I used to think of phishing emails as just more spam. It turns out that they are fundamentally different: whereas spam seeks to sell, phishing seeks to steal. Phishing does share some technical features with spam, but adds layers of deception (even simulating legitimate websites) to commit fraud. Most IT professionals have seen enough phishing emails cross their inbox to understand the material.
This post is to call attention to an interesting presentation by SANS on phishing. It is listed as the October 11, 2005 webcast entitled “Tool Talk: The Anatomy of a Phishing Email” on the SANS webcast archive page at
https://www.sans.org/webcasts/archive.php
Phishing has evolved somewhat since it was originally broadcast. For example, it is now common to hear about spearphishing (more selective phishing) and whaling (highly selective phishing). Whaling is targeted at individuals with high net worth or some other characteristic that makes the ability to impersonate them especially valuable.
Although these phishing variants have become better-known since the webcast originally appeared, I still found it to be interesting and informative.
See the Howto for information on how to access a SANS webcast.
A honeypot is a destination on your private network that you don’t use for normal purposes. Any attempt to access it is by definition anomalous and therefore an indication that a security breach of some kind is in progress. This simple idea is what makes a honeypot a valuable network security alarm.
A honeynet is a collection of honeypots, though a single machine and network interface card is sufficient to simulate a honeynet.
SANS provides an informative overview of honeypot/honeynet technology that is interesting whether or not you are personally responsible for network security. It is listed as the December 1, 2005 Wednesday Webcast entitled “Honeypots” on the SANS webcast archive page at
https://www.sans.org/webcasts/archive.php
See the Howto for information on how to access a SANS webcast.
A very listenable and informative overview of the Spam Wars from 1998 to 2005. Now that major ISPs have decent filtering in place, spam isn’t as much of an end-user problem as it used to be (unless of course your email address has been blacklisted as a spam source).
The presentation is listed as the February 2, 2005 Wednesday Webcast entitled “Spam Prevention: Past, Present and Future” on the SANS webcast archive page at
https://www.sans.org/webcasts/archive.php
See the Howto for information on how to access a SANS webcast.