Phishing is not cybercrime, phishing is the exploitation of people. In this presentation, PhishLabs walks through the problem phishing poses to businesses and how you can prepare your employees with effective security awareness training, robust intelligence and tools to fight back against the threat. Download the on-demand version of the full webinar here: https://info.phishlabs.com/the-rise-of-spear-phishinghow-to-avoid-being-the-next-headline
If you're interested in signing up for our webinar series, click here:
https://info.phishlabs.com/the-rise-of-spear-phishinghow-to-avoid-being-the-next-headline
The Rise of Spear Phishing & How to Avoid being the Next Headline
1.
2. 2017 R.A.I.D. Webinar Series
• What’s it about?
• Insights from our Research, Analysis, Intelligence Division and other PhishLabs’ experts
• Hosted every month, exact dates TBD
• Focus on current threat campaigns – dissect attacks, scams, campaigns, and discuss threat
actors
• Goal: equip you to better secure your network, your employees, your company and your
customers
• Who should attend?
• Open invitation – feel free to share!
• Security leaders and professionals responsible for managing cyber threats
3.
4. January agenda
The Rise of Spear Phishing: How to Avoid Being the Next Headline
Proprietary and Confidential
Copyright 2017 PhishLabs
4
Crane Hassold
Senior Security Threat Researcher
Dane Boyd
Employee Defense Training Principal
5.
6. What is Phishing?
6
Proprietary and Confidential
Copyright 2017 PhishLabs
Phishing is not a cyber crime
Phishing is the exploitation of people that
leads to cybercrime
7.
8. Impacts of Phishing
• Financial loss (direct & indirect)
• Direct monetary loss
• $209 million lost to ransomware in Q1 2016
• $3.1 billion lost to BEC scams since January 2016
• Remediation costs
• $2-4 million average cost of a data breach
• Stock price
• Lawsuits
• Consumer trust
Proprietary and Confidential
Copyright 2017 PhishLabs
8
9. Impacts of Phishing
• Financial loss (direct & indirect)
• Data compromise
• Personally identifiable information (PII)
• Credentials (employee & customer)
• Tax records
• Intellectual property
Proprietary and Confidential
Copyright 2017 PhishLabs
9
10.
11. Impacts of Phishing
• Financial loss (direct & indirect)
• Data compromise
• Brand reputation
• Employee trust
Proprietary and Confidential
Copyright 2017 PhishLabs
11
12.
13. Ransomware
• Biggest emerging threat of 2016
• Restricts access to files and extorts
victim for ransom in exchange for
decryption
• Relatively simple
• Numerous families, yet only a few
persist
• Ransomware-as-a-Service (Cerber)
• Targeted campaigns focused on high-
impact targets
Proprietary and Confidential
Copyright 2017 PhishLabs
13
14. Remote Access Trojans (RATs)
• Allows attacker to remotely control a
victim’s computer
• Generic in nature (no targeting
information)
• Requires very little skill to use
• Can steal information and monitor
user’s activity
• Available for purchase in underground
forums and the Dark Web
Proprietary and Confidential
Copyright 2017 PhishLabs
14
15. Banking Trojans
• Generally used to collect credentials
• Little to no interaction with attacker
after infection
• Webinjects and redirects used to
present victim with fake webpages
• Targeting information contained within
configuration files
• Can be configured to target internal
enterprise systems
Proprietary and Confidential
Copyright 2017 PhishLabs
15
16.
17. IRS/W-2 Scams
• Offshoot of BEC scams
• 400% increase in IRS tax scams in
January 2016
• 40+ companies compromised in Q1
2016
• Spoofed email requests employee
W-2s
• Goal is to collect W-2s for tax refund
fraud and identity theft
• Will likely re-emerge in 2017
Proprietary and Confidential
Copyright 2017 PhishLabs
17
18. APT Malware
• “Advanced Persistent Threat”
• Goal is stealth and persistence
• Extremely sophisticated
• Unique tools
• The Big Three
• Russia – espionage, propaganda
• China – IP theft
• North Korea – political retaliation
Proprietary and Confidential
Copyright 2017 PhishLabs
18
Deep Panda/
APT19
Fancy Bear/
APT28
Deep Panda/
APT19
19.
20. Agenda
• Duration
• Frequency
• Content
• Deployment
Proprietary and Confidential Copyright 2017 PhishLabs
Employee Defense Training Descriptors
47. Employee Defense Training Descriptors
• Duration: Keep it Short; Make it Memorable
• Frequency: Repetition is Crucial for Success
• Content: Prepare for the Real World
• Deployment: Make Success Easy
Proprietary and Confidential Copyright 2017 PhishLabs