{"id":53,"date":"2018-10-31T23:18:33","date_gmt":"2018-10-31T22:18:33","guid":{"rendered":"https:\/\/lars-hilse.de\/lhx18\/?p=53"},"modified":"2018-10-31T13:45:21","modified_gmt":"2018-10-31T12:45:21","slug":"mitigating-sophisticated-phishing-attacks","status":"publish","type":"post","link":"https:\/\/lars-hilse.de\/lhx18\/2018\/10\/mitigating-sophisticated-phishing-attacks\/","title":{"rendered":"Mitigating sophisticated phishing attacks"},"content":{"rendered":"<div class=\"ttr_start\"><\/div><p>Phishing has always been a rather difficult issue to solve.<\/p>\n<p>I&#8217;ve spent countless hours trying to create programs to successfully keep employees from opening suspicious emails, believe me!<\/p>\n<p>The new generation of phishing, however, is even more complex and the threat is even more difficult to mitigate.<\/p>\n<p>In the most recent cases I worked on, the email sent to the victim was either announced or followed up by a phone call from a seemingl legitimate source.<\/p>\n<p>Thereby, the victim was dooped into opening the attachment to infect the system\/network, and there is pretty much no training that will help to reduce that risk.<\/p>\n<p>One of the issues we began working on was to have existing contacts confirm their identity through an IM. Of course this only works if the source is internal, and\/or the source is available on an IM service.<\/p>\n<p>Stay safe folks! These new attacks are devious with potentially devastating consequences, essentially with no one to blame.<\/p>\n<div class=\"ttr_end\"><\/div>","protected":false},"excerpt":{"rendered":"<p>The next generation of phishing attacks is there. Brace yourselves, and mitigate!<\/p>\n","protected":false},"author":1,"featured_media":61,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[6,8],"tags":[36,37,35,38],"class_list":{"0":"post-53","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","6":"hentry","7":"category-cyber-crime","8":"category-global-risks","9":"tag-email-scam","10":"tag-mitigation","11":"tag-phishing","12":"tag-risk-management","14":"fallback-thumbnail"},"jetpack_featured_media_url":"https:\/\/i0.wp.com\/lars-hilse.de\/lhx18\/wp-content\/uploads\/2018\/10\/Screenshot-2018-10-31-at-09.32.02-1.jpg?fit=3186%2C1330&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/paluiP-R","jetpack_likes_enabled":true,"jetpack-related-posts":[],"_links":{"self":[{"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/posts\/53","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/comments?post=53"}],"version-history":[{"count":2,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/posts\/53\/revisions"}],"predecessor-version":[{"id":59,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/posts\/53\/revisions\/59"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/media\/61"}],"wp:attachment":[{"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/media?parent=53"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/categories?post=53"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lars-hilse.de\/lhx18\/wp-json\/wp\/v2\/tags?post=53"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}