.

[Article]-The 5 Secrets to Phishing Success

<<

don

User avatar

Administrator
Administrator

Posts: 4226

Joined: Sun Aug 28, 2005 10:47 pm

Location: Chicago

Post Wed Mar 02, 2011 1:25 pm

[Article]-The 5 Secrets to Phishing Success

Awesome new article for Mr. Murray's Column. This one takes some of the fantastic knowledge in his head into a real-world application with practical & useful advice you can use immediately.

Permanent link: [Article]-The 5 Secrets to Phishing Success


Image


These days, it’s hard to perform a penetration test without attempting some sort of online social engineering, and most often, this takes the format of some type of phishing attack (whether targeted or across a wide user base).

While we spend epic amounts of time getting our exploits and payloads perfect (even if we’re using SET), far too often we see testers using stock emails or variants of canned emails that they’ve been taught to use without thinking about the real keys to getting their emails read and acted upon.

These are my five most-often overlooked secrets to making sure that your email phishing works...



Let him know what you think, and, if it helped, tell us how.

Don
Last edited by don on Wed Mar 02, 2011 1:28 pm, edited 1 time in total.
CISSP, MCSE, CSTA, Security+ SME
<<

dynamik

Recruiters
Recruiters

Posts: 1119

Joined: Sun Nov 09, 2008 11:00 am

Location: Mile High City

Post Fri Mar 11, 2011 8:35 pm

Re: [Article]-The 5 Secrets to Phishing Success

Mike was also recently interviewed on PDC: http://pauldotcom.com/wiki/index.php/Episode232

I have no idea how I haven't heard of The Hacker Academy, but it's definitely been added to my list!

Has anyone out there participated in their training? I'd love to hear about any experiences.
The day you stop learning is the day you start becoming obsolete.
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Sun Mar 13, 2011 2:28 pm

Re: [Article]-The 5 Secrets to Phishing Success

I have been working on a review based on the 90 days of access they granted me late last year. I had sent some questions over to THA which they responded to but then I completely dropped the ball in the midst of everything else going on. I'd be happy to finish putting that together. I'll try to get it done this next week and post it here.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org

Return to Murray

Who is online

Users browsing this forum: No registered users and 1 guest

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software