Netskope @ BSides Delhi 2019

BSides is a community-driven framework for organizing events around the world for information security professionals. BSides Delhi 2019 drew approximately 500 attendees and boasted a schedule packed with workshops and presentations. Ashwin Vamshi, from Netskope’s Threat Research, presented our work, “Phishing in the Cloud Era.” We recorded a short preview of our presentation, which is available in this video.

The presentation began with our research on cloud-scale phishing, highlighting:

• Wide-scale adoption of cloud services by cybercriminals
• Effective phishing attacks launched from popular cloud services
• Effective phishing attacks aimed at stealing credentials for popular cloud services
• Phishing-as-a-service vendors making it particularly easy for attackers

The presentation builds upon some of our previous research, including the following blog posts that detail specific phishing attacks we have analyzed. 

• Phishing as a Service (PhaaS)
• Phishing attacks hosted via public cloud
• Cloud Phishing fanout effect
• Themed decoys abusing the Google Cloud Open redirection 

We conclude with some discussion of how organizations can protect themselves, including:

• Modernizing training to educate users on how to avoid contemporary phishing attacks
• Actively tracking usage of cloud services to identify suspicious behavior
• Configuring apps such as PDF readers to reduce the risk of accidentally clicking on a bait within the app

The slides from the presentation are available here.