Chapter 9

The E-mail Attack Vector

Richard Ackroyd, Senior Security Engineer, RandomStorm Limited

Phishing attacks are very popular for a reason, they work. RSA, one of the world’s leading Information Security organizations, was successfully breached in 2011 by exactly this kind of attack. This chapter will walk through the process and tools involved in creating a successful phishing attack as a part of a social engineering assessment, with a view to improving your client’s defenses.

Keywords

Phishing attacks; spear phishing; client side attack

Introduction

In Chapter 8, the topic of leveraging open source intelligence to augment our assessment was discussed. This included the harvesting of corporate e-mail addresses to use in our attacks. In ...

Get Social Engineering Penetration Testing now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Social Engineering Penetration Testing by Gavin Watson, Andrew Mason, Richard Ackroyd

The E-mail Attack Vector

Keywords

Introduction

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly