SlideShare ist ein Scribd-Unternehmen logo

How I Will Phish You

Als PPTX, PDF herunterladen
Dawn Yankeelov
Dawn Yankeelov

Derek Rush of LBMC Information Security presented at Techfest Louisville 2017 which was hosted by the Technology Association of Louisville Kentucky (TALK.)

Technologie
1 von 32
HowIWillPhishYou DerekRush Manager Optional: date here
Today’sAgenda Theanatomyofaphishingattackandwhat ITcandotohelpprevent,detect,and respondtophishingcampaigns
Types of Phishing
One phish, two phish, red phish, blue phish  Phishing • Generic attempts via email to acquire sensitive information by tricking users.  Vishing • Cold calls to an entity attempting to trick the recipient of the phone call into performing some action.  Spear phishing • Targeted phishing attempts aimed at specific individuals or groups within an organization where the attempts are personalized to increase credibility.  Whaling • Highly targeted attempts using email as the communication medium to gather sensitive information from high-value individuals within an organization.
Anatomy of a Phish
High Level Overview of Phishing Initial Foothold System Access Pivot Mercilessly  Today we’ll be focusing on how a threat actor may achieve the initial foothold on a corporation’s systems.
The Initial Foothold – One Approach Let’s bring the phishing process to life by going through a process from the start with a fake company called False, Inc. How does this process begin?  Research False, Inc. to understand organizational structure, business drivers, vendors, employee’s social media content, and other information repositories. • Initial reconnaissance is the most important step • Reveals phishing approaches that would likely succeed • Technical and non-technical in nature – LinkedIn, PGP keys, corporate websites, search engines, whois points of contact, identifying remote access services, FaceBook, Instagram, Twitter, GitHub, professional resumes, document metadata, SEC filings, and other publicly available information.
The Initial Foothold – One Approach Now we know a lot about the company and likely have some good phishing approaches that are likely succeed, let’s get a list of emails.  Obtain email addresses for the company by harvesting publicly available emails, and “mangling” known employee names . • Some clients prefer us to gather our own email addresses for a more real world attack scenario. • Some clients prefer to communicate a list of employee emails for testing to test the effectiveness of corporate security awareness campaigns. • Once the syntax of one corporate email is known, employee names can be mangled to the syntax of corporate email to derive a list of employees to phish.
The Initial Foothold – One Approach Now that we have knowledge of the company, internal personnel, and a list of emails, let’s figure out where our email should come from.  Purchase a domain name similar to false.com or a company that False, Inc. does business with and select a person for the emails to be sent from. • Usage of tools can help identify mangled domain names if our approach involves creating an email that appears as if it is from someone internal to the company being phished. • When we identified known vendors during the reconnaissance portion, we could also register mangled vendor domains such as microsofton1ine.com, trustvvave.com, or even lbnnc.com. • Are we sending the message from a Director of IT, from the account rep at a vendor, perhaps from a headhunter from a fake recruiting firm to HR, or from a business development analyst to their supervisor?
HowTo: Mangling a Domain – Part 1 Mangling a domain is a common technique for phishermen to use when they want their message to appear as if it’s from someone at a given company. Here’s an example of what mangling a domain looks like—
HowTo: Mangling a Domain – Part 2 Mangling a domain can be performed with multiple tools. In the first example, URLCrazy was used against false.com and came up with 74 mangled domains.The next example is from DNSTwist and what it was able to come up with 138 variants.
HowTo: Mangling a Domain – Part 3 Mangling a domain consists of taking a list of known ways to mistype a domain while still having it resemble the original domain. Here are the techniques used for false.com by both URLCrazy and DNSTwist These of course aren’t all the possibilities, but this is a great starting place.
The Initial Foothold – One Approach To recap, we now have knowledge of the company, internal personnel, a list of emails, and where our emails are going to come from. Now let’s think of what we’d like to try and get our phishing targets to do.  A common approach is to clone a familiar website that resembles a false.com login portal users would authenticate to or develop a document with malware that someone inside the company would be likely to open. • A critical failure in an email system occurred overnight and had to be replaced.Take action now to restore your access. • Business development leads from an internal resource with a malware macro. • Sending a social media link from a known associate’s spoofed email. • Posting a link onTwitter about the company if they have aTwitter presence.
The Initial Foothold – One Approach If we’re running short on creativity there are some great tools out there that come with templates for phishing that might get the creativity flowing—
Why Site Cloning? Site cloning is a popular tactic used by phishermen where a login portal is cloned, hosted on a threat actor’s server, and modified slightly so that whatever a user types in for the username and password is sent back to the attacker. Alternatively, the threat actor could include an exploit on the cloned site that they believe would be effective. Email portals, remote access portals, social media login portals, and anything else a user may login to are good choices.
Why Documents with Malware? Malware within electronic office documents is another popular tactic used by phishermen where a purportedly legitimate document contains malicious code that will either trigger when the user opens the document or when the user opens the document and enables macros. Macros and recent exploits for Microsoft, Java, Adobe, and other common third party products are used to conduct successful phishing campaigns.
Putting it AllTogether
Phishing Example 1 Here’s a phishing campaign where someone in need of a job sent their resume to an IT Recruiter that worked at a company.
Phishing Example 2 Here’s a phishing campaign that was sent out by a “Helpdesk Supervisor” letting employees know they need to take action to restore access to their email.
Phishing Example 3 Here’s a phishing campaign that was sent out by a “Helpdesk Supervisor” trying to educate employees with security awareness training for phishing attempts.
How IT Can Help The role of education, technology, and policies in limiting damage of phishing attempts if successful or preventing phishing attempts from the start.
Multi-factorAuthentication  All remotely accessible services that are facing the Internet should be secured with multi-factor authentication. • In the event of a successful phish where credentials are disclosed to an attacker, multi-factor authentication, when appropriately configured, can prevent the attacker from successfully using the credentials. • Third party services that are not on the company’s premises should also be secured. – Office365, a technology more and more organizations are moving to, is an example of a third party service that does provide multi-factor authentication that should be enabled.
Employee Awareness  All employees should be regularly educated to raise their awareness of phishing attacks. • Phishing quizzes • Monthly phishing email reminders with actual phishing attempts • Visual reminders around the office, such as educational posters – An especially good idea for preventing tail-gating
AssessTraining Effectiveness  The level of awareness of employees can be assessed by conducting regular phishing campaigns either internally or by having a third party do it. • Metrics from a simulated phishing campaign can highlight areas where training can be improved or identify employees who need additional help. • Social assessments should include multiple types of phishing (vishing, spear phishing, and whaling).
Keep Systems Patched  In the event of a successful phishing campaign, having systems patched is critical to preventing further damage. • Many phishing payloads deliver recent exploits that allow for remote code execution in the event that a user takes the action that the attacker is attempting to elicit. – Remote code execution = attacker is in your computer and has a degree of control over the computer depending on the permissions of the user who was phished. • MicrosoftAND 3rd party products should be patched – Weaponization of exploits after a patch is released usually occurs before the time allotted for patching within an organization’s patch policy
Spam Detection  While not a cure-all, an email gateway with spam detection capabilities will have an impact on the amount of spam and phishing attempts that reaches each end user. • Preventing excess spam from being delivered to end users will prevent message fatigue and make it more likely that users will spot phishing attempts with a higher level of sophistication.
Limit Access – Least Privilege  Users need access to do their jobs, but many companies suffer from access creep or allotting more permissions than needed for an employee to do their job effectively. • Enforcing least privilege at the operating system level may limit an attacker to a low privileged account (non-administrative). • Enforcing least privilege at the mapped drives and file shares will also limit the impact of ransomware and what it is able to encrypt.
Visual Indicators for Employees  Additional visual cues to assist employees in identifying phishing attempts. • Utilize the mail gateway to append [EXTERNAL] to emails that originate from outside of the company. • Have corporate photos displayed within the mail client so that when a picture is not present but the email appears to be from someone internal, users will report the phishing attempt. • Use plug-ins within the mail client that displays a button to a user that can be clicked if a suspected phishing attempt is identified. When clicked, the button will forward it to the helpdesk.
In Regards to Phishing…
Q&A
ContactInformation: DerekRush drush@lbmc.com 615.309.2422 LongLinks: http://www.tennessean.com/story/sponsor-story/lbmc/2016/08/03/protect-against-phishing-thinking-like-hacker/87914958/ http://www.tennessean.com/story/sponsor-story/lbmc/2016/10/12/lbmc-top-ways-protect-your-business-against-phishing- attacks/91723658/ ShortenedLinks: https://lnkd.in/ewfdY-C https://lnkd.in/ehZnx_h
Compliance andAudit Services Managed Security Services Security Consulting Navigate the complex maze of compliance regulations  HIPAA / HITRUST  Security Controls Assessment (SCA)  CMS / FISMA / NIST  FedRAMP / CSA CCM  Service Organization Control (SOC)  SOX / COSO  Payment Card Industry (PCI) Minimize threats and respond  Intrusion prevention and detection services  Security information and event management  Incident response and forensics  Vulnerability and threat management Tap in to our unaffiliated and objective assessments  Risk assessment / current state assessments  Security program design and implementation  Penetration testing  Web application assessments LBMC Information Security - a full spectrum of services

Empfohlen

A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...ijdpsjournal
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenCMR WORLD TECH
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYC
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYCUsing Return Path Data to Protect Your Brand: Security Breakout Session - NYC
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYCReturn Path
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
An intellect learning on e mail
An intellect learning on e mailAn intellect learning on e mail
An intellect learning on e mailIJNSA Journal
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docxsaivarun91
 
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing EmailsAnalyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing EmailsCybersecurity Education and Research Centre
 
Cyber Attacks
Cyber AttacksCyber Attacks
Cyber AttacksInsiya Tarwala
 

Empfohlen

A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...A novel way of integrating voice recognition and one time passwords to preven...
A novel way of integrating voice recognition and one time passwords to preven...ijdpsjournal
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenCMR WORLD TECH
 
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYC
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYCUsing Return Path Data to Protect Your Brand: Security Breakout Session - NYC
Using Return Path Data to Protect Your Brand: Security Breakout Session - NYCReturn Path
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
An intellect learning on e mail
An intellect learning on e mailAn intellect learning on e mail
An intellect learning on e mailIJNSA Journal
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docxsaivarun91
 
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing EmailsAnalyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing EmailsCybersecurity Education and Research Centre
 
Cyber Attacks
Cyber AttacksCyber Attacks
Cyber AttacksInsiya Tarwala
 
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...MZERMA Amine
 
Fire eye spearphishing
Fire eye spearphishingFire eye spearphishing
Fire eye spearphishingZeno Idzerda
 
Information security
Information securityInformation security
Information securityLaxmiprasad Bansod
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
 
Cyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalCyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalResham Acharya
 
Security Threats to Electronic Commerce
Security Threats to Electronic CommerceSecurity Threats to Electronic Commerce
Security Threats to Electronic CommerceDarlene Enderez
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)eSAT Journals
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)eSAT Publishing House
 
Safe Email Practices
Safe Email PracticesSafe Email Practices
Safe Email PracticesJonathan Slavin
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing AttacksRapid7
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103Jack McCullough
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET Journal
 
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
[IJET V2I5P15] Authors: V.Preethi, G.VelmayilIJET - International Journal of Engineering and Techniques
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafeCheapSSLsecurity
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyPreeti Papneja
 
A Basic Guide to Safe Surfing on the Internet
A Basic Guide to Safe Surfing on the InternetA Basic Guide to Safe Surfing on the Internet
A Basic Guide to Safe Surfing on the Internet- Mark - Fullbright
 
Network Threats
Network ThreatsNetwork Threats
Network ThreatsDan Oblak
 
Cyber security
Cyber securityCyber security
Cyber securityJoseMerda1
 
Iy2515891593
Iy2515891593Iy2515891593
Iy2515891593IJERA Editor
 
Phishing
PhishingPhishing
PhishingSagar Rai
 
Article1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organiArticle1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organimallisonshavon
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 

Weitere ähnliche Inhalte

Was ist angesagt?

Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...MZERMA Amine
 
Fire eye spearphishing
Fire eye spearphishingFire eye spearphishing
Fire eye spearphishingZeno Idzerda
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Eyal Doron
 
Cyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalCyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalResham Acharya
 
Security Threats to Electronic Commerce
Security Threats to Electronic CommerceSecurity Threats to Electronic Commerce
Security Threats to Electronic CommerceDarlene Enderez
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)eSAT Journals
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)eSAT Publishing House
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing AttacksRapid7
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103Jack McCullough
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET Journal
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafeCheapSSLsecurity
 
A Basic Guide to Safe Surfing on the Internet
A Basic Guide to Safe Surfing on the InternetA Basic Guide to Safe Surfing on the Internet
A Basic Guide to Safe Surfing on the Internet- Mark - Fullbright
 
Network Threats
Network ThreatsNetwork Threats
Network ThreatsDan Oblak
 
Cyber security
Cyber securityCyber security
Cyber securityJoseMerda1
 

Was ist angesagt? (20)

Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
Symantec & WSJ PRESENTS "MALWARE on Main Street" ...
 
Fire eye spearphishing
Fire eye spearphishingFire eye spearphishing
Fire eye spearphishing
 
Information security
Information securityInformation security
Information security
 
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
Dealing with the threat of spoof and phishing mail attacks part 6#9 | Eyal ...
 
Cyber security tips in Banking in Nepal
Cyber security tips in Banking in NepalCyber security tips in Banking in Nepal
Cyber security tips in Banking in Nepal
 
Security Threats to Electronic Commerce
Security Threats to Electronic CommerceSecurity Threats to Electronic Commerce
Security Threats to Electronic Commerce
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
 
Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)Web phish detection (an evolutionary approach)
Web phish detection (an evolutionary approach)
 
Safe Email Practices
Safe Email PracticesSafe Email Practices
Safe Email Practices
 
Combating Phishing Attacks
Combating Phishing AttacksCombating Phishing Attacks
Combating Phishing Attacks
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
 
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
[IJET V2I5P15] Authors: V.Preethi, G.Velmayil
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
A Basic Guide to Safe Surfing on the Internet
A Basic Guide to Safe Surfing on the InternetA Basic Guide to Safe Surfing on the Internet
A Basic Guide to Safe Surfing on the Internet
 
Network Threats
Network ThreatsNetwork Threats
Network Threats
 
Cyber security
Cyber securityCyber security
Cyber security
 
Iy2515891593
Iy2515891593Iy2515891593
Iy2515891593
 
Phishing
PhishingPhishing
Phishing
 

Ähnlich wie How I Will Phish You

Article1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organiArticle1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organimallisonshavon
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 
Account Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionAccount Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionKalin Hitrov
 
Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?SOCVault
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUUniversity of Essex
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareDavid Sweigert
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - KloudlearnKloudLearn
 
Train Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesTrain Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesHuman Resources & Payroll
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!Caroline Johnson
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfanjandavid
 
TM112 Meeting10-Dangerous Data.pptx
TM112 Meeting10-Dangerous Data.pptxTM112 Meeting10-Dangerous Data.pptx
TM112 Meeting10-Dangerous Data.pptxMohammedYusuf609377
 
Software Frauds or Ethical Issues.ppt
Software Frauds or Ethical Issues.pptSoftware Frauds or Ethical Issues.ppt
Software Frauds or Ethical Issues.pptPramodAlfred
 
5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop Them5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop ThemAnvesh Vision Private Limited
 

Ähnlich wie How I Will Phish You (20)

Article1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organiArticle1DISCUSSION_1Information security within an organi
Article1DISCUSSION_1Information security within an organi
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
Account Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full ProtectionAccount Takeover: The Best Practices for Full Protection
Account Takeover: The Best Practices for Full Protection
 
Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?
 
PHISHING PROTECTION
PHISHING PROTECTION PHISHING PROTECTION
PHISHING PROTECTION
 
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EUAnatomy of a breach - an e-book by Microsoft in collaboration with the EU
Anatomy of a breach - an e-book by Microsoft in collaboration with the EU
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
FBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from RansomwareFBI Memo on How to Protect Yourself from Ransomware
FBI Memo on How to Protect Yourself from Ransomware
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Spear Phishing
Spear PhishingSpear Phishing
Spear Phishing
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - Kloudlearn
 
Train Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security BreachesTrain Employees to Avoid Inadvertent Cyber-Security Breaches
Train Employees to Avoid Inadvertent Cyber-Security Breaches
 
7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!7 Practices To Safeguard Your Business From Security Breaches!
7 Practices To Safeguard Your Business From Security Breaches!
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdf
 
TM112 Meeting10-Dangerous Data.pptx
TM112 Meeting10-Dangerous Data.pptxTM112 Meeting10-Dangerous Data.pptx
TM112 Meeting10-Dangerous Data.pptx
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacks
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber Attacks
 
Software Frauds or Ethical Issues.ppt
Software Frauds or Ethical Issues.pptSoftware Frauds or Ethical Issues.ppt
Software Frauds or Ethical Issues.ppt
 
5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop Them5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop Them
 
Train Employees to Avoid Cybercrime
Train Employees to Avoid CybercrimeTrain Employees to Avoid Cybercrime
Train Employees to Avoid Cybercrime
 

Mehr von Dawn Yankeelov

TALK Public Policy 2022
TALK Public Policy 2022TALK Public Policy 2022
TALK Public Policy 2022Dawn Yankeelov
 
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021Dawn Yankeelov
 
Discussing Guidance & Liabilities Regarding Reopening
Discussing Guidance & Liabilities Regarding ReopeningDiscussing Guidance & Liabilities Regarding Reopening
Discussing Guidance & Liabilities Regarding ReopeningDawn Yankeelov
 
DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDawn Yankeelov
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Dawn Yankeelov
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveDawn Yankeelov
 
The Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitThe Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitDawn Yankeelov
 
Cyber Security Resilience by KY CISO David Carter
Cyber Security Resilience by KY CISO David CarterCyber Security Resilience by KY CISO David Carter
Cyber Security Resilience by KY CISO David CarterDawn Yankeelov
 
Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt. Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt. Dawn Yankeelov
 
Cybersecurity Information From KY's CISO
Cybersecurity Information From KY's CISOCybersecurity Information From KY's CISO
Cybersecurity Information From KY's CISODawn Yankeelov
 
Legal Issues in Data Privacy and Security: Response Readiness Before the Breach
Legal Issues in Data Privacy and Security: Response Readiness Before the BreachLegal Issues in Data Privacy and Security: Response Readiness Before the Breach
Legal Issues in Data Privacy and Security: Response Readiness Before the BreachDawn Yankeelov
 
Kentucky's Cyber Enclave
Kentucky's Cyber EnclaveKentucky's Cyber Enclave
Kentucky's Cyber EnclaveDawn Yankeelov
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Dawn Yankeelov
 
RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in HealthcareRCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in HealthcareDawn Yankeelov
 
Kentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
Kentucky's Cyber Engineering Pathway for Teens By Scott U'SellisKentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
Kentucky's Cyber Engineering Pathway for Teens By Scott U'SellisDawn Yankeelov
 
PSST: Seamless Data Solutions
PSST: Seamless Data Solutions PSST: Seamless Data Solutions
PSST: Seamless Data Solutions Dawn Yankeelov
 
RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare Dawn Yankeelov
 
Cybersecurity Trends & Startups by Gula Tech Adventures
Cybersecurity Trends & Startups by Gula Tech AdventuresCybersecurity Trends & Startups by Gula Tech Adventures
Cybersecurity Trends & Startups by Gula Tech AdventuresDawn Yankeelov
 
Understanding Research & Development Tax Credits in KY
Understanding Research & Development Tax Credits in KYUnderstanding Research & Development Tax Credits in KY
Understanding Research & Development Tax Credits in KYDawn Yankeelov
 
Blockchain: An Explanation by Frost, Brown & Todd Attorneys
Blockchain: An Explanation by Frost, Brown & Todd Attorneys Blockchain: An Explanation by Frost, Brown & Todd Attorneys
Blockchain: An Explanation by Frost, Brown & Todd Attorneys Dawn Yankeelov
 

Mehr von Dawn Yankeelov (20)

TALK Public Policy 2022
TALK Public Policy 2022TALK Public Policy 2022
TALK Public Policy 2022
 
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
A Look At Evolving Cybersecurity Policy for Financial Institutions 2021
 
Discussing Guidance & Liabilities Regarding Reopening
Discussing Guidance & Liabilities Regarding ReopeningDiscussing Guidance & Liabilities Regarding Reopening
Discussing Guidance & Liabilities Regarding Reopening
 
DHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber ResilienceDHS Cybersecurity Services for Building Cyber Resilience
DHS Cybersecurity Services for Building Cyber Resilience
 
Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019Cyber Security Threats Facing Small Businesses--June 2019
Cyber Security Threats Facing Small Businesses--June 2019
 
A Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate PerspectiveA Look at Cyber Insurance -- A Corporate Perspective
A Look at Cyber Insurance -- A Corporate Perspective
 
The Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your ToolkitThe Case for EDR: What's In Your Toolkit
The Case for EDR: What's In Your Toolkit
 
Cyber Security Resilience by KY CISO David Carter
Cyber Security Resilience by KY CISO David CarterCyber Security Resilience by KY CISO David Carter
Cyber Security Resilience by KY CISO David Carter
 
Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt. Cyber Security Resilience from Metro Louisville Govt.
Cyber Security Resilience from Metro Louisville Govt.
 
Cybersecurity Information From KY's CISO
Cybersecurity Information From KY's CISOCybersecurity Information From KY's CISO
Cybersecurity Information From KY's CISO
 
Legal Issues in Data Privacy and Security: Response Readiness Before the Breach
Legal Issues in Data Privacy and Security: Response Readiness Before the BreachLegal Issues in Data Privacy and Security: Response Readiness Before the Breach
Legal Issues in Data Privacy and Security: Response Readiness Before the Breach
 
Kentucky's Cyber Enclave
Kentucky's Cyber EnclaveKentucky's Cyber Enclave
Kentucky's Cyber Enclave
 
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
Understanding Cyber Industrial Controls in the Manufacturing and Utilities En...
 
RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in HealthcareRCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare
 
Kentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
Kentucky's Cyber Engineering Pathway for Teens By Scott U'SellisKentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
Kentucky's Cyber Engineering Pathway for Teens By Scott U'Sellis
 
PSST: Seamless Data Solutions
PSST: Seamless Data Solutions PSST: Seamless Data Solutions
PSST: Seamless Data Solutions
 
RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare RCM Brain: AI Bots in Healthcare
RCM Brain: AI Bots in Healthcare
 
Cybersecurity Trends & Startups by Gula Tech Adventures
Cybersecurity Trends & Startups by Gula Tech AdventuresCybersecurity Trends & Startups by Gula Tech Adventures
Cybersecurity Trends & Startups by Gula Tech Adventures
 
Understanding Research & Development Tax Credits in KY
Understanding Research & Development Tax Credits in KYUnderstanding Research & Development Tax Credits in KY
Understanding Research & Development Tax Credits in KY
 
Blockchain: An Explanation by Frost, Brown & Todd Attorneys
Blockchain: An Explanation by Frost, Brown & Todd Attorneys Blockchain: An Explanation by Frost, Brown & Todd Attorneys
Blockchain: An Explanation by Frost, Brown & Todd Attorneys
 

Kürzlich hochgeladen

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 

Kürzlich hochgeladen (20)

The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 

How I Will Phish You

  • 4. One phish, two phish, red phish, blue phish  Phishing • Generic attempts via email to acquire sensitive information by tricking users.  Vishing • Cold calls to an entity attempting to trick the recipient of the phone call into performing some action.  Spear phishing • Targeted phishing attempts aimed at specific individuals or groups within an organization where the attempts are personalized to increase credibility.  Whaling • Highly targeted attempts using email as the communication medium to gather sensitive information from high-value individuals within an organization.
  • 5. Anatomy of a Phish
  • 6. High Level Overview of Phishing Initial Foothold System Access Pivot Mercilessly  Today we’ll be focusing on how a threat actor may achieve the initial foothold on a corporation’s systems.
  • 7. The Initial Foothold – One Approach Let’s bring the phishing process to life by going through a process from the start with a fake company called False, Inc. How does this process begin?  Research False, Inc. to understand organizational structure, business drivers, vendors, employee’s social media content, and other information repositories. • Initial reconnaissance is the most important step • Reveals phishing approaches that would likely succeed • Technical and non-technical in nature – LinkedIn, PGP keys, corporate websites, search engines, whois points of contact, identifying remote access services, FaceBook, Instagram, Twitter, GitHub, professional resumes, document metadata, SEC filings, and other publicly available information.
  • 8. The Initial Foothold – One Approach Now we know a lot about the company and likely have some good phishing approaches that are likely succeed, let’s get a list of emails.  Obtain email addresses for the company by harvesting publicly available emails, and “mangling” known employee names . • Some clients prefer us to gather our own email addresses for a more real world attack scenario. • Some clients prefer to communicate a list of employee emails for testing to test the effectiveness of corporate security awareness campaigns. • Once the syntax of one corporate email is known, employee names can be mangled to the syntax of corporate email to derive a list of employees to phish.
  • 9. The Initial Foothold – One Approach Now that we have knowledge of the company, internal personnel, and a list of emails, let’s figure out where our email should come from.  Purchase a domain name similar to false.com or a company that False, Inc. does business with and select a person for the emails to be sent from. • Usage of tools can help identify mangled domain names if our approach involves creating an email that appears as if it is from someone internal to the company being phished. • When we identified known vendors during the reconnaissance portion, we could also register mangled vendor domains such as microsofton1ine.com, trustvvave.com, or even lbnnc.com. • Are we sending the message from a Director of IT, from the account rep at a vendor, perhaps from a headhunter from a fake recruiting firm to HR, or from a business development analyst to their supervisor?
  • 10. HowTo: Mangling a Domain – Part 1 Mangling a domain is a common technique for phishermen to use when they want their message to appear as if it’s from someone at a given company. Here’s an example of what mangling a domain looks like—
  • 11. HowTo: Mangling a Domain – Part 2 Mangling a domain can be performed with multiple tools. In the first example, URLCrazy was used against false.com and came up with 74 mangled domains.The next example is from DNSTwist and what it was able to come up with 138 variants.
  • 12. HowTo: Mangling a Domain – Part 3 Mangling a domain consists of taking a list of known ways to mistype a domain while still having it resemble the original domain. Here are the techniques used for false.com by both URLCrazy and DNSTwist These of course aren’t all the possibilities, but this is a great starting place.
  • 13. The Initial Foothold – One Approach To recap, we now have knowledge of the company, internal personnel, a list of emails, and where our emails are going to come from. Now let’s think of what we’d like to try and get our phishing targets to do.  A common approach is to clone a familiar website that resembles a false.com login portal users would authenticate to or develop a document with malware that someone inside the company would be likely to open. • A critical failure in an email system occurred overnight and had to be replaced.Take action now to restore your access. • Business development leads from an internal resource with a malware macro. • Sending a social media link from a known associate’s spoofed email. • Posting a link onTwitter about the company if they have aTwitter presence.
  • 14. The Initial Foothold – One Approach If we’re running short on creativity there are some great tools out there that come with templates for phishing that might get the creativity flowing—
  • 15. Why Site Cloning? Site cloning is a popular tactic used by phishermen where a login portal is cloned, hosted on a threat actor’s server, and modified slightly so that whatever a user types in for the username and password is sent back to the attacker. Alternatively, the threat actor could include an exploit on the cloned site that they believe would be effective. Email portals, remote access portals, social media login portals, and anything else a user may login to are good choices.
  • 16. Why Documents with Malware? Malware within electronic office documents is another popular tactic used by phishermen where a purportedly legitimate document contains malicious code that will either trigger when the user opens the document or when the user opens the document and enables macros. Macros and recent exploits for Microsoft, Java, Adobe, and other common third party products are used to conduct successful phishing campaigns.
  • 18. Phishing Example 1 Here’s a phishing campaign where someone in need of a job sent their resume to an IT Recruiter that worked at a company.
  • 19. Phishing Example 2 Here’s a phishing campaign that was sent out by a “Helpdesk Supervisor” letting employees know they need to take action to restore access to their email.
  • 20. Phishing Example 3 Here’s a phishing campaign that was sent out by a “Helpdesk Supervisor” trying to educate employees with security awareness training for phishing attempts.
  • 21. How IT Can Help The role of education, technology, and policies in limiting damage of phishing attempts if successful or preventing phishing attempts from the start.
  • 22. Multi-factorAuthentication  All remotely accessible services that are facing the Internet should be secured with multi-factor authentication. • In the event of a successful phish where credentials are disclosed to an attacker, multi-factor authentication, when appropriately configured, can prevent the attacker from successfully using the credentials. • Third party services that are not on the company’s premises should also be secured. – Office365, a technology more and more organizations are moving to, is an example of a third party service that does provide multi-factor authentication that should be enabled.
  • 23. Employee Awareness  All employees should be regularly educated to raise their awareness of phishing attacks. • Phishing quizzes • Monthly phishing email reminders with actual phishing attempts • Visual reminders around the office, such as educational posters – An especially good idea for preventing tail-gating
  • 24. AssessTraining Effectiveness  The level of awareness of employees can be assessed by conducting regular phishing campaigns either internally or by having a third party do it. • Metrics from a simulated phishing campaign can highlight areas where training can be improved or identify employees who need additional help. • Social assessments should include multiple types of phishing (vishing, spear phishing, and whaling).
  • 25. Keep Systems Patched  In the event of a successful phishing campaign, having systems patched is critical to preventing further damage. • Many phishing payloads deliver recent exploits that allow for remote code execution in the event that a user takes the action that the attacker is attempting to elicit. – Remote code execution = attacker is in your computer and has a degree of control over the computer depending on the permissions of the user who was phished. • MicrosoftAND 3rd party products should be patched – Weaponization of exploits after a patch is released usually occurs before the time allotted for patching within an organization’s patch policy
  • 26. Spam Detection  While not a cure-all, an email gateway with spam detection capabilities will have an impact on the amount of spam and phishing attempts that reaches each end user. • Preventing excess spam from being delivered to end users will prevent message fatigue and make it more likely that users will spot phishing attempts with a higher level of sophistication.
  • 27. Limit Access – Least Privilege  Users need access to do their jobs, but many companies suffer from access creep or allotting more permissions than needed for an employee to do their job effectively. • Enforcing least privilege at the operating system level may limit an attacker to a low privileged account (non-administrative). • Enforcing least privilege at the mapped drives and file shares will also limit the impact of ransomware and what it is able to encrypt.
  • 28. Visual Indicators for Employees  Additional visual cues to assist employees in identifying phishing attempts. • Utilize the mail gateway to append [EXTERNAL] to emails that originate from outside of the company. • Have corporate photos displayed within the mail client so that when a picture is not present but the email appears to be from someone internal, users will report the phishing attempt. • Use plug-ins within the mail client that displays a button to a user that can be clicked if a suspected phishing attempt is identified. When clicked, the button will forward it to the helpdesk.
  • 29. In Regards to Phishing…
  • 30. Q&A
  • 32. Compliance andAudit Services Managed Security Services Security Consulting Navigate the complex maze of compliance regulations  HIPAA / HITRUST  Security Controls Assessment (SCA)  CMS / FISMA / NIST  FedRAMP / CSA CCM  Service Organization Control (SOC)  SOX / COSO  Payment Card Industry (PCI) Minimize threats and respond  Intrusion prevention and detection services  Security information and event management  Incident response and forensics  Vulnerability and threat management Tap in to our unaffiliated and objective assessments  Risk assessment / current state assessments  Security program design and implementation  Penetration testing  Web application assessments LBMC Information Security - a full spectrum of services