Phishing for Funds - Understanding Business Email Compromise
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the rapidly expanding cybercrime of Business Email Compromise (BEC) in this informative Black Hat conference talk. Delve into the reasons behind the 1300% increase in reported cases from 2015 to 2016, and understand why this financial fraud scheme targets organizations of all sizes across various market segments. Learn about the tactics used by cybercriminals, including lookalike domains, SMTP relays, and breach-related compromises. Discover effective countermeasures such as employee training, implementing robust processes and policies, and utilizing email security gateways. Gain insights into the importance of SPF, external labels, and blacklisting in combating BEC. Understand the crucial steps of reporting incidents and the potential consequences of falling victim to this lucrative cybercrime.
Syllabus
Intro
What is Business Email Compromise
How do people come after you
Why is this important
Business Email Compromise
How do they find out about you
They want to come after you
Lookalike domains
Singapore Air domain
SharpMail
Who is that
Reply to
SMTP relays
Example
Breach Related Compromise
How do you stop this
Employees
Processes Policies
Email Security Gateways
SPF
External Labels
Blacklisting
Deleting Exchange
Report it
Taught by
Black Hat
Related Courses
Attack on Titan M, Reloaded - Vulnerability Research on a Modern Security ChipBlack Hat via YouTube Attacks From a New Front Door in 4G & 5G Mobile Networks
Black Hat via YouTube AAD Joined Machines - The New Lateral Movement
Black Hat via YouTube Better Privacy Through Offense - How to Build a Privacy Red Team
Black Hat via YouTube Whip the Whisperer - Simulating Side Channel Leakage
Black Hat via YouTube