Phishing - The Top Attack Vector

[Trevor Chandler]

72% of successful breaches involve phishing emails,
such as the attack on a public transportation authority
that compromised scheduling systems, and caused
significant delays.

Be diligent all!!!

 

[Gregory Childers]

KnowBe4, a firm started by former hacker and author Kevin Mitnick (RIP), has a blog on phishing emails. It is single-handedly the most severe threat vector in the world.

KnowBe4 Security Awareness Training Blog | Phishing

Phishing | KnowBe4's blog keeps you informed about the latest in security including social engineering, ransomware and phishing attacks.

blog.knowbe4.com

 

[Trevor Chandler]

KnowBe4, a firm started by former hacker and author Kevin Mitnick (RIP), has a blog on phishing emails. It is single-handedly the most severe threat vector in the world.

KnowBe4 Security Awareness Training Blog | Phishing

Phishing | KnowBe4's blog keeps you informed about the latest in security including social engineering, ransomware and phishing attacks.

blog.knowbe4.com

Wow! Thanks for sharing Gregory!!!

 

[Rick Butler]

I think we see a good phishing email that gets spread through our organization, perhaps every few weeks. Lately, I think, with a few exceptions, our students and staff are getting better at identifying and flagging them in Exchange, while I end up going into the MS Defender console and extracting them from the system. But as you can see, even on a light day, phish messages can get through, despite best efforts.



BTW - if you're not sure how to do this in Microsoft Defender, I would encourage you to learn how to use the Explorer blade of the Defender console and how to do an extraction, particularly if something gets delivered to thousands of mailboxes and you need to rip it out.

/r

 

[Trevor Chandler]

I think we see a good phishing email that gets spread through our organization, perhaps every few weeks. Lately, I think, with a few exceptions, our students and staff are getting better at identifying and flagging them in Exchange, while I end up going into the MS Defender console and extracting them from the system. But as you can see, even on a light day, phish messages can get through, despite best efforts.

View attachment 2098

BTW - if you're not sure how to do this in Microsoft Defender, I would encourage you to learn how to use the Explorer blade of the Defender console and how to do an extraction, particularly if something gets delivered to thousands of mailboxes and you need to rip it out.

/r

This is gold!!! This could be a TTT session all by itself!!!
My only involvement with Microsoft Defender is to enable it. Once that's done,
I'm moving on down the road to something else.

Thank you Mr. Butler for this fantastic nugget!!!!

 

[Rick Butler]

This is gold!!! This could be a TTT session all by itself!!!
My only involvement with Microsoft Defender is to enable it. Once that's done,
I'm moving on down the road to something else.

Thank you Mr. Butler for this fantastic nugget!!!!

Defender P2 is a great platform for total malware management. Only thing above that is XDR which adds in the SIEM and SOAR. Too much for our school, but good for bigger environments.

 

[Trevor Chandler]

Defender P2 is a great platform for total malware management. Only thing above that is XDR which adds in the SIEM and SOAR. Too much for our school, but good for bigger environments.

Defender P2 for total malware management? Sounds like there could be a cost (financial) attached to that. Is my sixth sense correct?

 

[Rick Butler]

Yes. Defender P2 is licensed per staff user. Since we're an EDU, students are also covered, like they are under A3 licensing. A good solution for a college.

 

[Gregory Childers]

Defender P2 is a great platform for total malware management. Only thing above that is XDR which adds in the SIEM and SOAR. Too much for our school, but good for bigger environments.

I briefly worked for a SIEM company. Comprehensive solutions such as XDR, SIEM, SOAR, etc. will be more commonplace if they can get the licensing costs down. Either that, or big orgs will go full Zero Trust Architecture with microsegmentation.

 

[Trevor Chandler]

Yes. Defender P2 is licensed per staff user. Since we're an EDU, students are also covered, like they are under A3 licensing. A good solution for a college.

Okay, so much for Defender P2 finding its way onto my home desktop!!!

Still nice to know about its existence, and the benefit it provides!!!

 

[precious]

72% of successful breaches involve phishing emails,
such as the attack on a public transportation authority
that compromised scheduling systems, and caused
significant delays.

Be diligent all!!!

Phishing emails are out here ruining more than just inboxes—now they're messing with our schedules too! Stay sharp, everyone!

 

[precious]

KnowBe4, a firm started by former hacker and author Kevin Mitnick (RIP), has a blog on phishing emails. It is single-handedly the most severe threat vector in the world.

KnowBe4 Security Awareness Training Blog | Phishing

Phishing | KnowBe4's blog keeps you informed about the latest in security including social engineering, ransomware and phishing attacks.

blog.knowbe4.com

Appreciate for sharing

 

[Trevor Chandler]

Phishing emails are out here ruining more than just inboxes—now they're messing with our schedules too! Stay sharp, everyone!

This is not a drill - we're at war!!!

 

[precious]

I think we see a good phishing email that gets spread through our organization, perhaps every few weeks. Lately, I think, with a few exceptions, our students and staff are getting better at identifying and flagging them in Exchange, while I end up going into the MS Defender console and extracting them from the system. But as you can see, even on a light day, phish messages can get through, despite best efforts.

View attachment 2098

BTW - if you're not sure how to do this in Microsoft Defender, I would encourage you to learn how to use the Explorer blade of the Defender console and how to do an extraction, particularly if something gets delivered to thousands of mailboxes and you need to rip it out.

/r

You are the cyber janitor, clearing out the phishing mess before it gets out of control! Thanks for the tip on the Explorer blade—I'll be sure to sharpen my Defender skills!

 

[precious]

This is not a drill - we're at war!!!

Let's hunt!

 

[Trevor Chandler]

Let's hunt!

As long as the network exists, you'll have plenty of opportunity!!!!

 

[precious]

As long as the network exists, you'll have plenty of opportunity!!!!

True that! The network is my playground, and the phishers keep bringing the games!

 

[precious]

As long as the network exists, you'll have plenty of opportunity!!!!

Phishing emails never know when to stop, and it's like I'm the guy in the scary movie who keeps getting called back for sequels.

 

[Trevor Chandler]

Phishing emails never know when to stop, and it's like I'm the guy in the scary movie who keeps getting called back for sequels.

As far as the bad guys are concerned, you're just another minnow in the pond my friend. There's no discrimination with those guys! Of course, you already know this!!!!

 

[precious]

As far as the bad guys are concerned, you're just another minnow in the pond my friend. There's no discrimination with those guys! Of course, you already know this!!!!

Yes, that's true! Even though I'm a minnow in their phishing pond, I prefer to think of myself as the one that always manages to get away with it by ignoring !