SPEAR PHISHING TESTING METHODOLOGY



Similar documents
Whitepaper on AuthShield Two Factor Authentication and Access integration with Microsoft outlook using any Mail Exchange Servers

Information Security Field Guide to Identifying Phishing and Scams

Shield Your Business - Combat Phishing Attacks. A Phishnix White Paper

Matrix Technical Support Mailer - 72 Procedure for Image Upload through Server in SATATYA DVR,NVR & HVR

SPEAR PHISHING UNDERSTANDING THE THREAT

Matrix Technical Support Mailer 33 COSEC Integrate (Import from Active Directory)

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

Recognizing Spam. IT Computer Technical Support Newsletter

Cyber Security Breakout Session. Ed Rosenberg, Vice President & Chief Security Officer, BMO Financial Group Legal, Corporate & Compliance Group

SEC-GDL-005-Anatomy of a Phishing

SonicWALL Security Quick Start Guide. Version 4.6

OCT Training & Technology Solutions Training@qc.cuny.edu (718)

Encryption Procedures

What Spammers Don t Want You To Know About Permanently Blocking Their Vicious s

ModusMail Software Instructions.

Managing Junk Mail. About the Junk Mail Filter

Bank of Hawaii Protecting Confidential . What's in this User Guide

10- Assume you open your credit card bill and see several large unauthorized charges unfortunately you may have been the victim of (identity theft)

DEPARTMENT OF DEFENSE 6000 DEFENSE PENTAGON WASHINGTON, D.C

White paper. Phishing, Vishing and Smishing: Old Threats Present New Risks

Spear Phishing Attacks Why They are Successful and How to Stop Them

WatchDox Administrator's Guide. Application Version 3.7.5

Importance: From: Anthem, Inc. Communications Sent: Thursday, February 26, :40 PM Subject: Important message from Anthem, Inc.

Identity Theft. Protecting Yourself and Your Identity. Course objectives learn about:

SECURITY REIMAGINED SPEAR PHISHING ATTACKS WHY THEY ARE SUCCESSFUL AND HOW TO STOP THEM. Why Automated Analysis Tools are not Created Equal

Stop Identity Theft. with Transparent Two-Factor Authentication. e-lock Corporation Sdn Bhd

Don t Fall Victim to Cybercrime:

Anti-Phishing Best Practices for ISPs and Mailbox Providers

Gold Lock Desktop. User Manual. Follow these simple steps to install, configure, and use Gold Lock Desktop.

Department of Homeland Security

How to Identify Phishing s

ONE Mail Direct for Desktop Software

HIPAA Information Security Overview

Advice about online security

Introduction. SonicWALL Security

Secure Mail Registration and Viewing Procedures

A. I do not have my own personal certificate I am a new client or want to download a new certificate

Market Intelligence Cell. Fighting Financial Crime

Social Engineering Toolkit

Policy for Social Media Usage in Catawba County

Protecting Online Customers from Man-inthe-Browser and Man-in-the-Middle Attacks

Scams and Schemes LESSON PLAN UNIT 1. Essential Question What is identity theft, and how can you protect yourself from it?

DON T BE FOOLED BY SPAM FREE GUIDE. Provided by: Don t Be Fooled by Spam FREE GUIDE. December 2014 Oliver James Enterprise

Spear phishing campaign targeting staff to perform wire transfers

Guidelines for Account Management and Effective Usage

Enhanced Security for Online Banking

Cybersecurity Best Practices

Bank of Hawaii Protecting Confidential

Integrated Migration Tool

Encryption Recipient Guidelines

Policy Of Government of India

Network Security - ISA 656 Security

With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.

RSA Authentication Manager 7.1 Security Best Practices Guide. Version 2

OIG Fraud Alert Phishing

Ad Hoc (Temporary) Accounts Instructions

Prepared by Mythtech Limited OFFICE 365 MIGRATION MANUAL GUIDELINE

Secure FAQs for External Stakeholders

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015

Is your data safe out there? -A white Paper on Online Security

CONFIGURATION AND SETUP USER GUIDE AND REFERENCE MANUAL

Security Threat Kill Chain What log data would you need to identify an APT and perform forensic analysis?

CSUF Tech Day Security Awareness Overview Dale Coddington, Information Security Office

IDRBT Working Paper No. 11 Authentication factors for Internet banking

XGENPLUS SECURITY FEATURES...

MSI Secure Mail Tutorial. Table of Contents

About the Junk Filter

User Guide Online Backup

Smart TPM. User's Manual. Rev MD-STPM-1001R

Quarterly Report: Symantec Intelligence Quarterly

Matrix Technical Support Mailer-66 How To Upgrade ETERNITY ME/GE/PE & How To Take Configuration Back-Up?

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

COSC 472 Network Security

SK International Journal of Multidisciplinary Research Hub

Quick Start Guide Migration Planner

Cryptshare for Outlook User Guide

Multi-Factor Authentication Reference Guide

Who Drives Cybersecurity in Your Business? Milan Patel, K2 Intelligence. AIBA Quarterly Meeting September 10, 2015

Cyber Security Metrics Dashboards & Analytics

2012 North Dakota Information Technology Security Audit Vulnerability Assessment and Penetration Testing Summary Report

Transcription:

SPEAR PHISHING TESTING METHODOLOGY From An article on our Spear Phishing Testing which can be used in social engineering exercise to determine organization wide susceptibility to an APT style attack.

Document Tracker Author Version Summary of Changes Manasdeep September 2012 Document Created Network Intelligence (India) Pvt. Ltd. Page 2 of 6

Contents 1. Introduction... 4 2. for Spear Phishing Testing:... 5 Network Intelligence (India) Pvt. Ltd. Page 3 of 6

1. INTRODUCTION Spear phishing is an e-mail spoofing fraud attempt that targeting an organization to glean out confidential data and gain unauthorized access to organization's confidential data or internal network. Attacker may be motivated to carry confidential internal information to seek out financial gain, trade secrets or proprietary information. The emails sent to internal employees in spear phishing attempt appear to originate from a high ranking authoritative source positioned in the company. It is purposefully done so that very few people will question the intent regarding this request and readily provide the "supposed authority" with the requested details. Necessary factors for successful spear phishing attack: a. A known trusted "highly placed" authoritative figure in organization b. The message must complement the context in what is being said and the contained information supplements its validity c. The recipient can draw a "firm need" or a logical reason for the request made by sender. Popular Techniques used for the Spear Phishing attack comprise of mixture of social engineering, client side attacks, and requests via social networking sites etc. Network Intelligence (India) Pvt. Ltd. Page 4 of 6

2. METHODOLOGY FOR SPEAR PHISHING TESTING: a. Identify targets We identify our target audience which can easily be convinced into believing our story. To know about their mode of working we can interact frequently with helpdesk employees, security guards etc. which are frequently involved in frontline customer interaction. We can use this gathered information to construct our fake impersonated identity handle to do spear phishing. b. Planning and Using Pretexts: While selecting your pretext background it is imperative to consider a few key questions: What problem am I trying to solve? What questions am I trying to answer? What information do I seek? The nature of the person whom we will be contacting One of attacker s goals in pre-texting is to bring the target to logical conclusion, to do that we must anticipate their attitudes to be spontaneous enough to lead them down the path we want. c. Establishing Trust: The attacker smartly walks through his way to the perimeter defence of "human trust" by impersonating as well known authoritative high ranking personnel requesting confidential details. For e.g. Hi, This is your system admin from mail server. We recently discovered that your mail was sending mail bounces. As per corporate policy, your mail address has been temporarily blocked for 48 hrs. Please reply with your user name and password by logging on ww.thisfakesite.com for verifying your account and saving it from getting blocked. d. Stresses the "need": The attacker now presses the urgency of the action required on part to be done by the user. He crafts the message accordingly which supports the context making it to appear genuine in eyes of victim. For e.g. If you don t activate your account by clicking this link within 48 hour deadline, as per corporate policy, your mail address will be permanently blocked and you will lose all your files and mails stored on the mail server. e. Convincing user: The attacker now has convinced user to take action to carry out the necessary action required to access the organization network. He gets friendly with user to assist him for revealing more sensitive details about the organization. For e.g. Thank you for your prompt and timely action. Unfortunately, I was unable to recover 2 mails belonging to your department. Please use the recovery backup website to login with your department credentials. Once you are logged in, your mails will be immediately restored. Thanks for your cooperation. Have a great day!! Network Intelligence (India) Pvt. Ltd. Page 5 of 6

f. Newer ways to get information: Attacker utilizes innovative tools, techniques and social interaction ways to ultimately obtain access in organization through various avenues. A good attacker doesn't uses the same trick repeatedly for long to evade detection which rules out consistency behaviour patterns emerging from the analyst point of view. g. Buffer periods: To iron out any possibility of any alarm raised due to emerging patterns of attempts, a buffer period of 1-2 weeks is usually taken to break the pattern chain. Popular Phishing Tools Used: SET (Social Engineering Toolkit) Super Phisher Creator Manual mass mailing via any mass mail solution Network Intelligence (India) Pvt. Ltd. Page 6 of 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information