Txt Me Bro: a text message phishing honeypot

Presented at CactusCon 11 (2023), Jan. 27, 2023, 10 p.m. (30 minutes).

Attackers use Text Message Phishing (TMP) to avoid defensive perimeters and hit users where they live. A successful phish to a personal device can have dire, far reaching consequences including undermining enterprise security. This talk will present an approach to get insight into these attacks which are often beyond the corporate purview by using an opensource honeypot sensor. This presentation will also cover methods to maximize the sensor's interaction with TMP lures. By gathering and interrogating TMP lures we can expose the campaigns, infrastructure, and tactics of Threat Actors (TA) and hopefully improve personal security for everyone.

Presenters:

• Aftermath (she/her) - Semi-anonymous threat intel faerie
  Aftermath is a semi-anonymous threat intelligence researcher interested in less-interactive collection techniques and deception operations.

Links:

• https://cactuscon-11.sessionize.com/session/394392

Similar Presentations:

• CarolinaCon 13 (2017) / HoneyPy & HoneyDB