Phishing World

[00:00:00] Hey there, as the first episode of the season 2 of the Cyber Riddler podcast

[00:00:04] I wanted to start with something that everyone is familiar with

[00:00:08] But because people still feel for it, I wanted to talk about it

[00:00:12] Today we will be diving into this sneaky or deficient

[00:00:15] You know those emails or messages that trick you into giving away your passwords or personal information

[00:00:21] Yeah, those we are going to take a trip back in time to see where all this trickery began

[00:00:26] Check out how these camps have gotten super crafty over the years and share some tips on how not to get fooled

[00:00:41] You're listening to this cyber Riddler

[00:00:44] Where we decipher the offensive and defensive side of the cyber world

[00:00:49] Ahmad Almorabea

[00:01:02] Back in the day, fishing isn't something new

[00:01:05] It's been around since the 1990s

[00:01:07] Back when the internet was just a baby

[00:01:10] Hackers would send out fake emails

[00:01:12] Pretending to be from AOL

[00:01:14] Asking people to confirm their account info and guess what?

[00:01:17] A lot of people fill for it

[00:01:19] That's how fishing got it started

[00:01:22] Why do people get hooked in the first place you might wonder

[00:01:25] Why do people even fall for these?

[00:01:27] Well, these cameras are pretty good at playing with our feelings

[00:01:31] They send out emails or messages that make you scared, curious

[00:01:35] Or think you are about to get something cool for nothing

[00:01:38] That rush or fear or excitement

[00:01:41] Can make you click on things without thinking twice and now fishing gets fancy

[00:01:46] As the internet grow up, so it is fishing scams

[00:01:49] Now they've got all sorts of tricks up their sleeves

[00:01:53] fancy emails, fancy kits, fancy URLs

[00:01:57] Legit-looking URLs, legit-looking names, and legit-looking websites

[00:02:01] All these criteria will make the people convinced that this is real site

[00:02:07] Now we have a vocabulary

[00:02:09] You have the spear fishing

[00:02:11] This is when they target someone specific

[00:02:13] Using details about you to make their fake messages seem legit

[00:02:18] Whaling

[00:02:19] Think of spear fishing but going after the big fish like CEOs or other big shots

[00:02:25] Smeaking and fishing, these are like fishing cuisines

[00:02:28] Using text messages or phone calls to take you

[00:02:31] Something that you will be getting in real time

[00:02:35] Farming, this sneaky move redirects you from a real website to a fake one without you even noticing

[00:02:42] Newtics and town

[00:02:43] Fisheries today are getting even smarter using AI

[00:02:47] The era of AI that we are living in right now is helping them

[00:02:50] To create fake messages that are super convincing

[00:02:54] Things like business email compromise or BEC

[00:02:57] Pretending to be someone from your work

[00:02:59] And asking you to send money to somewhere you shouldn't

[00:03:03] Social media, digging through your social media accounts to make their scams more personal

[00:03:09] And this will make you believe everything they say because everything they say it's true

[00:03:13] It's not something fictional that they invented

[00:03:16] These are things you handed out to the social media and then they dig from your account

[00:03:21] But you may ask why we fall for it

[00:03:24] Even though we know about these scams people still get caught

[00:03:28] Why?

[00:03:28] Well, sometimes we think we are too smart to get tricked

[00:03:33] Sometimes even cyber-secretary personals they think that they are so good at detecting these scams

[00:03:39] But in reality everyone in another mental state

[00:03:42] Sometimes you are in a rush or you are driving and texting at the same time

[00:03:46] And you get a message and you are waiting for that message for a long time

[00:03:49] Like that you have a shipment that will be delivered today

[00:03:52] And you want to pay for this shipment

[00:03:54] And you are texting and driving at the same time

[00:03:56] And you just click on a link and then you start it handing your information

[00:04:00] Sometimes you are in a state of mind that will make you do things that you will not do

[00:04:06] If you are in your normal state

[00:04:08] These things will make you click on links that you don't want to click on

[00:04:13] Or we just don't know about the latest scams out there

[00:04:17] Plus when we are in a hurry or scared we don't always stop to think

[00:04:22] We've talked about this topic so far from the user perspective

[00:04:25] But what about people sitting in shock or security-reviation centers

[00:04:29] People who will validate and manually analyze emails coming to the organizations

[00:04:34] The soak analyst toolkit

[00:04:36] As a soak analyst you are on the front line of your organization's cyber security defense

[00:04:41] And analyzing emails isn't just about spotting this camp

[00:04:44] It's about understanding the anatomy of the threat

[00:04:47] Here's what you need to arm yourself with

[00:04:49] Knowledge of current fishing trends

[00:04:51] Nowadays fishing comes in kits and these kits are sold online

[00:04:56] And sometimes people just buy these kits and they just start using it

[00:05:00] It's just like a black and play kind of situation

[00:05:04] So you will be spotting these

[00:05:06] So staying updated with the latest fishing tactics and kits is key

[00:05:10] Threat actors evolve and so must we

[00:05:13] Utilize email analysis tools and software that can help you to dissect headers

[00:05:18] Analyze links and detect and check attachments for malicious content

[00:05:23] Let me just give you a brief about analyzing email step-by-step

[00:05:26] When a suspicious email lands in your lab

[00:05:28] Here's how you break it down

[00:05:30] Check the centers email address

[00:05:31] Look beyond the display name

[00:05:33] A common trick is to use illegitimate looking name

[00:05:36] With a bogus email address in the back

[00:05:38] If it's coming from a public domain like Gmail or Rihaho or Outlook

[00:05:42] But claims to be from a legitimate company that's a rich flag

[00:05:45] Analyze the email header

[00:05:46] The header contains a gold mine of information

[00:05:49] Like the path that email took to get to your hubs

[00:05:52] And inspect the links carefully hover over the link

[00:05:55] And don't click please don't click

[00:05:57] Check if you are in looks legitimate or it's clearly hiding malicious link

[00:06:01] Fishers often use shortened URLs or slight mispilling to trick victims

[00:06:06] Check attachments

[00:06:07] Be wary of attachments

[00:06:09] Especially if they are unexpected

[00:06:10] Use sandboxing tools to save the exam in the files without risking your network

[00:06:15] Please don't try it during your laptop or your computer

[00:06:17] Line to an VM or isolated environment

[00:06:20] Look for spilling and grammar mistake

[00:06:22] Professional organizations usually have their email proofread

[00:06:25] Multiple error could indicate fishing attempts

[00:06:28] Nowadays hackers use AI

[00:06:30] And with that you will be receiving

[00:06:32] Professional looking email

[00:06:33] So maybe you will not see this point more often

[00:06:36] But at least you know about it

[00:06:37] But sometimes hackers are lazy too

[00:06:39] And they will use all templates

[00:06:41] And with that you will be seeing a lot of grammar and spilling mistakes

[00:06:46] Lastly since all the tone of the email

[00:06:50] Fishing emails often convey sense of urgency

[00:06:53] Or threats to promote immediate action

[00:06:55] The secret company is usually doing pressure to send email urgently

[00:06:59] Training an awareness

[00:07:01] A crucial part of a sok analyst role is not to just react

[00:07:04] But to proactively educate and conduct regular training session for employees

[00:07:09] This is my opinion I feel like sok people they should

[00:07:13] Organize the sessions

[00:07:14] Why is that because they see it every day and they can give you tips and tricks

[00:07:19] That no one else can give you tricks they DC

[00:07:22] Why is that because even people from GRC or other departments

[00:07:27] They know about the subject from a textbook

[00:07:29] But they didn't see it or anise it every day

[00:07:31] With that the sok people

[00:07:33] They will give you the better glance

[00:07:35] Of how you can detect and react to fishing emails

[00:07:40] You've been listening to the cyber redler

[00:07:42] I hope this episode was informative to you

[00:07:44] I know that maybe most of you already know 90% of it

[00:07:47] But there is no harm to remind you with it

[00:07:49] Please share this episode with anyone you think is interested about the topic

[00:07:53] And you can always reach out to me on Almarabre

[00:07:57] El M or A

[00:07:59] Or cyber regular

[00:08:01] Or a KX

[00:08:03] Don't forget to stay vigilant

[00:08:04] See you on the next episode