SlideShare a Scribd company logo

Evolution of phishing Bsides Delft 2018

Johanna Curiel
Johanna Curiel

Evolution of phishing Bsides Delft 2018

Technology
1 of 22
Download to read offline
Evolution of Phishing Eva Tanaskoska Security Specialist 12-10-2018
The weakest link in the security chain…
Earliest stages of phishing – more than 20 years ago • First examples of credential harvesting: • AOL emails in the ‘90s. • First examples of malicious attachments: • ILOVEYOU worm.
Log in to AOL to read your message
A lovely love letter
Type of information phished • Attackers targeted wide audiences with phishing campaigns aimed at gathering credentials, credit card information, personal information. • The increase in e-commerce accelerated these trends.
What about spear-phishing? • Spear-phishing required more sophistication due to accessibility of information. • Previously attackers had to use newsletters and other sources to forge an attack. • Today the internet contains huge amounts of information related to an individual.
Growing sophistication of phishing emails • Thanks to awareness campaigns, emails with broken English and typos have a lower success rate. • Modern phishing emails tend to contain links to the legitimate site and official logos, as well as names of actual employees and formal language.
The technical side of phishing • Phishing techniques and malware have been continuously developing in sophistication. • Mostly due to modern preventive measures. • Even with all the preventive measures available today, it is still possible to execute even the oldest tricks in the book.
.jpg.exe
Java applets
File format exploits
… and the wonderful world of Office phishing
Office “features” • Microsoft Office has historically enabled a huge amount of phishing attacks via intended features. • Examples include: • Office macros • Dynamic Data Exchange (DDE) • Object Linking and Embedding (OLE) • But most importantly… • HTML Applications (HTA)
Office “features”
Office “features”
HTML Applications (HTA) • HTML Applications can be used to run a number of languages, such as Javascript, VBScript, JScript, etc. • Can be used to execute Powershell and ActiveX controls. • Everything is executed by mshta.exe.
• So what about today?
What kind of information is being targeted today? • Attackers search for: • Medical data. • Cryptocurrency keys. • SSH keys. • Corporate information. • E-commerce information.
Sophistication • Phishing sophistication has greatly increased – from the Nigerian prince phishing to advanced attacks utilizing homographs, RLO characters, OAuth abuse, etc.
Attack vectors today • Some old methods, such as .pdf.exe and macros still work. • Occasional file format exploits. • Microsoft Office and Windows feature abuses. • HTML Applications seem immortal at this point. • Zero days?
Demo!

Recommended

Cybercrime: A Primer
Cybercrime: A PrimerCybercrime: A Primer
Cybercrime: A Primerfwscholl
 
Internet Security is an Oxymoron
Internet Security is an OxymoronInternet Security is an Oxymoron
Internet Security is an OxymoronMax Nokhrin
 
CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270Dario
 
Careers in ethical hacking
Careers in ethical hackingCareers in ethical hacking
Careers in ethical hackingentranzz123
 
Careers in ethical hacking
Careers in ethical hackingCareers in ethical hacking
Careers in ethical hackingentranzz123
 
Computer Hacking by Rudy
Computer Hacking by RudyComputer Hacking by Rudy
Computer Hacking by RudyUdieh Moody
 
UW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing AwarenessUW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing AwarenessNicholas Davis
 
Social media risk
Social media riskSocial media risk
Social media riskMosoco Ltd
 

Recommended

Cybercrime: A Primer
Cybercrime: A PrimerCybercrime: A Primer
Cybercrime: A Primerfwscholl
 
Internet Security is an Oxymoron
Internet Security is an OxymoronInternet Security is an Oxymoron
Internet Security is an OxymoronMax Nokhrin
 
CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270CyberCrime - Lse summer school 2010 mg270
CyberCrime - Lse summer school 2010 mg270Dario
 
Careers in ethical hacking
Careers in ethical hackingCareers in ethical hacking
Careers in ethical hackingentranzz123
 
Careers in ethical hacking
Careers in ethical hackingCareers in ethical hacking
Careers in ethical hackingentranzz123
 
Computer Hacking by Rudy
Computer Hacking by RudyComputer Hacking by Rudy
Computer Hacking by RudyUdieh Moody
 
UW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing AwarenessUW School of Medicine Social Engineering and Phishing Awareness
UW School of Medicine Social Engineering and Phishing AwarenessNicholas Davis
 
Social media risk
Social media riskSocial media risk
Social media riskMosoco Ltd
 
A Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityA Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityRob Dudley
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyGabor Szathmari
 
Introduction to Raspberry Pi
Introduction to Raspberry PiIntroduction to Raspberry Pi
Introduction to Raspberry PiCyberGuider IT Services Inc.
 
Online Safety and Security
Online Safety and Security Online Safety and Security
Online Safety and Security Arah Louise
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationNick Chandi
 
Social media security
Social media securitySocial media security
Social media securityn|u - The Open Security Community
 
Reliability_Undesirability
Reliability_UndesirabilityReliability_Undesirability
Reliability_UndesirabilityMohamed Omar
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 
Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackersHarsh Sharma
 
C3 and digital citizenship
C3 and digital citizenshipC3 and digital citizenship
C3 and digital citizenshipJuliaHoesingVanderMolen
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Damir Delija
 
Cs
CsCs
CsRonak Dhola
 
Health Information Privacy and Security (October 21, 2020)
Health Information Privacy and Security (October 21, 2020)Health Information Privacy and Security (October 21, 2020)
Health Information Privacy and Security (October 21, 2020)Nawanan Theera-Ampornpunt
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Securityprimeteacher32
 
Security in the News
Security in the NewsSecurity in the News
Security in the NewsJames Sutter
 
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...Commonwealth Telecommunications Organisation
 
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Selman Bozkır
 
Private Date and PRYING Eyes - Talking Cybersecurity at After Work Network
Private Date and PRYING Eyes - Talking Cybersecurity at After Work NetworkPrivate Date and PRYING Eyes - Talking Cybersecurity at After Work Network
Private Date and PRYING Eyes - Talking Cybersecurity at After Work NetworkITP - Information Technology Professionals
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptxNOUREDDINEOUNINISSE
 
Endpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyEndpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyStephen Cobb
 
Eset cybersecurity awareness (laxman giri)
Eset cybersecurity awareness (laxman giri)Eset cybersecurity awareness (laxman giri)
Eset cybersecurity awareness (laxman giri)लक्ष्मण गिरी
 
Spam Morphs from a Nuisance to a Threat
Spam Morphs from a Nuisance to a ThreatSpam Morphs from a Nuisance to a Threat
Spam Morphs from a Nuisance to a ThreatOsterman Research, Inc.
 

More Related Content

What's hot

A Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityA Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityRob Dudley
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyGabor Szathmari
 
Online Safety and Security
Online Safety and Security Online Safety and Security
Online Safety and Security Arah Louise
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationNick Chandi
 
Reliability_Undesirability
Reliability_UndesirabilityReliability_Undesirability
Reliability_UndesirabilityMohamed Omar
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 
Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackersHarsh Sharma
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Damir Delija
 
Health Information Privacy and Security (October 21, 2020)
Health Information Privacy and Security (October 21, 2020)Health Information Privacy and Security (October 21, 2020)
Health Information Privacy and Security (October 21, 2020)Nawanan Theera-Ampornpunt
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Securityprimeteacher32
 

What's hot (14)

A Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application SecurityA Comedy of Errors in Web Application Security
A Comedy of Errors in Web Application Security
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
Introduction to Raspberry Pi
Introduction to Raspberry PiIntroduction to Raspberry Pi
Introduction to Raspberry Pi
 
Online Safety and Security
Online Safety and Security Online Safety and Security
Online Safety and Security
 
Data security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigationData security best practices for risk awareness and mitigation
Data security best practices for risk awareness and mitigation
 
Social media security
Social media securitySocial media security
Social media security
 
Reliability_Undesirability
Reliability_UndesirabilityReliability_Undesirability
Reliability_Undesirability
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
 
Introduction to hackers
Introduction to hackersIntroduction to hackers
Introduction to hackers
 
C3 and digital citizenship
C3 and digital citizenshipC3 and digital citizenship
C3 and digital citizenship
 
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
Encase cybersecurity alat za proaktivnu kontrolu korporativne it sigurnosti 2
 
Cs
CsCs
Cs
 
Health Information Privacy and Security (October 21, 2020)
Health Information Privacy and Security (October 21, 2020)Health Information Privacy and Security (October 21, 2020)
Health Information Privacy and Security (October 21, 2020)
 
Introduction to Information Security
Introduction to Information SecurityIntroduction to Information Security
Introduction to Information Security
 

Similar to Evolution of phishing Bsides Delft 2018

Security in the News
Security in the NewsSecurity in the News
Security in the NewsJames Sutter
 
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Selman Bozkır
 
Endpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyEndpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyStephen Cobb
 
Identity Theft
Identity TheftIdentity Theft
Identity TheftSimpletel
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1Abdelfatah hegazy
 
Cybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptxCybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptxRahulDasari12
 
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptxCybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptxSanjaiJinSanjaiJin
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxprtabal_25
 
Cybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessCybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessImran Khan
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorJames Krusic
 
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...dsapps
 
Oath appsec sf 2015 dem rev. 2
Oath appsec sf 2015 dem rev. 2Oath appsec sf 2015 dem rev. 2
Oath appsec sf 2015 dem rev. 2Donald Malloy
 

Similar to Evolution of phishing Bsides Delft 2018 (20)

Security in the News
Security in the NewsSecurity in the News
Security in the News
 
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...
Privacy and Protection of Online Identity in the New Internet Age CTO Cyberse...
 
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
 
Private Date and PRYING Eyes - Talking Cybersecurity at After Work Network
Private Date and PRYING Eyes - Talking Cybersecurity at After Work NetworkPrivate Date and PRYING Eyes - Talking Cybersecurity at After Work Network
Private Date and PRYING Eyes - Talking Cybersecurity at After Work Network
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptx
 
Endpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategyEndpoint and Server: The belt and braces anti-malware strategy
Endpoint and Server: The belt and braces anti-malware strategy
 
Eset cybersecurity awareness (laxman giri)
Eset cybersecurity awareness (laxman giri)Eset cybersecurity awareness (laxman giri)
Eset cybersecurity awareness (laxman giri)
 
Spam Morphs from a Nuisance to a Threat
Spam Morphs from a Nuisance to a ThreatSpam Morphs from a Nuisance to a Threat
Spam Morphs from a Nuisance to a Threat
 
Identity Theft
Identity TheftIdentity Theft
Identity Theft
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
E security and payment 2013-1
E security and payment 2013-1E security and payment 2013-1
E security and payment 2013-1
 
Cybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptxCybersecurity-Awareness-Presentation-17-May-22.pptx
Cybersecurity-Awareness-Presentation-17-May-22.pptx
 
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptxCybersecurity-Awareness-Presentation-17-May-22 (1).pptx
Cybersecurity-Awareness-Presentation-17-May-22 (1).pptx
 
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptxCyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
CyberSecurityPPdddsdsddssdsdssaT_V3_1.pptx
 
Cybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awarenessCybersecurity about Phishing and Secutity awareness
Cybersecurity about Phishing and Secutity awareness
 
Information Security Overview
Information Security OverviewInformation Security Overview
Information Security Overview
 
Social engineering-Attack of the Human Behavior
Social engineering-Attack of the Human BehaviorSocial engineering-Attack of the Human Behavior
Social engineering-Attack of the Human Behavior
 
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
API World 2019 Presentation on Securing sensitive data through APIs and AI pa...
 
Oath appsec sf 2015 dem rev. 2
Oath appsec sf 2015 dem rev. 2Oath appsec sf 2015 dem rev. 2
Oath appsec sf 2015 dem rev. 2
 

Recently uploaded

Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGDSC PJATK
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...FIDO Alliance
 
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfFrisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfAnubhavMangla3
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxFIDO Alliance
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch TuesdayIvanti
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data SciencePaolo Missier
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxFIDO Alliance
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewDianaGray10
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)Samir Dash
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxFIDO Alliance
 
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxCyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxMasterG
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentationyogeshlabana357357
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightSafe Software
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard37
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTopCSSGallery
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe中 央社
 
How to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in PakistanHow to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in Pakistandanishmna97
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxFIDO Alliance
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfalexjohnson7307
 

Recently uploaded (20)

Google I/O Extended 2024 Warsaw
Google I/O Extended 2024 WarsawGoogle I/O Extended 2024 Warsaw
Google I/O Extended 2024 Warsaw
 
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...Hyatt driving innovation and exceptional customer experiences with FIDO passw...
Hyatt driving innovation and exceptional customer experiences with FIDO passw...
 
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdfFrisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
Frisco Automating Purchase Orders with MuleSoft IDP- May 10th, 2024.pptx.pdf
 
Design Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptxDesign Guidelines for Passkeys 2024.pptx
Design Guidelines for Passkeys 2024.pptx
 
2024 May Patch Tuesday
2024 May Patch Tuesday2024 May Patch Tuesday
2024 May Patch Tuesday
 
Design and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data ScienceDesign and Development of a Provenance Capture Platform for Data Science
Design and Development of a Provenance Capture Platform for Data Science
 
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptxHarnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
Harnessing Passkeys in the Battle Against AI-Powered Cyber Threats.pptx
 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
 
UiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overviewUiPath manufacturing technology benefits and AI overview
UiPath manufacturing technology benefits and AI overview
 
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
AI+A11Y 11MAY2024 HYDERBAD GAAD 2024 - HelloA11Y (11 May 2024)
 
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptxTales from a Passkey Provider Progress from Awareness to Implementation.pptx
Tales from a Passkey Provider Progress from Awareness to Implementation.pptx
 
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptxCyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
Cyber Insurance - RalphGilot - Embry-Riddle Aeronautical University.pptx
 
AI mind or machine power point presentation
AI mind or machine power point presentationAI mind or machine power point presentation
AI mind or machine power point presentation
 
The Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and InsightThe Zero-ETL Approach: Enhancing Data Agility and Insight
The Zero-ETL Approach: Enhancing Data Agility and Insight
 
JohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptxJohnPollard-hybrid-app-RailsConf2024.pptx
JohnPollard-hybrid-app-RailsConf2024.pptx
 
Top 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development CompaniesTop 10 CodeIgniter Development Companies
Top 10 CodeIgniter Development Companies
 
Portal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russePortal Kombat : extension du réseau de propagande russe
Portal Kombat : extension du réseau de propagande russe
 
How to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in PakistanHow to Check GPS Location with a Live Tracker in Pakistan
How to Check GPS Location with a Live Tracker in Pakistan
 
Intro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptxIntro to Passkeys and the State of Passwordless.pptx
Intro to Passkeys and the State of Passwordless.pptx
 
Generative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdfGenerative AI Use Cases and Applications.pdf
Generative AI Use Cases and Applications.pdf
 

Evolution of phishing Bsides Delft 2018

  • 1. Evolution of Phishing Eva Tanaskoska Security Specialist 12-10-2018
  • 2. The weakest link in the security chain…
  • 3. Earliest stages of phishing – more than 20 years ago • First examples of credential harvesting: • AOL emails in the ‘90s. • First examples of malicious attachments: • ILOVEYOU worm.
  • 4. Log in to AOL to read your message
  • 5. A lovely love letter
  • 6. Type of information phished • Attackers targeted wide audiences with phishing campaigns aimed at gathering credentials, credit card information, personal information. • The increase in e-commerce accelerated these trends.
  • 7. What about spear-phishing? • Spear-phishing required more sophistication due to accessibility of information. • Previously attackers had to use newsletters and other sources to forge an attack. • Today the internet contains huge amounts of information related to an individual.
  • 8. Growing sophistication of phishing emails • Thanks to awareness campaigns, emails with broken English and typos have a lower success rate. • Modern phishing emails tend to contain links to the legitimate site and official logos, as well as names of actual employees and formal language.
  • 9. The technical side of phishing • Phishing techniques and malware have been continuously developing in sophistication. • Mostly due to modern preventive measures. • Even with all the preventive measures available today, it is still possible to execute even the oldest tricks in the book.
  • 13. … and the wonderful world of Office phishing
  • 14. Office “features” • Microsoft Office has historically enabled a huge amount of phishing attacks via intended features. • Examples include: • Office macros • Dynamic Data Exchange (DDE) • Object Linking and Embedding (OLE) • But most importantly… • HTML Applications (HTA)
  • 17. HTML Applications (HTA) • HTML Applications can be used to run a number of languages, such as Javascript, VBScript, JScript, etc. • Can be used to execute Powershell and ActiveX controls. • Everything is executed by mshta.exe.
  • 18. • So what about today?
  • 19. What kind of information is being targeted today? • Attackers search for: • Medical data. • Cryptocurrency keys. • SSH keys. • Corporate information. • E-commerce information.
  • 20. Sophistication • Phishing sophistication has greatly increased – from the Nigerian prince phishing to advanced attacks utilizing homographs, RLO characters, OAuth abuse, etc.
  • 21. Attack vectors today • Some old methods, such as .pdf.exe and macros still work. • Occasional file format exploits. • Microsoft Office and Windows feature abuses. • HTML Applications seem immortal at this point. • Zero days?
  • 22. Demo!