SC Congress is a top-tier Canadian annual online security conference in Toronto.
Sat in on Derrick Webber’s keynote, a good overview of the current state of things, and then he simulated some attacks.
The attack is he’s sent the target a phishing email that contains a link he wants them to click (“This is Gmail, change your password right away”). He’s cloned the Gmail login page, and then captures the victim’s password.
The defence against phishing emails and social engineering like this, is to listen to your gut, and to look closely at the URL you’re about to click.
Got some good blog post ideas, some great NFC content (don’t walk around with it turned on), and as always, the cocktail party is the most fun part. Nice to see some old faces, and good meeting new ones.