RVAsec 2022 has ended
Streaming: https://mssvideo.vcu.edu/RVAsec
Back To Schedule
Thursday, June 16 • 4:00pm - 4:50pm
Warning: This Message Originated from Outside of Your Organization

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This talk is meant to highlight how end users have become desensitized to the ominous warning banners atop external emails, and can fall victim to phishing emails that abuse the trust in large, well-known organizations. The talk will run through examples of how threat actors can anonymously utilize built-in functionality to send phishing emails that originate from trusted, big-name, companies. These malicious emails genuinely originate from the large service provider’s email servers, and pass SPF, DMARC and DKIM security checks. The end-goal of this discussion that the risk is given more attention, and user awareness campaigns, technical email monitoring controls, and corporate communication strategies can take these risks into account.

avatar for Nicholas Popovich

Nicholas Popovich

Amateur Crastinator, RVAsec Community Member
Nick Popovich's passion is learning and exploring technology ecosystems, and trying to find ways to utilize systems in unexpected ways. He works as a Red Team operator, trying to raise the overall security posture of organizations through adversarial simulation. Nick's mission is... Read More →

Thursday June 16, 2022 4:00pm - 4:50pm EDT