PHISHING INFRASTRUCTURE

Phishing Capabilities Demonstration

The goal of this whitepaper is to summarize technical details of a phishing infrastructure we developed and has unique capabilities among its open-source alternatives. It is capable of sending phishing emails using multiple techniques, bypassing multi-factor authentication and consequently stealing users’ logged in sessions, with a possibility of a manual takeover or doing automated actions.

Our goal is to demonstrate capabilities a dedicated attacker might create using off-the-shelf open-source tools and some programming effort in putting them together. This article does not aim to provide a step-by-step solution to build a phishing infrastructure.

Phishing

Phishing email is a type of online scam when a cyber-criminal sends an email that appears legitimate but tricks the user into doing some actions that help the attacker. Most common is credential harvesting, which tricks a victim into disclosing their username and password, or they are tricked into running an executable, which can give the attacker access to the computer.

According to IBM1, phishing still lies at the root of 14% of all data breaches, making it the 4th most used attack vector. Verizon Data Breach 20202 estimates, that 22% of all data breaches involved phishing. With the average data breach costing as much as $3.86 billion, no avenue can be left unchecked. Even tech giants such as Facebook and Google have fallen victim to multi-million dollar phishing scams. Although many security solutions have built-in phishing detection and prevention tools, attackers are continuously discovering new techniques for phishing filter evasion.

Multi-factor authentication

Multi-factor authentication or MFA is an authentication method, which requires two or more verification factors to grant access to the user. These factors can be categorized as either knowledge (something only the user knows), possession (something only the user has), or inherence (something only the user is). The best policy is to require at least two factors from different categories.

 

Download Phishing Infrastructure Whitepaper to learn more.

 

Sources
  1. https://www.ibm.com/security/digital-assets/cost-data-breach-report/ 
  2. https://enterprise.verizon.com/resources/reports/2020-data-breach-investigations-report.pdf 
  3. https://info.publicintelligence.net/FBI-CircumventingMultiFactorAuthentication.pdf  

Related Resources

Article Case Study cyber cybersecurity networks paper pen testing Penetration Testing report security wifi

Wi-Fi Network Penetration Testing with a Synopsis of Ontology to Enhance the Security

Most use the internet to send messages or documents (data) from point (A) to point (B). This is mainly done...

Case Study cyber cybersecurity LockBit ransomware Whitepaper

A Detailed Analysis of the LockBit Ransomware

LockBit 2.0 ransomware is one of the most active families in the wild and pretends to implement the fastest encryption...

Case Study cybersecurity Grief Ransomware Whitepaper

A Deep Dive into The Grief Ransomware’s Capabilities

Grief ransomware is the successor of the DoppelPaymer ransomware, which emerged from the BitPaymer ransomware. Grief is deployed in an...