Omen: identifying potential spear-phishing targets before the email is sent.

PDF Version Also Available for Download.

Description

We present the results of a two year project focused on a common social engineering attack method called %22spear phishing%22. In a spear phishing attack, the user receives an email with information specifically focused on the user. This email contains either a malware-laced attachment or a link to download the malware that has been disguised as a useful program. Spear phishing attacks have been one of the most effective avenues for attackers to gain initial entry into a target network. This project focused on a proactive approach to spear phishing. To create an effective, user-specific spear phishing email, the attacker ... continued below

Physical Description

42 p.

Creation Information

Wendt, Jeremy Daniel July 1, 2013.

Context

This report is part of the collection entitled: Office of Scientific & Technical Information Technical Reports and was provided by UNT Libraries Government Documents Department to Digital Library, a digital repository hosted by the UNT Libraries. More information about this report can be viewed below.

Who

People and organizations associated with either the creation of this report or its content.

Sponsor

Publisher

  • Sandia National Laboratories
    Publisher Info: Sandia National Laboratories (SNL-NM), Albuquerque, NM (United States)
    Place of Publication: Albuquerque, New Mexico

Provided By

UNT Libraries Government Documents Department

Serving as both a federal and a state depository library, the UNT Libraries Government Documents Department maintains millions of items in a variety of formats. The department is a member of the FDLP Content Partnerships Program and an Affiliated Archive of the National Archives.

Contact Us

What

Descriptive information to help identify this report. Follow the links below to find similar items on the Digital Library.

Description

We present the results of a two year project focused on a common social engineering attack method called %22spear phishing%22. In a spear phishing attack, the user receives an email with information specifically focused on the user. This email contains either a malware-laced attachment or a link to download the malware that has been disguised as a useful program. Spear phishing attacks have been one of the most effective avenues for attackers to gain initial entry into a target network. This project focused on a proactive approach to spear phishing. To create an effective, user-specific spear phishing email, the attacker must research the intended recipient. We believe that much of the information used by the attacker is provided by the target organization's own external website. Thus when researching potential targets, the attacker leaves signs of his research in the webserver's logs. We created tools and visualizations to improve cybersecurity analysts' abilities to quickly understand a visitor's visit patterns and interests. Given these suspicious visitors and log-parsing tools, analysts can more quickly identify truly suspicious visitors, search for potential spear-phishing targeted users, and improve security around those users before the spear phishing email is sent.

Physical Description

42 p.

Language

Item Type

Identifier

Unique identifying numbers for this report in the Digital Library or other systems.

  • Report No.: SAND2013-5511
  • Grant Number: AC04-94AL85000
  • Office of Scientific & Technical Information Report Number: 1093687
  • Archival Resource Key: ark:/67531/metadc827960

Collections

This report is part of the following collection of related materials.

Office of Scientific & Technical Information Technical Reports

What responsibilities do I have when using this report?

When

Dates and time periods associated with this report.

Creation Date

  • July 1, 2013

Added to The UNT Digital Library

  • May 19, 2016, 9:45 a.m.

Description Last Updated

  • June 17, 2016, 3:22 p.m.

Usage Statistics

When was this report last used?

Yesterday: 0
Past 30 days: 0
Total Uses: 9

Interact With This Report

Here are some suggestions for what to do next.

Start Reading

PDF Version Also Available for Download.

Citations, Rights, Re-Use

Wendt, Jeremy Daniel. Omen: identifying potential spear-phishing targets before the email is sent., report, July 1, 2013; Albuquerque, New Mexico. (digital.library.unt.edu/ark:/67531/metadc827960/: accessed September 24, 2017), University of North Texas Libraries, Digital Library, digital.library.unt.edu; crediting UNT Libraries Government Documents Department.