9/20 – Auditing Your Organization’s Phishing Defenses, Learn to Identify the Threat

9/20 – Auditing Your Organization’s Phishing Defenses, Learn to Identify the Threat
September 20, 2017 @ 6:00 pm – 8:30 pm
Las Olas Riverhouse
333 Las Olas Way
Fort Lauderdale, FL 33301
29.00 - Members, 39 - Non Members ( 49.00 day of event)
Alexis Perdereaux-Weekes
9/20 - Auditing Your Organization’s Phishing Defenses, Learn to Identify the Threat @ Las Olas Riverhouse | Fort Lauderdale | Florida | United States

ISACA South Florida Dinner Learn and Network Series – September 20th, 2017

The guest speaker at this event is Roberto Valdez of Kaufman Rossin

Topic: An IT Auditor’s approach to defending your Organization’s Network against Phishing Threats.

Phishing attacks use social engineering techniques mixed with technical tricks to fool the user and steal sensitive information and banking account credentials. Social engineering schemes are typically based on spoofed emails to lead users to visit infected websites designed to appear as legitimate ones. The websites are designed to lead customers to divulge financial data, such as account usernames, credit card numbers, passwords, and social security numbers.

The technical subterfuges are various and usually involve the use of malware specifically designed to steal credentials from victims while hiding evidence of the attack.

Phishing schemas can be more or less complicated. Many variants of the attack are described in the literature. Here are some of the most famous ones:

  • User receives deceptive email messages that appear to be sent from a legitimate source, such as a business partner, that contain an explicit request to verify account information with a web service, without which the account will be suspended.
  • Users are encouraged to visit fake websites that can be similar in appearance to legitimate sites. When a user visits the compromised website, malicious software can be downloaded automatically to his computer. Typically, the malware installed records the credentials used by the users to access to target services (e.g., banking), sending them to the command and control servers managed by the attackers.
  • User receives messages from false charities that request direct donations in cash.
  • Users of a social network platform receive messages, apparently from the platform, that contain a link leading them to a compromised website. The compromised website could download a malicious application onto the victim’s machine to steal sensible information or it could offer a web form that appears to belong to a legitimate site that request authentication data. This form of phishing is also known as social phishing

CPE Credits: 2

Fees:  $29  Members, non members $39.00 (More at door/ after September 19th, 2017 6:01pm EST)

Thursday September 20th, 2017 6:00 PM  –  9:00 PM

Las Olas River House, Downtown Fort Lauderdale, Florida
333 Las Olas Way
Fort Lauderdale, FL 33301

Dress Code
Business Attire

Registration Deadline
Wednesday September 19th, 2017 6:00 PM