Resurrection of the Data Entry Attack presented at CISOSoCal 2014

by Aaron Higbee,

Summary : Since the 1990s, data entry-based attacks have been utilized to socially engineer credentials from users for network access. There was a period of time when they were forgotten or overlooked by information security teams due to the prevalence of Trojans, worms, DDoS and other malware attacks. As reported in recent high-profile breaches, data entry attacks are back in fashion. This session will provide some history, highlight examples, and demonstrate the latest techniques to develop and detect data entry-based phishing attacks.