Introducing
Prezi AI.
Your new presentation assistant.
Refine, enhance, and tailor your content, source relevant images, and edit visuals quicker than ever before.
Trending searches
Loading…
Email phishing: techniques, tools, defense
20
Transcript
Personal information gathered from social networks or
other sources. Accurate and credible messages.
Email Phishing
Tools
URI Sandbox
Cloud based
Protection even after email delivery
Very effective for new phishing campaigns
Provides valuable feedback to ESVA appliance
HOW?
Real-Time landing page analysis
Follows all the redirects
Analysis of intermediate pages
Check black&white lists
Check for know malware
Check for suspect behavior
Techniques
ESVA Labs
Defense
Collaborative detection
Expert analysis
Updates released within 1 hour
Automatic live upate
A message that grabs your attention
- Your account has been canceled
- Apple ID disabled
Urgency
- Mailbox quota exceeded
- Money has been widthrawn from your account
- Incredible offer / win
CALL TO ACTION!!
- Social interaction / sex
- Click on this link
Rodolfo Saccani rodolfo.saccani@libraesva.com
- Download/run malware
Phishing techniques
- Provide personal information
- Perform a bank transaction
Standard spam fighting techniques are not enough
AV engines, filename and filetype policies, nested archive scanning, are important but ...
Quick detection and reaction is crucial
Botnets
Trojans
Infections
Virus
Same emailing techniques used for SPAM
Financial frauds
Bank account credentials
Over 100 new families discovered last year
Ransomware As A Service
Ransomware
Hundreds of millions of €
Mostly delivered via email
Profitable
Identity fraud
In particular: email credentials
"Nigerian" scam schemes
Because e-mailing
is basically FREE
Spearphishing
Targets
Landing page
Results
What is phishing?
Our phishing email
44 emails sent
24 opened 54% OR
18 clicks 75% CTR
40% of the targets clicked on the link
A fraud perpetrated through deception
An it was a security-literate audience!!
Phishing is a real danger
It is affordable
and effective
The attacker induces an action by masquerading as a reputable source
.
Phishing tools
- Many phishing tools are available
- Valuable to train users
- Our test with the open source framework gophish
As an example, here are the Remote Code Execution
fixes released just the previous week:
● MS16-064: flash - win 8 and 10
● MS16-067: windows shell – win 8 and 10
● MS16-055: graphics compontent – from Vista to 10
● MS16-053: JScript and VBscript – from Vista to 2008
● MS16-052: Edge – Win 10
● MS16-051: Explorer – from Vista to 10
All of these vulnerabilities just require a click.
Just a click on the link? Really???
How to fight phishing
2016 Libra Esva Partner event:
- We created and launched an email phishing campaign
- Target: induce the victim to click on the link
- How: a fake LinkedIN contact request
Money stealing
Industrial espionage
How can we fight phishing?
Identity fraud
Mass phishing and targeted phishing are two different things!!
Mass
Phishing
Targeted ransomware (hospitals)
Choose a template
Presentations from around the world
Learn more about creating dynamic, engaging presentations with Prezi