise can be a website or a downloadable application. In some other cases, for example, phishing can be carried out by email spoofing or instant messaging, which often directs users to enter personal or sensitive information at a fake website or into a fake application. The fakes, which are often clones of authentic websites or applications, can have the look and feel of which are identical to the real thing.
Clone phishing is a type of phishing attack whereby a legitimate, and previously delivered email, website, or application, for example, can contain parts that have had content taken and used to create an almost identical or cloned version of the property. The content of the email, website, or application is replaced with a malicious version and then distributed to one or more targeted victims. This technique could be used from an infected machine to gain access on another machine, through deception of a clone.
Phishing attackers will often clone a website or a downloadable application prior to a phishing attack. Often cloning is performed by a cloning toolkit. Some phishing attackers will only clone some assets, and will distribute other assets from the original authentic source of the website or the downloadable application.