Presentation is loading. Please wait.

Presentation is loading. Please wait.

King Phisher Diy phishing security

Published byMeagan McKinney Modified over 6 years ago

Similar presentations

Presentation on theme: "King Phisher Diy phishing security"— Presentation transcript:

1 King Phisher Diy phishing security
Paul Wilson & Nick Haws, Dixon public Schools #170

2 Phishing Defined  Phishing is a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in , IM or other communication channels. Spear phishing is an attack designed for a specific person or group. Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.

3 Are School Districts Really a Target?
In January 2017, an Illinois district was spear-phished resulting in the disclosure of 400 Social Security Numbers. The district provided affected employees with SSN monitoring tools. The s were determined to have originated in Russia. May 3rd, Google-based phish led to many educators and administrators in the state disclosing their Google passwords. Morton School District

4 Phishing Defense 1) Educating employees 2) Restricting Access
Ensure that employees are aware of the possibility of phishing and the dangers of downloads. 2) Restricting Access Keep access to sensitive files locked down to only necessary employees. 3) Backups Maintain (and TEST) healthy backups. 4) Good security Strong passwords, up to date security software, and physical protection

5 Why DIY? Consulting firms can charge $12 per user or more annually for their services. We were able to use an old server, free software, about a week of one person’s time. Set up time could be as little as a day if you already have the web domain, knowledge of SMTP, and basic web design skills.

6 What is King Phisher? King Phisher is an open-source, free phishing campaign toolkit. It was part of our larger effort to educate our employees and breed a sense of skepticism when asked for sensitive information. King Phisher is a tool for testing and promoting user awareness by simulating real world phishing attack Comprehensive tool with templates provided Features an easy to use, yet flexible architecture allowing full control over both s and server content Good Documentation and Interface Can be used to run campaigns ranging from simple awareness training to more complicated scenarios in which user aware content is served for harvesting credentials

7 Minimum Requirements A minimum of 2048 MB of RAM and at least a CPU with 2 cores running at 1.5 GHz is sufficient. Furthermore, the hard disk should have enough space to accommodate the database and the web server, if on the same box. We used the Hyper-V default of 140GB, although it could run on far less. The client can be run on Linux or Windows. Linux does provide more available options. Server and client can be hosted on the same box, but it is not required.

8 Server Setup Installing King Phisher is as easy as downloading the appropriate installer from GitHub into your server King Phisher uses the packaged web server that comes standard with Python making configuring a separate instance unnecessary. We used a Hyper-V Linux server utilizing Ubuntu v17.04 Utilized a domain we had previously purchased for a web server Updated DNS records and Firewall to get server online(GoDaddy and Cisco ASA in our environment) The King Phisher client (if separate) connects over SSH to the server for communication The server needs to be configured with a database which is used to store campaign information. PostgreSQL is used in the install and is recommended Note that the domain was not previously used, so there should have been no recognition on the part of the staff.

9 SMTP In order for the King Phisher server to send s, it needs to be configured with an SMTP server. This SMTP server is often either an open relay that the client can connect to or another SMTP server that can forward messages which typically requires the user to authenticate. Updated server to allow to flow(Added a Connector to our Microsoft 365 Exchange Configuration) The SMTP server that the King Phisher client connects to can be a different system than the King Phisher server. The two systems and connections are managed independently from each other and while the SMTP server can be installed on the same system as the King Phisher server, it is not necessary to do so.

10 Campaign Setup Select and Modify an email template
Setup web landing page Import rosters Set timeline for campaign Launch Campaign

11 Templates

12 Web Landing Page Fully customizable. On Linux you can also clone an existing website with only a few clicks.

13 Our own touch Jinja allows for easy HTML handles.

14 Setup Web Landing Page

15 3…2…1…Go! No one can get to the harvest page accidentally.

16 Catch of the Day Only grabs information you set it to take.

17 You can customize your dashboard, this is the format we chose
You can customize your dashboard, this is the format we chose. The data is fully exportable.

18 Spring 2017 Phishing Campaign Results
Generic Help Desk memo sent to all staff Campaign run over 4 days in May 273 Staff opened the 53 staff members clicked on the link in the 43 staff members entered their credentials 11.1% of staff fully comprised their accounts

19 Follow-up The phishing itself generated a good amount of conversation among staff A follow-up provided full disclosure about the campaign to all staff Individual staff results from the campaign are kept confidential Follow-up information s are focused on: Explaining what phishing is Explaining that although we have security systems in place, staff need to be vigilant Enforcing the idea that all staff need to be skeptical of s with links and asking for user data to be entered

20 Questions?

Download ppt "King Phisher Diy phishing security"

Similar presentations

LeadManager™- Internet Marketing Lead Management Solution May, 2009.

LeadManager™- Internet Marketing Lead Management Solution May, 2009.
“ I didn’t know LGfL did that! ” Making the most of your LGfL connection Nick Shea Sales Manager Tel: 01689 814700

“ I didn’t know LGfL did that! ” Making the most of your LGfL connection Nick Shea Sales Manager Tel:
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
2.1 © 2004 Pearson Education, Inc. Exam 70-290 Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 2: Installing Windows Server.

2.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 2: Installing Windows Server.
Web Server Administration

Web Server Administration
Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?

Web Servers How do our requests for resources on the Internet get handled? Can they be located anywhere? Global?
Broadcast email service Core tools. Agenda 1.Introduction – email tool and its main features 2.Setting up and sending a simple broadcast email 3.Achieving.

Broadcast service Core tools. Agenda 1.Introduction – tool and its main features 2.Setting up and sending a simple broadcast 3.Achieving.
Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.

Sharepoint Portal Server Basics. Introduction Sharepoint server belongs to Microsoft family of servers Integrated suite of server capabilities Hosted.
1 New : Create your own message starting from scratch 2 New From Template: add professionally designed templates provided exclusively by Gorilla Contact.

1 New : Create your own message starting from scratch 2 New From Template: add professionally designed templates provided exclusively by Gorilla Contact.
Hosted Exchange 2007. The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender.

Hosted Exchange The purpose of this Startup Guide is to familiarize you with ExchangeDefender's Exchange and SharePoint Hosting. ExchangeDefender.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
DB2 (Express C Edition) Installation and Using a Database

DB2 (Express C Edition) Installation and Using a Database
Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in 2009. We create innovative software solutions for SharePoint,

Acceleratio Ltd. is a software development company based in Zagreb, Croatia, founded in We create innovative software solutions for SharePoint,
6/1/2001 Supplementing Aleph Reports Using The Crystal Reports Web Component Server Presented by Bob Gerrity Head.

6/1/2001 Supplementing Aleph Reports Using The Crystal Reports Web Component Server Presented by Bob Gerrity Head.
OM. Brad Gall Senior Consultant

OM. Brad Gall Senior Consultant
Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.

Chapter-4 Windows 2000 Professional Win2K Professional provides a very usable interface and was designed for use in the desktop PC. Microsoft server system.
Introduction to HP LoadRunner Getting Familiar with LoadRunner >>>>>>>>>>>>>>>>>>>>>> www.softwaretestinggenius.com

Introduction to HP LoadRunner Getting Familiar with LoadRunner >>>>>>>>>>>>>>>>>>>>>>
Back to content Final Presentation Mr. Phay Sok Thea, class “2B”, group 3, Networking Topic: Mail Client “Outlook Express” *At the end of the presentation.

Back to content Final Presentation Mr. Phay Sok Thea, class “2B”, group 3, Networking Topic: Mail Client “Outlook Express” *At the end of the presentation.
Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.

Instant Messaging for the Workplace A pure collaborative communication tool that does not distract users from their normal activities.
Customer Service and Support Sutherland Global Services Consultant Learning Services Microsoft Store.

Customer Service and Support Sutherland Global Services Consultant Learning Services Microsoft Store.

Similar presentations

Ads by Google