Presented at
CactusCon 12 (2024),
Feb. 16, 2024, 9:30 a.m.
(30 minutes).
Spam texts, fraudsters, and malicious websites are just a few ingredients of the recipe that has led to the proliferation of phishing kits/phishing-as-a-service attacks. Many sites that advertise phishing services to criminals are brought down by security/internet providers, authorities, or even both. However, these fraudulent sites can wreak personal and financial damage before being brought down. Unlike traditional fishing season, phishing season lasts all year—seven days a week, 24 hours a day.
Within this talk I will be reviewing over:
+ The architecture of your typical phishing kit.
+ The growing application and process of these phishing kits in the hands of fraudsters.
+ Real life examples of phishing kits being used in the 'wild'.
+ Evasion techniques that fraudsters use in order to cover their tracks while using phishing kits.
+ Strategies to help defend against phishing kits being used against you as an individual or your organization.
Presenters:
-
Rebecca T
- Security Analyst - Fraud Specialist
Currently, Rebecca T has been working as a security analyst specializing in financial fraud for the past 2 years. She has a technical background focusing on database forensics, fraud trend identification & remediation, and security awareness education. Within her role, she is exposed to fraud vectors that are exploited in the wild within the financial world.
Links:
Similar Presentations: