Upload File

paul ducklin senior technologist · paul ducklin senior technologist phishing is dead. long live...

  • Home
  • Documents
  • Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
32
Paul Ducklin Senior Technologist

Upload: others

Post on 22-Jul-2020

1 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Paul Ducklin Senior Technologist

Page 2: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Paul Ducklin Senior Technologist

Phishing is dead. Long live phishing!

Page 3: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Paul Ducklin Senior Technologist

Phishing A story in pictures

Page 4: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Paul Ducklin

Who am I?

[email protected]

@duckblog

nakedsecurity.sophos.com

Page 5: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

An electronic message of some sort that tricks you into giving away personal information that you wish

you'd kept to yourself

Phishing

Page 6: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

An email or IM that tricks you into saying something

you wish you hadn't“

Phishing

Page 7: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Subject: Account Review Team

From: "PayPal" <[email protected]>

Please take a minute to read this urgent notification sent by our Account Review Team.

Our security system has blocked unusual charges to a credit card linked to your account.

An intrusion into your account has been detected which shows that someone tried to access your PayPal account without your permission. we have limited access to your account due to this problem.

Thanks for your high attention. Please do understand that this is a security measure taken with intention to protect you and account.

Page 8: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 9: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

I back myself to spot phishing emails, assuming they get through the spam

filter in the first place

“”

Page 10: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 11: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 12: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 13: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 14: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

I back myself to spot phishing emails, assuming they get through the spam

filter in the first place

“”

Page 15: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 16: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 17: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 18: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

I back myself to spot phishing emails, assuming

they aren't the sort of thing I'd usually expect

“”

Page 19: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Account notification: http:/yourbank.example.com

1 new Secure Email http:/your bankexamplecom

Your online statement is ready htp yourbankexamplecom

Page 20: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 21: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

I back myself to spot phishing emails, but

SMSes aren't emails and they arrive on my phone

“”

Page 22: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 23: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 24: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin
Page 25: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Spearphishing

Subject: Outstanding payment amount

Regarding the amount due 456.78 GBP, we act on behalf of Zxxxxxx Yyyy in order to collect the outstanding value of your debt.

Original invoice will be send out to:

Aaaaaaaa Bbbbbbbbbbbb 72 Acacia Avenue Abingdon Oxfordshire OX14 XXX

Page 26: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Spearphishing

Page 27: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Survey scams

Page 28: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Money laundering

Page 29: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

Business email compromise / Whaling

Page 30: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

What to know?

Phishes don't just ask for passwords 1

Phishes don't only arrive by email 2

Phishes may come from people you know3

Phishes often look harmless4

Page 31: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

What to do?

Sophos Phish ThreatPhishing attack simulation and training for your end users

Page 32: Paul Ducklin Senior Technologist · Paul Ducklin Senior Technologist Phishing is dead. Long live phishing! Paul Ducklin Senior Technologist Phishing A story in pictures. Paul Ducklin

ISACA_21st century technologist

CAREERS IN RADIOLOGIC TECHNOLOGY RADIOLOGIC TECHNOLOGIST –RADIOGRAPHER –X-RAY TECHNOLOGIST TECHNICIAN TECHNICIANRADIOLOGIST

The Financial Technologist

UNCLASSIFIED//FOUO DoD Spear-Phishing Awareness Training · Spear Phishing is a GREATER threat!!! Spear Phishing is a highly targeted phishing attempt. The attacker selectively chooses

Anti-Phishing Technology - APWG › reports › phishing-sfectf-report.pdf · 1/19/2005 Anti-Phishing Technology 2 The frequency of phishing attacks has increased dramatically in

What is Phishing | How to Spot a Phishing email or Website 2020 | Antivirus for Phishing Attack

Hyperbaric technologist

Sleep Technologist Licensure

Internal Corrosion Technologist-

Phishing - CERT.hr · 2018. 5. 29. · phishing poruku uvjerljivijom. 2.1.1 Lažno predstavljanje Kako bi phishing poruka bila uvjerljiva, i time cijeli phishing napad uspio, prvi

Other Scopes - QCHP scopes.pdf · Other Scopes Anesthesia Technologist Dialysis Technician Dialysis Technologist Pharmacy Technician Endoscopy Technician Urology Technologist Assistant

NUCLEAR MEDICINE TECHNOLOGIST

Phishing Spear Phishing - ASSP Region I€¦ · Phishing& Spear Phishing attacks are similar -key differences: •Phishingcampaign -very broad and automated, think 'spray & pray’

The Surgical Technologist

Technologist ReRegistration AppForm

Phishing-Aware: A Neuro-Fuzzy Approach for Anti-Phishing ...networking.khu.ac.kr/.../data/Phishing-Aware.pdfPhishing-Aware: A Neuro-Fuzzy Approach for Anti-Phishing on Fog Networks

COMBATTING MODERN EMAIL PHISHING ATTACKS · 2016-11-07 · Combatting modern email phishing attacks More effective than traditional phishing scams, spear-phishing attacks are carefully

Mobile Phishing Protection · Mobile Phishing Protection Anywhere Zero-Hour Protection Against the Broadest Range of Phishing Threats for iOS and Android SlashNext Mobile Phishing

Why phishing still works: user strategies for combating phishing … · 2020. 9. 23. · Why phishing still works: user strategies for combating phishing attacks Mohamed Alsharnouby,

October 2006 Technologist

Asean Engineer Technologist

Table of Contents - RiskSOURCE Clark-Theders › wp-content › uploads › 2019 › 05 › ... · 4 Phishing vs. Spear Phishing Often, the terms phishing and spear phishing are used

Sophos paul ducklin

Trainee Technologist Neurophysiology

Medical Technologist powerpoint

The Applied Science and Engineering Technology … · • MINERAL TECHNOLOGIST • CORROSION TECHNOLOGIST • RESERVOIR TECHNOLOGIST ... to the provincial association in question

PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques

Chief Marketing Technologist

NEBRASKA CAREER TOURS WHAT TO EXPECTtechnician, quality control technician, cardiovascular technologist, exercise psychologist, medical technologist, nuclear medicine technologist,

Phishing the Web · Phishing the web / Peter Panter / 20041227 Introduction to the „Phishing“ phenomenon Word Origin • Roots of the word „phishing“ derive from „fishing“,

Phishing - Fred 151 · 2020-03-21 · di Phishing. 2 Identificare Come riconoscere il Phishing. Cosa fare se siamo vittime di Phishing 3 Esempi Esempi di email di Phishing. 4 Test

AWARENESS OF PHISHING SCENARIO - CYBERWISER.eu · 2020. 11. 19. · Phishing attack exercise •Identify phishing indicators in an email. •Distinguish phishing from legitimate emails

Anti-Phishing Technologydocs.apwg.org/reports/phishing-sfectf-report.pdf1/19/2005 Anti-Phishing Technology 2 The frequency of phishing attacks has increased dramatically in recent

Gone Phishing, an Anti-Phishing Program Journey€¦ · Gone Phishing, an Anti-Phishing Program Journey Ava Logan-Woods, Information Security Specialist Eshante Lovett, Information

Surgical Technologist - okcareertech.org