The high-stakes cat-and-mouse game of phishing

Phishing has evolved both in the TTPs of attackers, and their targets. No longer is re-hosting scraped HTML enough, the tooling to launch a phishing campaign to steal credentials and sessions while bypassing MFA are constantly evolving.

So too must the defenses. Early last year we released an open-source phishing detection as part of the Canarytokens.org project, and it became more popular than we ever could have imagined. We are protecting over an average of 100 logins every single second. While it’s nice to see defenders are waking up to this problem that accounts for a majority of all breaches these days, alas, it’s not just the blue teams paying attention.

This talk will bring the audience up to speed on the evolving game of cat-and-mouse between phishing tools, detections; and the high-stakes battle over our digital identities. Come to learn the impressive lengths attackers will go for a session token, and how defenders can try and stay a (half-)step ahead…