Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live...

Post on 22-Jul-2020

3 views 0 download

Preview:

Click to see full reader
Report this document
SHARE

Transcript of Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live...

Paul Ducklin Senior Technologist

Paul Ducklin Senior Technologist

Phishing is dead. Long live phishing!

Paul Ducklin Senior Technologist

Phishing A story in pictures

Paul Ducklin

Who am I?

duck@sophos.com

@duckblog

nakedsecurity.sophos.com

An electronic message of some sort that tricks you into giving away personal information that you wish

you'd kept to yourself

Phishing

An email or IM that tricks you into saying something

you wish you hadn't“

Phishing

Subject: Account Review Team

From: "PayPal" <member445@someserver.example.com>

Please take a minute to read this urgent notification sent by our Account Review Team.

Our security system has blocked unusual charges to a credit card linked to your account.

An intrusion into your account has been detected which shows that someone tried to access your PayPal account without your permission. we have limited access to your account due to this problem.

Thanks for your high attention. Please do understand that this is a security measure taken with intention to protect you and account.

I back myself to spot phishing emails, assuming they get through the spam

filter in the first place

“”

I back myself to spot phishing emails, assuming they get through the spam

filter in the first place

“”

I back myself to spot phishing emails, assuming

they aren't the sort of thing I'd usually expect

“”

Account notification: http:/yourbank.example.com

1 new Secure Email http:/your bankexamplecom

Your online statement is ready htp yourbankexamplecom

I back myself to spot phishing emails, but

SMSes aren't emails and they arrive on my phone

“”

Spearphishing

Subject: Outstanding payment amount

Regarding the amount due 456.78 GBP, we act on behalf of Zxxxxxx Yyyy in order to collect the outstanding value of your debt.

Original invoice will be send out to:

Aaaaaaaa Bbbbbbbbbbbb 72 Acacia Avenue Abingdon Oxfordshire OX14 XXX

Spearphishing

Survey scams

Money laundering

Business email compromise / Whaling

What to know?

Phishes don't just ask for passwords 1

Phishes don't only arrive by email 2

Phishes may come from people you know3

Phishes often look harmless4

What to do?

Sophos Phish ThreatPhishing attack simulation and training for your end users

Top related

COMBATTING MODERN EMAIL PHISHING ATTACKS · 2016-11-07 · Combatting modern email phishing attacks More effective than traditional phishing scams, spear-phishing attacks are carefully
 Documents
CAREERS IN RADIOLOGIC TECHNOLOGY RADIOLOGIC TECHNOLOGIST –RADIOGRAPHER –X-RAY TECHNOLOGIST TECHNICIAN TECHNICIANRADIOLOGIST.
 Documents
Other Scopes - QCHP scopes.pdf · Other Scopes Anesthesia Technologist Dialysis Technician Dialysis Technologist Pharmacy Technician Endoscopy Technician Urology Technologist Assistant
 Documents
Anti-Phishing Technology - APWG › reports › phishing-sfectf-report.pdf · 1/19/2005 Anti-Phishing Technology 2 The frequency of phishing attacks has increased dramatically in
 Documents
Hyperbaric technologist
 Health & Medicine
SPEAR PHISHING - dandh.com...SPEAR PHISHING VS PHISHING Spear phishing and phishing attacks both leverage impersonation to commit fraud. The difference between the two is that spear
 Documents
AWARENESS OF PHISHING SCENARIO - CYBERWISER.eu · 2020. 11. 19. · Phishing attack exercise •Identify phishing indicators in an email. •Distinguish phishing from legitimate emails.
 Documents
Trainee Technologist Neurophysiology
 Documents
ISACA_21st century technologist
 Documents
Phishing Awareness - Valdosta State University€¦ · Types of Phishing Attacks Spear phishing - Phishing attempts directed at specific individuals or companies have been termed
 Documents
Phishing-Aware: A Neuro-Fuzzy Approach for Anti-Phishing ...networking.khu.ac.kr/.../data/Phishing-Aware.pdfPhishing-Aware: A Neuro-Fuzzy Approach for Anti-Phishing on Fog Networks
 Documents
Phishing - Fred 151 · 2020-03-21 · di Phishing. 2 Identificare Come riconoscere il Phishing. Cosa fare se siamo vittime di Phishing 3 Esempi Esempi di email di Phishing. 4 Test
 Documents
Phishing - Study Mafiastudymafia.org/wp-content/uploads/2015/03/CSE-phishing-report.pdf · Phishing software and computer programs are designed to prevent the occurrence of Phishing
 Documents
Technologist ReRegistration AppForm
 Documents
Why phishing still works: user strategies for combating phishing … · 2020. 9. 23. · Why phishing still works: user strategies for combating phishing attacks Mohamed Alsharnouby,
 Documents
What is Phishing | How to Spot a Phishing email or Website 2020 | Antivirus for Phishing Attack
 Services
Phishing and Anti-phishing techniques
 Documents
Phishing & Spear Phishing - info.vadesecure.com Marketing Website... · Phishing Spear Phishing Understanding an Emerging Threat to Healthcare Organizations 5 vadesecure.com How Phishing
 Documents
The Surgical Technologist
 Documents
The Financial Technologist
 Documents

Copyright © 2022 FDOCUMENTS