Reel Big Phish: Hunting For Badness in a Sea of Noise
We’d like to believe we’d never fall victim to a phishing scam (or that our current processes are enough to keep one from hitting inboxes). After all, some campaigns are hastily put together and intentions can appear obvious. However, credential phishing attacks leverage various lures and pretexts to trick victims into visiting malicious websites that mimic legitimate services, with the goal of coaxing victims into providing sensitive data, and these techniques can even dupe the most seasoned professionals under the right circumstances.
Despite our best efforts, cybercriminals can and do evolve, while still using relatively simple and cheap techniques. Regardless of prior knowledge or past experience, bad actors can purchase access to phishing kits, acquire cheap hosting with easy to use control panels, and free (or cheap) domains.
This begs the question, “what can be done?” While this webinar is not a panacea, Kai B., a security researcher and lecturer at Boston University and Sean McNee, PhD., will offer several strategies to hunt bad domains leveraging cutting edge tools from modern machine learning and DomainTools Iris Detect.
In this webinar, you’ll learn:
- How to use an initial IOC to identify further suspicious activity
- Vector-spaced representations of domains, dimensionality reduction, and clustering
- Per topic keyword selection and pivoting
- How to leverage this collection of models and tools to identify practical signatures and search patterns in DomainTools Iris Detect