So first off, what is enterprise fishing enterprise fishing?

As a cybercrime, which is designed to lure individuals, groups of audiences companies into giving up sensitive information or making them take some sort of unwanted action?

That could be something as simple as clicking on a link, having somebody download malware into even calendar phishing as well.

So this can happen to everybody.

Check your spam folder.

I'm sure you've gotten a few, at least some point in the last few years.

Enterprises can get hit the worst.

This is a generally pretty easy way to get a foothold into a network and should definitely not be looked at or overstated by enterprises.

So here's a quick, dirty example around what a phishing email might look like.

So in this one, it's more of a scare tactic type of email, which is saying that your account has been potentially compromised, but we've stopped it.

Please go ahead and click here to update your password immediately looks.

A lot of looks a little funny.

It security has got a little bit too much space in the bottom.

Again, it's very plain Jane email.

However, you'd be surprised at how often something like this works in something just as simple as making it look like something from I.T., from the security team, from anything like that to update a password.

It takes a little bit more trust because it might potentially be sent over by I.T. or security or I.T. security in this case.

The inherent trust that's done to update the password immediately, along with the information around, you know, a fake IP address, the look, the location is fake, things like that.

But the instant types take a look over by somebody untrained at this.

This can be very deceiving.

So there are way more than two different types of phishing attacks, but I'm going to leave two of the bigger ones here, which is mass phishing.

So this is something that we're targeting a large group of people.

This could be something as specific, you know, we're in the middle of COVID now.

So this could be something as simple as a COVID related email that might be relevant to a bunch of people.

Something as simple as, you know, extra for one K stuff for a company benefits things like that that could be applicable to large audiences where you're not targeting a specific group or person.

Now, spear phishing is normally very, very targeted, and you're performing a lot of research around what the target is, the interests of the target, whether that's the target as a group.

So it can be a group or a specific team like a development team, H.R. team, things like that.

And that can be still fall under spear phishing as long as it's targeted for a specific audience.

Now this is where things really get dangerous because spear phishing is not just email related.

So it's important to understand that in this course, we'll be going over the email based.

But things like Slack, WebEx, Microsoft Teams, any sort of communication platform can be brought up as a spear phishing attack.

And you'd be surprised at how easily it is to get people to download and click on links and instant message chats.

Similar to the types of phishing, there are different types of payloads.

I'm using two basic examples here.

There are plenty more link based, you know, click here and click me things like that where you just trying to get somebody to click on some sort of link as well as malware based.

So review the attachment.

Please follow these steps to download this particular malware.

Things like that, or an update in that case wouldn't actually be malware to the user.

They wouldn't know it yet.

So generally comes under the two types of payloads, and what all be focusing on here is link based payload.

Because we're going to be going into sort of like a proxy ish to a back end for a particular website.

So what we were able to bypass to a phase, so in our case link basis what we're going to be going over.

So this is used a lot and red team operations, so it's generally the quickest way into the network to gain our foothold.

This could be something as simple as, you know, abusing the fact that a company might use octa or some other off the platform.

And that's generally a very easy way to get through the front door.

It could be something is compromising somebody a G Suite account.

It's difficult to identify the source because the way we're going to design this setup is entirely be done inside of us.

So it's scalable and customizable and reusable.

So it makes it really difficult to figure out who the actual attackers from from the company's perspective.

So because of that, we can change payloads, attack types, emails who we send it to all on the click of a button and we can either we're going to be working on different ways to automate it as well.

In this course, the last bit here is it plays on the human element of security.

Now, some of the weakest links in enterprises is the human element.

It's something that is we can we can train everybody we can make.

We can reach fast.

We can retrain.

But at the end of the day, there's going to be times where and we've all had it, where there's going to be.

You're not going to be in the right frame of mind.

Something's going to distract you, you're going to breeze over it.

It's something that's very, very simple to walk through and see happen on a daily basis.

And with the attackers, we only have to get lucky one time.

Everybody else, the enterprise has to be lucky all the time to not get compromised.

Some of the defenses that are in place again, not a complete list is keyword filtering, which is going to be vital from the emails perspective.

The domain age, which is something that a lot of people don't think about.

You can't just go and buy a brand new domain that that matches pretty close to the target, like a fixed FedEx one or a fake Facebook one, things like that.

Normally there's a 30 day age limit before emails end up in people's inboxes, and a lot of individuals don't know that.

So the other half here is email server reputation, right?

So if you have a new email server that you set up yourself, you're not going to have a reputation yet.

No, that can be good or bad.

They can swing either way.

So the better the reputation, the better odds are it's going to end up in your inbox.

However, there are.

It's important to keep in mind that some platforms like Digital Ocean, for example, does not have very high email server reputations, so it's sending out emails from that platform will end up in the spam folder.

Far often than not, the other one is two or three.

Now we'll talk about how we can abuse this later in the course to not really have to worry about it at all, but also how it can be.

There is a version of it which will defend against this type of attack.

In the last one, is you the human element paying attention to the emails, checking the links, making sure they're sent the right way?

Does the email look funny?

Reporting it just in case these are all things that are the defenses in place for most enterprises?

Again, not a complete list of details here, but this was enough to get you wrong.

So in the next video, we'll be going over specifically on what to offer is and how it's going to work with us.