John Wilson, Senior Fellow, Threat Research at HelpSystems features in this episode of Infosec’s Cyber Work Podcast. John covers all aspects of email fraud including business email compromise, phishing, and shares career tips and advice for budding threat researchers at all levels.
Originally published by Infosec Institute.
“When I look at the email attack landscape, there’s really three primary vectors for an email attack. The first we’re all familiar with, it’s a malicious attachment. Typically, that’s attachment is going to infect your computer, install some unwanted software, or steal your credentials etc.
The second is what I call a link-based attack, your typical phishing, fake message from PayPal. Your account is blocked, please log in here to fix the problem. They want you to click a link, go to a website.
Business Email Compromise is a subset of the third type, which is a response-based attack. What I mean by that is the action the threat actor wants you to take is to hit reply. Business emails can be spoofed, where the threat actor is impersonating an executive or vendor using a fake email address or the business email is compromised and a threat actor is monitoring the conversation, waiting to jump in when the time is right using the compromised account or a lookalike domain. Either way they are armed with all the intel/history from that conversation.”
Watch the full podcast here.