Avanan's CEO Gil Friedrich was featured in an episode of the Hacking Humans podcast. The podcast, part of The Cyberwire, discusses social engineering. In the podcast, Friedrich discusses Avanan's discovery of a legitimate pension fund uses fraudulent phishing tactics. As he says:
Most phishing attacks, you know, it's just thieves on the other side that, you know - you lost your money if you fall for the scam. In this case, the end result wasn't necessarily fraudulent, but everything leading to it was - you know, you had impersonation, using someone else's name, you know, not really revealing who you are in the first email, et cetera. They also - once they started to see that they were getting blocked, this is where they got to - really, what we see from phishing attacks - so changing their domains, changing the sending IP and so on and so forth so that any filter that is trying to block them, you know, will fail. This is when they became a moving target. So everything about them other than the end result looks very much like a phishing attack.
Listen to the rest of the episode below.
