According to a FireEye report, 1 in 101 emails received are phishing attempts. With the average successful phish costing companies $1.6 Million, tracking down the source, producing intelligence to help reduce the attack surface, and attempts at attribution are quintessential skills for security-minded organizations. \n\nThis presentation aims to show how a more sophisticated attacker may employ phishing to carry out their evil deeds as well as how the blue-team and forensic examiners would attempt to gather intelligence on the source to mitigate or eliminate the risk posed to the targeted organization. Sit tight, look into the Forensics Phish Bowl and observe a purple team engagement through attack and analysis.
Joe Gray joined the U.S. Navy directly out of High School and served for 7 years as a Submarine Navigation Electronics Technician. Joe maintains his own blog and podcast called Advanced Persistent Security. In his spare time, Joe enjoys attending information security conferences, contributing blogs to various outlets, training in Brazilian Jiu Jitsu (spoken taps out A LOT!), and flying his drone. Joe is in the inaugural winner of the DerbyCon Social Engineering Capture the Flag (SECTF) and was awarded a DerbyCon Black Badge. Joe has contributed material for the likes of AlienVault, ITSP Magazine, CSO Online, and Dark Reading. Sophia Fadli is the founder of BSideNOVA by day and a Cyber Defense Analyst by night. She speaks 3 different languages with focus on the EMEA region. She has a Bachelor's degree in Computer Information Systems and is currently pursuing her Master's degree in Information Assurance. Sophia is a strong advocate for advancing women and girls in the information security field.?She has mentored High School and Middle School students to compete in different cyber competitions including the US CyberPatriot Competition.