AppSec USA 2017 has ended
View analytic
Friday, September 22 • 3:30pm - 4:15pm
Beyond Takeover – Attacker’s in. Now what?

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.

We have been conducting ongoing research on the dynamics of credential theft. Our intent was to learn about how accounts are being taken over once credentials are compromised through a Phishing campaign. It is a "victim's POV" approach to Phishing research that has not been taken to date.

In our "beyond takeover" research, we maintained 57 fake identities through a period of 6 months in platforms well-known as phishing targets like Google and Facebook. We invited attackers in by admitting the credentials of these accounts to selected phishing campaigns and traced the activity of the attackers in the accounts.

In this session, we will share our findings from this research. We will present takeover stories and some statistics for interesting questions. After falling into a phishing trap and giving one's password to a fake site, how long does is take until someone will actually get into his or her account for the first time? What does the attacker look for in the hacked account? Where do they look first and which decoys attract their attention? Which security practices do attackers use when sniffing out a hacked account (hiding their geo-location or covering their tr

avatar for Itsik Mantin

Itsik Mantin

Director of Security Research, Imperva
Mantin is a Director of Security Research at Imperva, leading research on cyber threats and innovative security technology. | Over the last 17 years Mantin has been researching, innovating and problem solving in various security-related domains, including cyber threats on data... Read More →

Friday September 22, 2017 3:30pm - 4:15pm
Coronado K

Attendees (35)