BSides Austin 2018 has ended
Back To Schedule
Friday, March 9 • 11:00am - 12:00pm
Credential Stealing Emails - What you need to know

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

The latest vector in email attacks is credential stealing.  This is nothing new, but there has been a serious increase of activity in this space and it is VERY successful.  Why? Because they criminals are manning the phishing campaigns with live people who are logging into people’s Internet facing systems without 2-Factor Authentication and sending out more campaigns.  Better yet, they are sending it to recent contacts, in small amounts so people are falling for it since they are actively, or have recently communicated with the victim giving the phishing campaign legitimacy.
This talk will walk through several examples of these credential stealing emails, what the emails look like, and what the cred stealing websites tend to look like once clicked.  The discussion will focus on how to investigate this type of attack, what kinds of things you will need, what to look for, what works, and why time is ultimately critical for this type of attack.

avatar for Michael Gough

Michael Gough

Founder, Malware Archaeology
Michael is a Malware Archaeologist, Blue Team defender, Incident Responder and logoholic. Michael developed several Windows logging cheat sheets to help the security industry understand Windows logging, where to start and what to look for. Michael is co-developer of LOG-MD, a free... Read More →

Friday March 9, 2018 11:00am - 12:00pm CST
Big Tex Auditorium