BSides is a community-driven framework for organizing events around the world for information security professionals. BSides Delhi 2019 drew approximately 500 attendees and boasted a schedule packed with workshops and presentations. Ashwin Vamshi, from Netskope’s Threat Research, presented our work, “Phishing in the Cloud Era.” We recorded a short preview of our presentation, which is available in this video.
The presentation began with our research on cloud-scale phishing, highlighting:
- Wide-scale adoption of cloud services by cybercriminals
- Effective phishing attacks launched from popular cloud services
- Effective phishing attacks aimed at stealing credentials for popular cloud services
- Phishing-as-a-service vendors making it particularly easy for attackers
The presentation builds upon some of our previous research, including the following blog posts that detail specific phishing attacks we have analyzed.
- Phishing as a Service (PhaaS)
- Phishing attacks hosted via public cloud
- Cloud Phishing fanout effect
- Themed decoys abusing the Google Cloud Open redirection
We conclude with some discussion of how organizations can protect themselves, including:
- Modernizing training to educate users on how to avoid contemporary phishing attacks
- Actively tracking usage of cloud services to identify suspicious behavior
- Configuring apps such as PDF readers to reduce the risk of accidentally clicking on a bait within the app
The slides from the presentation are available here.