Home | VerSprite Resources

Phishing Attacks

We are passionate about helping our clients chart a course that brings security and business together.

Phishing Attacks Through Cloned Websites

Blog Post

Phishing Attacks

During adversarial attack simulations harvesting credentials through phishing are often performed through cloned websites. A cloned website works by copying the front-end (such as the Gmail login page) and hosting it on a domain designed to mimic the real domain.

Learn more

Utilizing Reverse Proxies to Inject Malicious Code & Extract Sensitive Information

Video

Password Management

Utilizing reverse proxies offers a more advanced approach for creating phishing web pages that not only allow the Victim User to fully authenticate to their account through a malicious site, but also how to automate the theft of information within the account.

Learn more

Attacking LastPass: Compromising an Entire Password Database

Blog Post

Exploitation of Vulnerabilities

LastPass is a commonly used cloud-based password management solution that stores hundreds of unique and strong passwords, but what if a user’s entire password database is compromised? While a cloud-based solution to password management is very convenient, it isn’t without its own set of dangers.

Learn more

How to Minimize Data Risk & Strengthen Your Security Posture

Ebook

Data Security Breach

This guide offers a perspective gained from research and experience into incidents and their causes. Nothing will stop all cyber incidents, but attention to these areas can reduce the chances of a successful attack.

Learn more

Preparing Your Microsoft Office 365 Environment for Forensic Analysis

Report

Malware Protection & Detection

Microsoft’s Office 365 adoption continues among larger enterprises with small and medium size businesses adopting at lower rates. It is important to know that auditing may not be enabled currently in your Microsoft Office 365 environment you manage. Download the step-by-step guide to enabling auditing.

Learn more

Phishing Site Uses Google Translate

Blog Post

Malware Protection & Detection

An innovative campaign to spread phishing was recently detected. This attack used the Google translate service to make malicious links appear legitimate when visited only on mobile browsers.

Learn more

Can You Spot When You’re Being Phished?

Blog Post

Security Awareness Training

What Does it Mean to “Send a Phish”? Phishing means to command and order an impersonated email to target victim with false pretenses. Identifying phishing can be harder than you think. Can you tell what’s fake? Google’s phishing introduces modern phishing techniques now being used by cybercriminals.

Learn more

TLS 1.3 and Major TLS Libraries Vulnerable

Blog Post

Social Engineering

Attackers may take over accounts and pose as clients or employees to entice those controlling corporate accounts to divulge information or open malicious documents. These types of scenarios should be incorporated into user awareness training. Do not trust anyone online simply based on who they purport to be.

Learn more

Google Thwarts Employee Phishing Attack

Blog Post

Social Engineering

With network perimeters becoming more hardened, phishing is an ever-popular way for attackers to gain a foothold into a company network. VerSprite’s own experience with phishing engagements show us just how effective and easy it is to run successful phishing campaigns.

Learn more

We are an international squad of professionals working as one.

Email

[email protected]

logos