Home | VerSprite Resources

Phishing Attacks

Phishing is the leading type of social hacking attack used to exploit your organization.

Phishing for Passwords: Discover a More Advanced Approach for Harvesting User Credentials

hacking passwords

Blog Post

Password Management

Phishing Attacks Through Cloned Websites

During adversarial attack simulations harvesting credentials through phishing are often performed through cloned websites. A cloned website works by copying the front-end (such as the Gmail login page) and hosting it on a domain designed to mimic the real domain.

Learn more

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Video

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Utilizing reverse proxies offers a more advanced approach for creating phishing web pages that not only allow the Victim User to fully authenticate to their account through a malicious site, but also how to automate the theft of information within the account.

Learn more

Attacking LastPass: Compromising an Entire Password Database

Blog Post

Man-in-The-Middle (MiTM) Attacks

Attacking LastPass: Compromising an Entire Password Database

LastPass is a commonly used cloud-based password management solution that stores hundreds of unique and strong passwords, but what if a user’s entire password database is compromised? While a cloud-based solution to password management is very convenient, it isn’t without its own set of dangers.

Learn more

6 Ways to Strengthen Security Posture & Reduce Risk

Ebook

Security Awareness Training

How to Minimize Data Risk & Strengthen Your Security Posture

This guide offers a perspective gained from research and experience into incidents and their causes. Nothing will stop all cyber incidents, but attention to these areas can reduce the chances of a successful attack.

Learn more

forensic analysis

Report

Email Forensics

Preparing Your Microsoft Office 365 Environment for Forensic Analysis

Microsoft’s Office 365 adoption continues among larger enterprises with small and medium size businesses adopting at lower rates. It is important to know that auditing may not be enabled currently in your Microsoft Office 365 environment you manage. Download the step-by-step guide to enabling auditing.

Learn more

Over the last couple of days, an innovative campaign to spread phishing was detected. This attack used the Google translate service to make malicious links appear legitimate when visited only on mobile browsers.

Blog Post

Email Forensics

Phishing Site Uses Google Translate

An innovative campaign to spread phishing was recently detected. This attack used the Google translate service to make malicious links appear legitimate when visited only on mobile browsers.

Learn more

phishing tool

Blog Post

Phishing Attacks

Can You Spot When You’re Being Phished?

What Does it Mean to “Send a Phish”? Phishing means to command and order an impersonated email to target victim with false pretenses. Identifying phishing can be harder than you think. Can you tell what’s fake? Google’s phishing introduces modern phishing techniques now being used by cybercriminals.

Learn more

transport layer security

Blog Post

Security Vulnerabilities

TLS 1.3 and Major TLS Libraries Vulnerable

Attackers may take over accounts and pose as clients or employees to entice those controlling corporate accounts to divulge information or open malicious documents. These types of scenarios should be incorporated into user awareness training. Do not trust anyone online simply based on who they purport to be.

Learn more

Google Thwarts Phishing

Blog Post

Phishing Attacks

Google Thwarts Employee Phishing Attack

With network perimeters becoming more hardened, phishing is an ever-popular way for attackers to gain a foothold into a company network. VerSprite’s own experience with phishing engagements show us just how effective and easy it is to run successful phishing campaigns.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos