1810: The Rise of Personalized Phishing Attacks
Tech Talks Daily · Neil C. Hughes
Audio is streamed directly from the publisher (traffic.libsyn.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
At the end of 2020 Troy Gill, Senior Manager of Threat Intelligence at Zix, predicted in the 2020 Global Security Report that we would see attackers further personalizing and customizing their attacks this year. Over the last 8 months, it has come true over and over again. One such attack lived up to this prediction. The phishing attempt was posing as certificate errors for the recipient's website. What made it unique was it pulled their real certificate data and DNS (Domain Name System) A-record to tailor the phishing message to their domain. The payload URL also led to a credential harvesting site customized for their specific web platform admin page. While testing, we observed the generic WordPress admin login page and Shopify login pages (depending on the target).
Troy Gill joins me on the podcast to discuss the rise of personalized phishing attacks and what businesses can to do protect themselves.