We can't find the internet
Attempting to reconnect
Something went wrong!
Hang in there while we get back on track
SAINTCON 2016 - Chris Larsen - Phishing with Dynamite
Detect phishing attacks by recognizing unusual domain names, and learn how to create spear phishing emails that mimic legitimate websites, targeting developers' credentials.
-
We can recognize phishing attacks by looking for unusual domain names, especially those that end in
.zip
,.date
,.stream
,.top
,.tld
. These names are often used for spear phishing, trying to get developers to reuse their credentials. -
It’s possible to create a spear phishing email that looks innocent, even with a legitimate domain name, but with a fake URL ending in
.zip
,.date
, etc. - Domain name squatting is a common issue, where companies register domain names to resell them as subdomains. This can be used for malicious purposes, such as spear phishing.
- We can use Unicode characters to create domain names that are difficult to recognize, making it harder to detect phishing attacks.
- We can also use JavaScript to intercept clicks and pop up a dialogue box, making it seem like a legitimate website.
- Spear phishing attacks are more successful when they target developers, as they tend to reuse their credentials.
- We can use browser console to intercept events and simulate user input, making it possible to test phishing attacks in a controlled environment.
- Domain name squatting can be used for both legitimate and malicious purposes.