2024-11-11 –, WestIn - Partenkirchen
It often doesn't take much for a phishing email to fool its victim, but that doesn't mean there isn't more to it: This talk will look at technical attacks on email that have the potential to elevate the risk of phishing attacks - if that was even necessary - and discuss what it would take to mitigate these attacks.
Kobold letters use CSS selectors to hide messages in an email, only to reveal them once the email has been forwarded. This allows for two-stage phishing attacks that exploit the trust placed in the message by being forwarded from a trusted sender. Common awareness strategies do not address this issue as the forwarder is legitimate.
A second vulnerability, undisclosed at the time of submission, provides attackers with similar opportunities, but using a different technical approach that bypasses any lessons learned from Kobold letters.
email,phishing
Konstantin Weddige is a penetration tester and co-founder of Lutra Security. His focus is on application security, while his interests cover a wide range of topics in information security in general. He is motivated by the desire to help people understand cybersecurity risks and to make the Internet a safer place, one vulnerability at a time.