Phishing Statistics And Intuitive Enumeration Of Hosts And Roles presented at ShmooCon 2009

by Sean Palka,

Tags: Security Statistics Phishing

Summary : Slides
Organizations often shy away from including phishing in their security testing, primarily because it's difficult to get reliable statistics. However, by employing a tagging process, testers can map sent e-mails with received responses, and build useful reports. Additionally, this information can be used to develop knowledge of social roles in the organization, as well as for identifying useful targets.
Sean Palka, an Associate at Booz Allen Hamilton, has contributed as a reviewer to the IEEE Transactions on Pattern Analysis and Machine Intelligence and has published a paper on biometrics vulnerabilities for the IEEE Conference on Biometrics: Theory, Applications and Systems. Mr. Palka has professional experience in a variety of fields, including software development, cryptography, and airspace information management. Mr. Palka currently works as a penetration tester and wargame scenario developer.