Tag: phishing

  • Phishing

    Over a month ago, I received a creative phishing attempt. We use a relatively popular service which is mimicked fairly well. I typically receive notification emails from it by an administrative assistant. This came from another name. That was my only real clue that made me look closer. Since, I have received almost a dozen, […]

  • Email Changes

    Ran across a site where if one changes the email address associated with the account, it sends the confirmation email to the new address. Say, I am a Blackhat and used a phishing attack to get the password for the account. Having legitimately logged in, I then change the email address associated with it from victim@outlook.com […]

  • Phishy Corporate Communications

    Received an email that looked phishy: Greetings, Please read this important e-mail carefully. Recently you registered, transferred or modified the contact information for the following domain name: ezrasf.com In order to ensure your domain name remain active, you must now click the following link and follow the instructions provided. http://verify.domain.com/registrant/?verification_id=999999&key=BFrrpxGDbb&rid=999999 Sincerely, Domain Registrar The web […]

  • Security Inside Out #USGRockEagle13

    Eddie Carter and Orrin Char, Oracle Identity management and security and access management. Eddie wore a UGA shirt. Guy in front of me made fun of him obviously not wanting to sell to Georgia Tech. Turns out he’s from  Kennesaw. The GT-UGA rivalry knows no bounds. Love it! Handout: Database firewall more auditing and ACLs […]

  • Phish-ish Legit Email

    Part of the problem of getting people not to succumb to phishing attempts is the poor practices used in legitimate emails. Google sent me an email saying something was going to expire in a month because of inactivity. I needed to click on a link and verify my information. You know, exactly the same kind […]