What We Talk About When We Talk About Phishing
Phishing, spam and deceptive email has proven to be among the most pernicious of the security challenges we face, and yet as a form of attack, it's often conducted successfully by attackers with the least of means. This talk looks at the economic story of phishing- reasons and methods the education sector is targeted, drawing from experiences in UCD (what phishers do with the accounts and data they harvest), and viable strategies to address phishing. We also look at the attackers themselves, and the market forces that enable phishing to be a profitable activity.
The talk draws from experiences at UCD, in particular, work in response to recent targeted phishing attacks, and reports from external collaborators and service providers that use UCD identities. We also draw from the experiences of Vodafone in Ghana, where the deployment of community based internet cafe's has seen a rise in entrepreneurial activity, some of it phishing based.