End-to-End Measurements of Spoofing Attacks. Hang Hu, Gang Wang Computer Science, Virginia Tech
|
|
- Marian Taylor
- 5 years ago
- Views:
Transcription
1 End-to-End Measurements of Spoofing Attacks Hang Hu, Gang Wang Computer Science, Virginia Tech
2 Spear Phishing is a Big Threat Spear phishing: targeted phishing attack, often involves impersonation 91% of targeted attacks involve spear phishing 1 95% of state-affiliated espionage attacks are traced to phishing 2 1. Enterprise Phishing Susceptibility and Resiliency Report, PhishMe, DataBeach Investigation Report, Verizon,
3 Real-life Spear Phishing Examples Yahoo Data Breach in 2014 John Podesta s Gmail Account 500 Million Yahoo! User AccountChairman Hillary Clinton 2016 Campaign From Google Affected [accounts.googl .com] Why can phishers still impersonate others so easily? 3
4 I Performed a Spear Phishing Test I impersonated USENIX Security co-chairs to send spoofing s to my account (hanghu@vt.edu) Auto-loaded Profile Picture Adrienne Porter Felt felt@chromium.org From Adrienne Porter Felt From William Enck William Enck felt@chromium.org whenck@ncsu.edu whenck@ncsu.edu 4
5 Background: SMTP & Spoofing Simple Mail Transfer Protocol (SMTP) defined in 1982 SMTP has no built-in authentication mechanism Spoof anyone by modifying MAIL FROM field of SMTP HTTP SMTP SMTP HTTP POP IMAP William ncsu.edu Mail Server vt.edu Mail Server Hang SMTP MAIL FROM: Attacker Mail Server 5
6 SMTP, 1982 Existing Anti-spoofing Protocols MAIL FROM: IP: SPF Process Sender Policy Framework (SPF), 2002 IP based authentication DomainKeys Identified Mail (DKIM), 2004 Public key based authentication SPF Record ncsu.edu Publish DNS Is the IP authorized? Domain-based Message Authentication, Reporting and Conformance (DMARC), 2015 Based on SPF and DKIM Publish policy Yes Is the IP authorized? No MAIL FROM: IP: vt.edu Attacker 6
7 How Widely are Anti-spoofing Protocols Used? Scanned SPF and DMARC records of Alexa top 1 million domains When an fails SPF/DMARC: - Relaxed: No recommending policy - Strict: Rejecting failed s After years, the Less adoption than rates are still low 50% And they also increase slowly Around 5% 7
8 This Study Research questions - How do providers detect and handle spoofing s? - Under what conditions can spoofing s penetrate the defense? - Once spoofing s get in, how do providers warn users? Measurement + user study - 35 popular providers reaction to spoofing s - A user study (N=488) to examine users reaction to warnings 8
9 Outline Introduction End-to-end SpoofingExperiments User Study 9
10 End-to-end Spoofing Experiments Goal: Understand how providers handlespoofing s Method: - Black-box testing - Control inputand observe output Register our own accounts as receivers Change input MAIL FROM: forged@a.com SMTP IMAP POP Client test@gmail.com Our Mail Server Target Server Gmail.com 10
11 Target Providers 35 providers Client Our Mail Server Target Server Full Authentication Check (16) Partial Authentication (15) No Authentication (4) 11
12 Controlled Parameters for Spoofing s Spoofing Client Our Mail Server Target Server Spoofed Sender x 30 SPF/DKIM, strict policy (x10) SPF/DKIM, relaxed policy (x10) No SPF/DKIM/DMARC (x10) Content x 5 Phishing, Benign Blank, Blank w/ URL, Blank w/ attachment IP x 2 Static, Dynamic Experiment Setup IRB Approved Repeat 5 times Randomized sending order 30 x 5 x 2 x 5 = s per service 1500 x 35 = s in total Carefully controlled sending rate 12
13 Penetration Rate Full Authentication Check Check SPF/DKIM but not DMARC No Authentication 53.0% 35.0% 0.0% 100.0% 7.0% 27.0% providersstill let spoofing s in even ifthey conduct authentication check 13
14 Impacting Factors Full Authentication: Strict: SPF/DKIM, Check Strict SPF DMARC & DKIM policy & DMARC PartialSender Relaxed: Authentication: strict policy SPF/DKIM, CheckSPF/DKIM, Relaxed DMARCpolicy notdmarc No Authentication: Receiver full authentication None: No SPF/DKIM/DMARC Don t checkspf/dkim/dmarc The penetration rate is lowest but still 13% Spoofed Sender Address Profile Penetration Rate Strict Relaxed None Full Authentication Receiver Partial Authentication No Authentication It takes both senders and receivers to configure correctly IP Penetration Rate Content Phishing Benign Blank Blank w/ URL Blank w/ attachment 2. Even so there are 13% penetration rate Static 0.60 Penetration When Rate receiver doesn t When do authentication, sender didn t the publish authentication Dynamic 0.34 penetration rates are more records, than the 94% penetration rate is the highest 14
15 How Do Providers Give Warning 29/35 web clients and 24/28 mobileclients didn t give any warnings Gmail Web Mobile Naver Protonmail 163.com 126.com Mail.ru 15
16 Outline Introduction End-to-end SpoofingExperiments User Study 16
17 How Effective are These Security Indicators Research Questions - Howdo users react to spoofing s? - Howeffective arewarnings? Challenge - Howto capture the realistic user reactions? - Lab experiment has limited ability to reflect reality [3] Method IRB Approved - Try to make users not aware they are in an experiment to capture realistic reaction - Inform users after experiment - Users can withdraw data anytime with payment 3. The Emperor s New Security Indicators An evaluation of website authentication and the effect of role playing on usability studies, IEEE S&P 17 17
18 Phase 1/2: Set Up Deception Frame the study as a survey to understand using habits - Ask for users address - Send the participant an with 1x1 tracking pixel - Ask questions about the using habits and other distraction questions - Pay users and make users believe the survey is over Purpose: - Collect and validate users addresses - Test if the tracking pixel works 18
19 Phase 2/2: Sending Actual Spoofing s Wait for 10 days and send users spoofing s Wait for another 20 days and send debriefing s From Amazon Mechanical Turk Embedded Warning A link points to our server Invisible Tracking Pixel 19
20 Deception User Study: Recruiting Participants Amazon Mechanical Turk Recruited 488 users in no warning group in warning group Female 51% Gender Male 49% >=50 14% % Age % <= 29 32% graduate 21% Education bachelor 35% high-school 10% some college 34% 20
21 Deception User Study: Results Phase Users Without Warning With Warning Phase 1 Phase 2 Click Rate All Participants Not Blocking Pixel Opened Clicked URL Overall After Opening % 48.9% % 37.2% 1. Warning only slightlylowers the click rate 2. The absolute click rate is still high 21
22 Discussion A big gap between server detection and user protection - Most providers let spoofing s reach inbox - Most providers lacknecessary warnings - Warnings can t fully eliminate the risk Countermeasures - Promote SPF, DKIM and DMARC - Place warning consistently across web and mobile clients Future work Design more effective warnings Defeat warning fatigue User training and education 22
23 Thank You 23
24 Deception User Study: Results 24
25 Things are Worse with Less Popular Domains 25
26 Misleading UI Elements When spoofing existing contacts or conducting same-domain spoofing Profile Picture Name Card History Web & Mobile Web Mobile Web & Mobile Web Mobile Web & Mobile Web 26
27 Misleading UI Elements Seznam.cz 27
28 Spoofing is a Critical Step in Spear Phishing spoofing is widely used in spear phishing attacks - Business compromise (BEC) scams became a major problem in Use similar domain names or spoofed domain names 3 2. Figure from Phishing Activity Trends Report 4 th quarter 2017, APWG. 3. Phishing Activity Trends Report, 1 st -3 rd quarters 2015, APWG. 28
29 From Virginia Tech [vt.edu] Virginia Tech 2017 Link 29
30 Misleading UI Elements Auto-loaded Profile Picture False Security Cue Auto-loaded name card and history 30
31 Deception User Study: Results Users Without Indicator With Indicator Desktop Mobile Desktop Mobile Opened Clicked URL Click Rate 46.7% 51.0% 36.6% 37.8% 31
32 End-to-end Spoofing Experiments: Results providersstill let forged s in even ifthey conduct authentication check Hotmail.com blocked all forged 32
33 End-to-end Spoofing Experiments: Results providersstill let forged s in even ifthey conduct authentication check 33
34 End-to-end Spoofing Experiments: Results No authentication group let almost all forged s in 34
35 End-to-end Spoofing Experiments: Results Authentication Static Dynamic Full Authentication Check SPF DKIM But not DMARC IP No authentication It s easier for static IP to conduct spoofing 35
On the Surface. Security Datasheet. Security Datasheet
Email Security Datasheet Email Security Datasheet On the Surface No additional hardware or software required to achieve 99.9%+ spam and malware filtering effectiveness Initiate service by changing MX Record
More informationSecurity & Phishing
Email Security & Phishing Best Practices In Cybersecurity Presenters Bill Shieh Guest Speaker Staff Engineer Information Security Ellie Mae Supervisory Special Agent Cyber Crime FBI 2 What Is Phishing?
More informationThe Anti-Impersonation Company. Date: May 2 nd, ValiMail. All Rights Reserved. Confidential and Proprietary.
The Email Anti-Impersonation Company Date: May 2 nd, 2017 Email: I need you, but I don t trust you 3 90%+ of cyber attacks start with a phish 4 Anyone can send email in your name Your Company 3 rd -Party
More informationSecurity by Any Other Name:
Security by Any Other Name: On the Effectiveness of Provider Based Email Security Ian Foster, Jon Larson, Max Masich, Alex C. Snoeren, Stefan Savage, and Kirill Levchenko University of California, San
More informationCompetitive Matrix - IRONSCALES vs Alternatives
Competitive Matrix - IRONSCALES vs Alternatives Traditional Awareness and Training Features IRONSCALES SEG PhishMe Wombat Knowbe4 Sans Institute Simulation & Training Compliance PCI/DSS, HIPAA, GLBA to
More informationFRAUD DEFENSE: How To Fight The Next Generation of Targeted BEC Attacks
EMAIL FRAUD DEFENSE: How To Fight The Next Generation of Targeted BEC Attacks Brian Westnedge bwestnedge@proofpoint.com November 8, 2017 1 2017 Proofpoint, Inc. THE BUSINESS PROBLEM BUSINESS EMAIL COMPROMISE
More informationWebomania Solutions Pvt. Ltd. 2017
The other name for link manipulation is Phishing or you can say link manipulation is type of phishing attack done generally to mislead the user to a replica website or a looka-like of some well-known site.
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationCybersecurity in 2016 and Lessons learned
Cybersecurity in 2016 and Lessons learned Dr. Yu Cai Associate Professor Program Chair, Computer Network & System Administration School of Technology Michigan Technological University cai@mtu.edu A Quick
More informationDMARC ADOPTION AMONG
DMARC ADOPTION AMONG Top US Colleges and Universities Q1 2018 Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE OF CONTENTS Introduction... 03 Research Overview... 04 Top US Colleges
More informationDMARC Continuing to enable trust between brand owners and receivers
DMARC Continuing to enable trust between brand owners and receivers February 2014 1 DMARC Defined DMARC stands for: Domain-based Message Authentication, Reporting & Conformance (pronounced dee-mark ) 2
More informationPhishing Discussion. Pete Scheidt Lead Information Security Analyst California ISO
Phishing Discussion Pete Scheidt Lead Information Security Analyst California ISO 2 Phish What is Phishing Types of Phish 3 Phish What is Phishing Attackers (Phishers) would email (cast their nets) far
More informationAnti-Spoofing. Inbound SPF Settings
Anti-Spoofing SonicWall Hosted Email Security solution allows you to enable and configure settings to prevent illegitimate messages from entering your organization. Spoofing consists of an attacker forging
More informationSocial Phishing. Tom Jagatic Nate Johnson Markus Jakobsson Filippo Menczer
Social Phishing Tom Jagatic Nate Johnson Markus Jakobsson Filippo Menczer Dept. of Computer Science School of Informatics Indiana University, Bloomington http://www.indiana.edu/~phishing/ Motivation Web
More informationDMARC ADOPTION AMONG
DMARC ADOPTION AMONG Top US Colleges and Universities Q1 2018 Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE OF CONTENTS Introduction... 03 Research Overview... 04 Top US Colleges
More informationDesign and Implementation of a DMARC Verification Result Notification System
Proceedings of the APAN Research Workshop 2016 ISBN 978-4-9905448-6-7 Design and Implementation of a DMARC Verification Result Notification System Naoya Kitagawa, Toshiki Tanaka, Masami Fukuyama and Nariyoshi
More informationHow Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong
How Enterprise Tackles Phishing Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong Hackers turning to easy marks - Social engineering Phishing was the #1 threat vector (> 50%) for Office
More informationDMARC ADOPTION AMONG. SaaS 1000 Q Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok
DMARC ADOPTION AMONG SaaS 1000 Q1 2018 Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE OF CONTENTS Introduction... 03 Research Overview... 04 SaaS 1000... 05 DMARC Adoption Among SaaS
More informationEvolution of Spear Phishing. White Paper
Evolution of Spear Phishing White Paper Executive Summary Phishing is a well-known security threat, but few people understand the difference between phishing and spear phishing. Spear phishing is the latest
More informationSecurity Protection
Email Security Protection Loay Alayadhi Abstract: Email is the most important business communication tool. Security has been an issue in mail from ancient times. Therefore, email security protection has
More informationThe Highly Insidious Extreme Phishing Attacks
The Highly Insidious Extreme Phishing Attacks Rui Zhao, Samantha John, Stacy Karas, Cara Bussell, Jennifer Roberts, Daniel Six, Brandon Gavett, and Chuan Yue Colorado School of Mines, Golden, CO 80401
More information2017 Annual Meeting of Members and Board of Directors Meeting
2017 Annual Meeting of Members and Board of Directors Meeting Dan Domagala; "Cybersecurity: An 8-Point Checklist for Protecting Your Assets" Join this interactive discussion about cybersecurity trends,
More informationSecurity and Privacy
E-mail Security and Privacy Department of Computer Science Montclair State University Course : CMPT 320 Internet/Intranet Security Semester : Fall 2008 Student Instructor : Alex Chen : Dr. Stefan Robila
More informationOffice 365: Secure configuration
Office 365: Secure email configuration Published September 2017 Copyright 2017 Health and Social Care Information Centre. The Health and Social Care Information Centre is a non-departmental body created
More informationHow to Conquer Targeted Threats: SANS Review of Agari Enterprise Protect
How to Conquer Targeted Email Threats: SANS Review of Agari Enterprise Protect A SANS Product Review Written by Dave Shackleford May 2017 Sponsored by Agari 2017 SANS Institute Introduction: Email Is a
More informationA Federal Agency Guide to Complying with Binding Operational Directive (BOD) 18-01
Table of Contents Introduction... 2 Required Actions Overview... 2 Required Actions Email Security... 3 Required Actions Web Security... 9 Status of Implementation... 11 Roles and Responsibilities... 11
More informationM 3 AAWG DMARC Training Series. Mike Adkins, Paul Midgen DMARC.org October 22, 2012
M 3 AAWG DMARC Training Series Mike Adkins, Paul Midgen DMARC.org October 22, 2012 M3AAWG DMARC Training Videos (2.5 hours of training) This is Segment 1 of 6 The complete series of DMARC training videos
More informationDMARC ADOPTION AMONG
DMARC ADOPTION AMONG Top 100 Chinese Brands Q1 2018 Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE OF CONTENTS Introduction... 03 Research Overview... 04 Top 100 Chinese Brands...
More informationAbout Us. Overview Integrity Audit Fighting Malicious & Deceptive August 13, 2014
2014 Email Integrity Audit Fighting Malicious & Deceptive Email August 13, 2014 Craig Spiezle Executive Director & President, OTA Mike Jones Director of Product Management, Agari About Us The Online Trust
More informationDMARC ADOPTION AMONG e-retailers
DMARC ADOPTION AMONG e-retailers Q1 2018 Almost 90% of Top US and EU e-retailer Domains Fail to Protect Consumers from Phishing Attacks Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE
More informationUpdate on new Microsoft Cloud Technology
Update on new Microsoft Cloud Technology Advanced Threat Protection Thomas Collier Technical Pre-Sales OFFICE 365 PHISH PROTECTION STACK Protect during Mail Flow Protect Post Delivery Detect & Respond
More informationUsability Testbed for Website Authentication Technologies
Usability Testbed for Website Authentication Technologies Maritza Johnson, Chaitanya Atreya, Adam Aviv, Mariana Raykova, Bryan Gwin, and Steve Bellovin 1 Financial Services Technology Consortium: Authenticating
More informationAn Executive s FAQ About Authentication
An Executive s FAQ About Email Authentication Understanding how email authentication helps your organization protect itself from phishing with an approach that s radically different from other security
More informationDMARC ADOPTION AMONG. SaaS 1000 Q Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok
DMARC ADOPTION AMONG SaaS 1000 Q1 2018 Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE OF CONTENTS Introduction... 03 Research Overview... 04 SaaS 1000... 05 DMARC Adoption Among SaaS
More informationREPORT. proofpoint.com
REPORT proofpoint.com Email fraud, also known as business email compromise (BEC), is one of today s greatest cyber threats. These socially engineered attacks seek to exploit people rather than technology.
More informationDMARC ADOPTION AMONG
DMARC ADOPTION AMONG US and UK Nonprofit Organizations Q2 2018 Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE OF CONTENTS Introduction... 03 Research Overview... 04 US and UK Nonprofit
More informationDMARC ADOPTION AMONG e-retailers
DMARC ADOPTION AMONG e-retailers Q1 2018 Almost 90% of Top US and EU e-retailer Domains Fail to Protect Consumers from Phishing Attacks Featuring Matthew Vernhout (CIPP/C) Director of Privacy, 250ok TABLE
More informationIRONSCALES Federation Combines Human Intelligence with Machine Learning to Discover & Stop Spear-Phishing Attacks
IRONSCALES Federation Combines Human Intelligence with Machine Learning to Discover & Stop Spear-Phishing Attacks Phishing attacks have evolved in sophistication and frequency since they first originated
More informationTrendMicro Hosted Security. Best Practice Guide
TrendMicro Hosted Email Security Best Practice Guide 1 Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. The names of companies,
More informationTrustwave SEG Cloud BEC Fraud Detection Basics
.trust Trustwave SEG Cloud BEC Fraud Detection Basics Table of Contents About This Document 1 1 Background 2 2 Configuring Trustwave SEG Cloud for BEC Fraud Detection 5 2.1 Enable the Block Business Email
More informationTABLE OF CONTENTS Introduction: IS A TOP THREAT VECTOR... 3 THE PROBLEM: ATTACKS ARE EVOLVING FASTER THAN DEFENSES...
The Guide TABLE OF CONTENTS Introduction: EMAIL IS A TOP THREAT VECTOR... 3 THE PROBLEM: ATTACKS ARE EVOLVING FASTER THAN EMAIL DEFENSES... 4 Today s Top Email Fraud Tactics...5 Advanced Malware...8 Outbound
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More informationPrivate Browsing: an Inquiry on Usability and Privacy Protection
Private Browsing: an Inquiry on Usability and Privacy Protection Xianyi Gao*, Yulong Yang*, Huiqing Fu*, Janne Lindqvist*, Yang Wang+ *Rutgers University +Syracuse University Published in WPES 2014 What
More informationUK Healthcare: DMARC Adoption Report Security in Critical Condition
UK Healthcare: DMARC Adoption Report Email Security in Critical Condition Executive Summary Email is one of the primary digital channels for digital engagement. But email has never been secure. Phishing
More informationX-Platform Phishing: Abusing Trust for Targeted Attacks
X-Platform Phishing: Abusing Trust for Targeted Attacks Short Paper Hossein Siadati, Toan Nguyen, Nasir Memon {hossein, toan.v.nguyen, memon}@nyu.edu New York University Abstract. The goal of anti-phishing
More informationDeep Sea Phishing: Examples & Countermeasures
Deep Sea Phishing: Examples & Countermeasures Phishing is impersonation of a person or brand. Our focus is email-based phishing. Phishing is not malware, spam, or xss, although these often coincide. Current
More informationA Buyer s Guide to DMARC
0800 133 7127 support@lawyerchecker.co.uk A Buyer s Guide to DMARC Meet the cyber security protocol that reduces phishing attacks and improves email deliverability 1971 First email sent 1982 SMTP established
More informationAgari Global DMARC Adoption Report: Open Season for Phishers
Agari Global DMARC Adoption Report: Open Season for Phishers Executive Summary Based on Agari research of public DNS records, 92 percent of all Fortune 500 companies have left their customers and business
More informationJAPAN CYBER-SAVVINESS REPORT 2016 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN JAPAN
JAPAN CYBER-SAVVINESS REPORT 2016 CYBERSECURITY: USER KNOWLEDGE, BEHAVIOUR AND ATTITUDES IN JAPAN 1. Why did ESET undertake this survey? 2. Survey methodology 3. Key highlights 4. User confidence in protecting
More informationBUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST FRAUD
BUILDING AN EFFECTIVE PROGRAM TO PROTECT AGAINST EMAIL FRAUD Navindra Ramnauth CISSP Principal Sales Engineer 1 2017 Proofpoint, Inc. Proofpoint at a Glance LEADING CUSTOMERS DEEP SECURITY DNA UNIQUE VISIBILITY
More informationSecuring, Protecting, and Managing the Flow of Corporate Communications
Securing, Protecting, and Managing the Flow of Corporate Communications Getting mailflow right Dave Stork Technical Consultant OGD ict-diensten QR: URL to Presentation Who am I? Dave Stork Technical consultant
More informationPhishing Attacks. Mendel Rosenblum. CS142 Lecture Notes - Phishing Attack
Phishing Attacks Mendel Rosenblum Phishing Basic idea: Get unsuspecting users to visit an evil Web site Convince them that the evil Web site is actually a legitimate site (such as a bank or PayPal) Trick
More informationEvolution of a Phish That Got Through the Net[work]
Evolution of a Phish That Got Through the Net[work] Allan Carey ISACA San Antonio December 12, 2013 Largest Data Breaches (Aurora) Source: Informationisbeautiful.net Attacks Begin With Email-based Tactics
More informationWho We Are! Natalie Timpone
Who We Are! Natalie Timpone Manager of Security Business Management Office Enterprise Security Awareness Manager Carmelo Walsh Security, Risk, and Compliance Security Awareness Subject Matter Expert Who
More informationAutomatic Delivery Setup Guide
for GuideSpark Communicate Cloud Table of Contents Summary: Working with Automatic Email Delivery... 1 What your IT department needs to know... 2 Prerequisite: Select a Targeted Audience... 3 Enable Automatic
More informationGetting into Gmail and other inboxes: A marketer's guide to the toughest spam filters
FulcrumTech Email Marketing Results You Can Measure Getting into Gmail and other email inboxes: A marketer's guide to the toughest spam filters What Really Determines Inbox Engagement? Do Internet service
More informationExtract of Summary and Key details of Symantec.cloud Health check Report
SYMANTEC.CLOUD EXAMPLE HEALTH CHECK SUMMARY REPORT COMPUTER SECURITY TECHNOLOGY LTD. 8-9 Lovat lane, London, London. EC3R 8DW. Tel: 0207 621 9740. Email: info@cstl.com WWW.CSTL.COM Customer: - REDACTED
More informationThe Humanity of Phishing Attack and Defense 2016 Alabama Cyber Now
The Humanity of Phishing Attack and Defense 2016 Alabama Cyber Now Aaron Higbee Co-Founder & CTO of PhishMe @higbee @phishme What you are in for A LOT of slides don t worry, they will be on Slideshare.
More informationPhishing. Eugene Davis UAH Information Security Club April 11, 2013
Phishing Eugene Davis UAH Information Security Club April 11, 2013 Overview A social engineering attack in which the attacker impersonates a trusted entity Attacker attempts to retrieve privileged information
More informationCISO as Change Agent: Getting to Yes
SESSION ID: CXO-W02F CISO as Change Agent: Getting to Yes Frank Kim Chief Information Security Officer SANS Institute @fykim Outline Catch the Culture Shape the Strategy Build the Business Case 2 #1 Catch
More informationThe Credential Phishing Handbook. Why It Still Works and 4 Steps to Prevent It
The Credential Phishing Handbook Why It Still Works and 4 Steps to Prevent It Introduction Phishing is more than 20 years old, but still represents more than 90% of targeted attacks. The reason is simple:
More informationSOUTH AFRICA PHISHING RESPONSE TRENDS. Welcome to the Jumble
SOUTH AFRICA PHISHING RESPONSE TRENDS Welcome to the Jumble 2 OVERVIEW Organisations in South Africa and around the world are moving aggressively to fight phishing attacks. With the number of global phishing
More informationAutomatic Delivery Setup Guide
for GuideSpark Communicate Cloud Table of Contents Summary: Working with Automatic Email Delivery... 1 What your IT department needs to know... 2 Prerequisite: Select a Targeted Audience... 3 Enable Automatic
More informationTable of content. Authentication Domain Subscribers Content Sending practices Conclusion...
A User Guide Before sending your carefully-crafted email campaigns, it s important to first understand a few basic ideas and rules of email marketing to ensure your campaigns are successful. To achieve
More informationTHE CLOUD SECURITY CHALLENGE:
THE CLOUD EMAIL SECURITY CHALLENGE: CLOSING THE CYBERSECURITY SKILLS GAP THROUGH AUTOMATION THE EMAIL SECURITY CHALLENGE Email remains at the heart of the business communications landscape. While nobody
More information24 User education and phishing
24 User education and phishing Lujo Bauer, Nicolas Christin, and Abby Marsh Engineering & Public Policy April 11, 2016 05-436 / 05-836 / 08-534 / 08-734 Usable Privacy and Security 1 2 ebay: Urgent Notification
More informationPEOPLE CENTRIC SECURITY THE NEW
PEOPLE CENTRIC SECURITY THE NEW PARADIGM IN CYBERSECURITY David Karlsson SE Nordics March 2018 1 2018 Proofpoint, Inc. Proofpoint at a Glance LEADING CUSTOMERS DEEP SECURITY DNA UNIQUE VISIBILITY PARTNERS
More informationCopyright 2018 Trend Micro Incorporated. All rights reserved.
Information in this document is subject to change without notice. The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent
More informationAuthentication GUIDE. Frequently Asked QUES T ION S T OGETHER STRONGER
Email Authentication GUIDE Frequently Asked QUES T ION S T OGETHER STRONGER EMAIL AUTHENTICATION Marketers that use email for communication and transactional purposes should adopt and use identification
More informationHow to recognize phishing s
Phishing email messages, websites, and phone calls are designed to steal money, steal data and/or destroy information. Cybercriminals can do this by installing malicious software on your computer or stealing
More informationFighting Phishing I: Get phish or die tryin.
Fighting Phishing I: Get phish or die tryin. Micah Nelson and Max Hyppolite bit.ly/nercomp_sap918 Please, don t forget to submit your feedback for today s session at the above URL. If you use social media
More informationTo learn more about Stickley on Security visit You can contact Jim Stickley at
Thanks for attending this session on March 15th. To learn more about Stickley on Security visit www.stickleyonsecurity.com You can contact Jim Stickley at jim@stickleyonsecurity.com Have a great day! Fraud
More informationPhishing Read Behind The Lines
Phishing Read Behind The Lines Veljko Pejović veljko@cs.ucsb.edu What is Phishing? "Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and
More informationWHITEPAPER. Protecting Against Account Takeover Based Attacks
WHITEPAPER Protecting Against Account Takeover Based Email Attacks Executive Summary The onslaught of targeted email attacks such as business email compromise, spear phishing, and ransomware continues
More informationSecurity and Human Factors. Maritza Johnson
Security and Human Factors Maritza Johnson maritzaj@cs.columbia.edu 1 2 Usability the extent to which a product can be used by specified users to achieve specified goals with effectiveness, efficiency
More informationThanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at
Thanks! Thanks for attending this session on April 6 th, 2016 If you have any question, please contact Jim at jim@stickleyonsecurity.com Don t forget to checkout Stickley on Security and learn about our
More informationCorrelation and Phishing
A Trend Micro Research Paper Email Correlation and Phishing How Big Data Analytics Identifies Malicious Messages RungChi Chen Contents Introduction... 3 Phishing in 2013... 3 The State of Email Authentication...
More informationfalanx Cyber Falanx Phishing: Measure your resilience
falanx Cyber Falanx Email Phishing: Measure your resilience Contents What is Email Phishing? 3 Why should I carry out an Email Phishing exercise? 4 PhishEd Managed regular phishing 5 Single assessments
More informationAnatomy of Phishing Campaigns: A Gmail Perspective
SESSION ID: HT-R03 Anatomy of Phishing Campaigns: A Gmail Perspective Nicolas Lidzborski Ali Zand Gmail & G Suite Security Engineering Lead Google Anti-Abuse Research team #RSAC Phishing 101 Is phishing
More informationM 3 AAWG DMARC Training Series. Mike Adkins, Paul Midgen DMARC.org October 22, 2012
M 3 AAWG DMARC Training Series Mike Adkins, Paul Midgen DMARC.org October 22, 2012 M3AAWG DMARC Training Videos (2.5 hours of training) This is Segment 6 of 6 The complete series of DMARC training videos
More informationWeb Security. Course: EPL 682 Name: Savvas Savva
Web Security Course: EPL 682 Name: Savvas Savva [1] A. Barth and C. Jackson and J. Mitchell, Robust Defenses for Cross-Site Request Forgery, pub. in 15th ACM Conference, 2008. [2] L. Huang and A. Moshchuk
More informationSecurity and Compliance for Office 365
Security and Compliance for Office 365 [Proofpoint has] given us our time back to focus on the really evil stuff. CISO, Global 500 Manufacturer Like millions of businesses around the world, you may be
More informationPhishing Response Trends AUSTRALIA PHISHING RESPONSE TRENDS. Losing the War. Human Phishing Defence. Copyright 2017 PhishMe, Inc. All rights reserved.
Phishing Response Trends AUSTRALIA PHISHING RESPONSE TRENDS Losing the War Human Phishing Defence 1 2 OVERVIEW Organisations in Australia and around the world are moving aggressively to fight phishing
More informationHow to Build a Culture of Security
How to Build a Culture of Security March 2016 Table of Contents You are the target... 3 Social Engineering & Phishing and Spear-Phishing... 4 Browsing the Internet & Social Networking... 5 Bringing Your
More informationBuilding a Resilient Security Posture for Effective Breach Prevention
SESSION ID: GPS-F03B Building a Resilient Security Posture for Effective Breach Prevention Avinash Prasad Head Managed Security Services, Tata Communications Agenda for discussion 1. Security Posture 2.
More informationCYBER THREATS: REAL ESTATE FRAUD ADVISORY COUNCIL
CYBER THREATS: REAL ESTATE FRAUD ADVISORY COUNCIL RAHUL GUPTA SENIOR DEPUTY DISTRICT ATTORNEY ORANGE COUNTY DISTRICT ATTORNEYS OFFICE CELL: 714-345-7722 EMAIL: rahul.gupta@da.ocgov.com DAVE WHITE INVESTIGATOR
More informationBest Practices. Kevin Chege
Email Best Practices Kevin Chege Why your email setup is critical Billions of SPAM emails are generated every day The tips here can help you to reduced the chances of you receiving SPAM email or inadvertently
More informationIT Security Protecting Ourselves From Phishing Attempts. Ray Copeland Chief Information Officer (CIO)
IT Security Protecting Ourselves From Phishing Attempts Ray Copeland Chief Information Officer (CIO) Phishing Defined The fraudulent practice of sending emails claiming to be from reputable people or companies
More informationAN ANTI-SPOOFING TOOL: SPOOFGUARD++
AN ANTI-SPOOFING TOOL: SPOOFGUARD++ A dissertation submitted to The University of Manchester for the degree of MSc in Advance Computer Science in the Faculty of Engineering and Physical Sciences 2011 MOHAMMED
More informationEcosystem at Large
Testing TLS in the E-mail Ecosystem at Large IT-SeCX 2015 Wilfried Mayer, Aaron Zauner, Martin Schmiedecker, Markus Huber Overview Background Methodology Results Mitigation 2 Background Transport Layer
More informationPhishing. A simplified walkthrough on how phishing campaigns are often orchestrated, and possible defences. Copyright March 2018
Phishing A simplified walkthrough on how phishing campaigns are often orchestrated, and possible defences. Copyright March 2018 Netscylla Cyber Security Ltd GB 10571639 Address: Telecom House, 125-135
More informationSiteAdvisor Enterprise
SiteAdvisor Enterprise What Is SAE?... 2 Safety icons show threats while searching... 2 View site report while searching... 2 SiteAdvisor Enterprise button shows threats while browsing... 3 Access SiteAdvisor
More informationS a p m a m a n a d n d H a H m 성균관대학교 최형기
Spam and Ham 성균관대학교 최형기 Agenda Email Protocol Introduction to spam Techniques spammers use Kinds of spam Solutions to spam Conclusion CINS/F1-01 Sungkyunkwan University, Hyoung-Kee Choi 2 SMTP 1 Electronic
More informationANATOMY OF A SPEAR PHISHING ATTACK. A Menlo Security Research Report
ANATOMY OF A SPEAR PHISHING ATTACK A Menlo Security Research Report Overview Today s CISOs are trying unsuccessfully to mitigate the threat of malware and credential theft, the two greatest risks associated
More informationUser Authentication + Other Human Aspects
CSE 484 (Winter 2010) User Authentication + Other Human Aspects Tadayoshi Kohno Thanks to Dan Boneh, Dieter Gollmann, John Manferdelli, John Mitchell, Vitaly Shmatikov, Bennet Yee, and many others for
More informationCE Advanced Network Security Phishing I
CE 817 - Advanced Network Security Phishing I Lecture 15 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially obtained
More informationProtecting Against Account Takeover Based Attacks
Protecting Against Account Takeover Based Email Attacks Executive Summary The onslaught of targeted email attacks such as Business Email Compromise, spear phishing, and ransomware continue uninterrupted,
More informationHow Breaches Really Happen
How Breaches Really Happen www.10dsecurity.com About Dedicated Information Security Firm Clients Nationwide, primarily in financial industry Services Penetration Testing Social Engineering Vulnerability
More informationHow to prevent phishing attacks? In 3 Pages. Author: Soroush Dalili irsdl {4t[ yahoo }d0t] com Website: Soroush.SecProject.
How to prevent phishing attacks? In 3 Pages Author: Soroush Dalili Email: irsdl {4t[ yahoo }d0t] com Website: Soroush.SecProject.Com March 2009 How to prevent phishing attacks? 1. Introduction Phishing
More informationWebroot Phishing Threat Trends
December 2016 Webroot Phishing Threat Trends An update to the 2016 Threat Brief Introduction Who would ever fall for that? That s what many people think when they see a phishing attempt, since less advanced
More information