Shooting Puny Phish in a Barrel

Presented at ToorCon San Diego 20 (2018), Sept. 14, 2018, 10:30 a.m. (75 minutes)

With millions of phishing Emails caught be spam filters and users properly trained by well-defined cybersecurity programs, it’s getting harder and harder to properly phish users. Spear phishers must come up with new and improved methods for increasing success. Typosquatting, doppelganger domains, and IDN homograph attacks will be explored and demonstrated during this presentation. Most fully patched modern browsers and Email systems are susceptible to these attacks. This talk will discuss the problem and how to avoid falling victim to some of the best recently discovered domain named based attacks designed to inject malware and steal your passwords. The goal of this presentation is to make IT and Security professionals aware of newly identified techniques used to get high click rates during phishing campaigns. The talk will introduce new research conducted using typosquatting, doppelganger domains, and IDN homograph attacks. Current research and demonstrations will show how the attacks working against current and patched applications. This presentation will cover the following topics: - Phishing campaigns & how they work - Research conducted using typosquatting, doppelganger, and IDN homographic attacks - The true cost of failing to protect against malicious phishing attacks - Countermeasures to defend against these new techniques - Why security awareness training won’t help protect against doppelganger and IDN attacks - How to bypass patched web browsers to spoof Emails/domains - How to setup a highly successful phishing campaign in the cloud for $17

Presenters:

• Michael Wylie
  Michael Wylie, MBA, CISSP is the Directory of Cybersecurity Services at Richey May & Company. Michael is responsible for delivering information assurance by means of vulnerability assessments, risk management, and training. Michael has developed and taught numerous courses for the Department of Defense, CSUN, Moorpark College, and clients around the world. Michael holds credentials from certifying bodies such as ISC2, Cisco, VMware, Dell, EC-Council, CompTIA, and more.

Links:

• https://frab.toorcon.net/en/toorcon20/public/events/118.html

Similar Presentations:

• Kiwicon V: It Goes b00m (2011) / Say my name, bitch! (IDN Homograph Mitigation Strategies)
• DEF CON 14 (2006) / Phishing Tips and Techniques: Tackle, Rigging, and How & When to Phish
• DerbyCon 3.0 All in the Family (2013) / Phishing Like The Pros