gone phishing: tips, tricks and lessons learned in the ... · cybersecurity webinar series...
TRANSCRIPT
![Page 1: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/1.jpg)
© 2019 Jack Henry & Associates, Inc.®1 © 2019 Jack Henry & Associates, Inc.®
Gone Phishing: Tips, Tricks and Lessons Learned in
the Battle of Social Engineering
Moderator: Sebastian Fazzino
Director, Sales Operations
Gladiator & Financial Crimes Solutions
Presenter: Keith Haskett
CEO
Rebyc Security
![Page 2: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/2.jpg)
© 2020 Jack Henry & Associates, Inc.®2
Cybersecurity Webinar Series
• Multi-part, educational series
• Proactive Cybersecurity: Staying Ahead of Threats
1. Assessing Your Biggest Security Risks Before It Is Too Late – October 29th
2. Machine Learning and the Latest Protection methods – December 12th
3. Cyber Threats and Trends for 2020 – January 14th
4. Ransomware is alive and well: are you? – February 12th
5. Gone Phishing: Tips, Tricks and Lessons Learned in the Battle of Social
Engineering – March 18th
6. Unleashing the true value of GRC - April 29th
![Page 3: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/3.jpg)
© 2020 Jack Henry & Associates, Inc.®3
![Page 4: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/4.jpg)
© 2020 Jack Henry & Associates, Inc.®4
Today’s ATTACK PLAN:
Phishing Types
• Spear
• Romance
• BEC
• Whitepages
• Hunter.IO
Tools of the Trade
• Site Cloning
• GoPhish
Exploit Gathered
Creds
• Email Guidance
• Password Policies
• Multifactor
Phishing Defense
Social Eng& Physical Security
• IOT
• Dumpster Diving
• Social Media
![Page 5: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/5.jpg)
© 2020 Jack Henry & Associates, Inc.®5
Phishing
Types
![Page 6: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/6.jpg)
© 2020 Jack Henry & Associates, Inc.®6
Romance Fraud
• Use fake identities to build online
relationships with victims
• Use sites Tinder, Bumble &
Match.com
• $362M in loses - 2018
![Page 7: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/7.jpg)
© 2020 Jack Henry & Associates, Inc.®7
Spear Phishing
• Target specific individual, group or
business with malicious intent.
• Doesn’t differentiate – Senior
Leaders and entry level employees
• Financial Institutions are some of
the most heavily targeted
• Email looked like it came from her Asst.
• Asked to wire $388K
• Bookkeeper didn’t think anything
suspicious – Wired the funds.
![Page 8: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/8.jpg)
© 2020 Jack Henry & Associates, Inc.®8
Business Email Compromise• Can take on many forms – Spear,
Romance Fraud, Wire Fraud, etc.
• Take over accounts, spoof accounts
or access and listen.
• Use details gained against their
marks.
![Page 9: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/9.jpg)
© 2020 Jack Henry & Associates, Inc.®9
Social
Eng &
Physical
Security
![Page 10: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/10.jpg)
© 2020 Jack Henry & Associates, Inc.®10
Internet of Things (IOT)
![Page 11: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/11.jpg)
© 2020 Jack Henry & Associates, Inc.®11
Internet of Things (IOT)
![Page 12: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/12.jpg)
© 2020 Jack Henry & Associates, Inc.®12
Other Social Engineering and Physical Security
• Vishing
• Unauthorized Vendors Onsite
• USB Devices
• Password Security
• Shoulder Surfing
• Document Shredding – Dumpster Diving
• Doors, Windows, and Access Points
• Badge Cloning
![Page 13: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/13.jpg)
© 2020 Jack Henry & Associates, Inc.®13
Attackers Love
Social Media Too
![Page 14: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/14.jpg)
© 2020 Jack Henry & Associates, Inc.®14
Tools of
the Trade
![Page 15: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/15.jpg)
© 2020 Jack Henry & Associates, Inc.®15
• Search Full Names, Phone
Numbers, Reverse Number
Lookup
• Search Business Associates,
Previous Addresses, Email
Addresses
• Unlimited Searches for 4.95/Month
• Background Checks for 19.95 per
Person
![Page 16: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/16.jpg)
© 2020 Jack Henry & Associates, Inc.®16
• List of Email Addresses
Found in Previous Breaches
• Many Employees Re-Use
Passwords
• Many Employees Use Work
Resources for non-work
items
• Extremely Valuable for
Credential Stuffing Attacks
![Page 17: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/17.jpg)
© 2020 Jack Henry & Associates, Inc.®17
• $9/Month Cost
• Continuously Scanning Entire
Internet
• IoT, ICS, Routers, Switches,
• Search by Company, IP
Ranges, Name
![Page 18: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/18.jpg)
© 2020 Jack Henry & Associates, Inc.®18
Gathering Email
Addresses - Simply
![Page 19: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/19.jpg)
© 2020 Jack Henry & Associates, Inc.®19
Exploit
Gathered
Creds
![Page 20: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/20.jpg)
© 2020 Jack Henry & Associates, Inc.®20
Got 12 Dollars?
Become a Company!
![Page 21: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/21.jpg)
© 2020 Jack Henry & Associates, Inc.®21
Import Most sites
With a Click!
![Page 22: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/22.jpg)
© 2020 Jack Henry & Associates, Inc.®22
Looks Legit To Me!
![Page 23: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/23.jpg)
© 2020 Jack Henry & Associates, Inc.®23
![Page 24: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/24.jpg)
© 2020 Jack Henry & Associates, Inc.®24
How are We Doing?
Submitted Data
205
Emails Sent
4086
Emails Opened
1036
Clicked Link
372
![Page 25: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/25.jpg)
© 2020 Jack Henry & Associates, Inc.®25
Phishing
Defense
![Page 26: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/26.jpg)
© 2020 Jack Henry & Associates, Inc.®26
Why Security
Solutions Fail?• Improperly Configured Spam Filtering / Web
Filtering Solutions
• Lack of multi-factor authentication for ALL accounts
• Lack of security coverage enterprise-wide
• Accessing external resources (Gmail/Dropbox)
• Utilizing corporate resources at home or while traveling
![Page 27: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/27.jpg)
© 2020 Jack Henry & Associates, Inc.®27
How You Can Stay Safe• Check to see if your email has been compromised
• Use SEPARATE & UNIQUE passwords for ALL accounts
• Do NOT use work email for non-work purposes
• Use One-Time email addresses when signing up
• Avoid public Wi-Fi – Use VPN when connected
• Don’t click on links from strangers
• Use common sense & Multi-factor Authentication
![Page 28: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/28.jpg)
© 2020 Jack Henry & Associates, Inc.®28
What We See Working
• User Awareness Training (Often!)
• Credential Theft Protection
• Machine Learning / AI Solutions
• Robust and tuned spam and web filtering
• Protect against current attacks?
• Allow access to new web sites? Unclassified
web sites?
• Always-On VPN
![Page 29: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/29.jpg)
© 2020 Jack Henry & Associates, Inc.®29
![Page 30: Gone Phishing: Tips, Tricks and Lessons Learned in the ... · Cybersecurity Webinar Series •Multi-part, educational series •Proactive Cybersecurity: Staying Ahead of Threats 1](https://reader033.vdocuments.us/reader033/viewer/2022052800/5f0f394d7e708231d44319dc/html5/thumbnails/30.jpg)
© 2020 Jack Henry & Associates, Inc.®30
Thank you for your t ime