Title: The Art of Phishing
Session Description: Red Teamers and Pen Testers – Have you ever devised the perfect phishing campaign and went through the effort of: Registering a new domain name, crafting custom HTML for the landing page, installing a let’s encrypt certificate, ensuring your email presents well in outlook/Gmail/mobile, tested the credential harvesting component, and even factored in 2-FA stealing techniques? Well if so, nice work! NOW, if have gone through all these steps just to get your email blocked by the recipient, or delivered to SPAM, or even worse – have your SMTP relay service suspended and/or your phishing site flagged as malicious, then you need to step up your game; and if you haven’t done these things before, then you really need to consider the effectiveness of your campaigns and program. Join this talk to find out the surprising ways you can streamline your current process, and get more credentials from your victims – Happy hunting!
After completing this session, learner will…
Understand the value of a trusted SMTP rely
Learn how to compartmentalize services to evade detection
See the results of success and failure from real-world experiences
Learn what steps to take to increase the chances of a successful phishing campaign
Research, phishing, pen testing, red teaming