Deconstructing the Phishing Campaigns that Target Gmail Users

Presented at Black Hat USA 2019, Aug. 7, 2019, 5:05 p.m. (25 minutes).

With over 1.4 billion active users and million of companies entrusting it to handle their email, Gmail has a unique vantage point on how phishing groups operate. In this talk we look into Gmail telemetry to illuminate the differences between phishing groups in terms of tactics and targets. Then, leveraging insights from the cognitive and neuro-science fields on user's susceptibility and decision-making, we discuss why different types of users fall for phishing and how those insights can be used to improve phishing protections.


Presenters:

  • Elie Bursztein - Security & Anti-Abuse Research Lead, Google
    Elie Bursztein leads Google's security & anti-abuse research, which helps protect users against Internet threats. His research focuses on advancing the state of applied-cryptography, machine learning for fraud and abuse, at risk user protections, and web security. He is the author of 60+ scholarly publications for which he received 6 best papers awards. Elie gave over 20 talks at leading industry conferences and received multiple industry awards including the Back Hat Pwnie award. He was invited to give over 20 guest lectures to numerous universities including Stanford, Berkely and Tsing Hua. Elie's work is regularly covered by major news outlets including the Wall Street Journal, CBS, Forbes, Wired, the Huffington Post and CNN. Elie is a beret aficionado, tweets at @elie, and performs magic tricks in his spare time. Born in Paris, he received a Ph.D from ENS-cachan in 2008 before working at Stanford University and ultimately joining Google in 2011. He now lives with his wife in Mountain View, California.
  • Daniela Oliveira - Associate Professor, University of Florida
    Dr. Daniela Oliveira is the IoT Term Associate Professor in the Department of Electrical and Computer Engineering at the University of Florida. She received her PhD in Computer Science from the University of California at Davis. Her current research interests include understanding and addressing cyber deception and phishing in an interdisciplinary fashion. She received a National Science Foundation CAREER Award in 2012, a Presidential Early Career Award for Scientists and Engineers (PECASE) from President Obama, and the 2017 Google Security, Privacy and Anti-Abuse Award. She is a National Academy of Sciences Kavli Fellow and a National Academy of Engineers Frontiers of Engineering Symposium Alumni. Her research has been sponsored by the National Science Foundation (NSF), the Defense Advanced Research Projects Agency (DARPA), the National Institutes of Health (NIH), the MIT Lincoln Laboratory, and Google. She was born and raised in Brazil and on her spare time she loves going to Disney World with her husband Marcio and her 10-old daughter Brooke. She is a dog lover and has a two-year-old German Shepherd, Wagner.

Links:

Similar Presentations: