AntiSpam - kuaj xyuas tus neeg txais / xa tuaj rau lub koob npe nrov.
Thiab, nyob rau hauv txoj kev xav, qhov no txaus, tab sis muaj lwm yam khoom muaj txiaj ntsig zoo sib xws rau lub tuam txhab - cov ntaub ntawv ntawm cov neeg ua haujlwm thiab tus kheej. Nyob rau hauv xyoo tas los no, qhov nrov ntawm hom kev dag hauv Is Taws Nem hauv qab no tau nce zuj zus:
Phishing (Lus Askiv phishing, los ntawm kev nuv ntses - nuv ntses, nuv ntses) - hom kev dag hauv Internet. Nws lub hom phiaj yog kom tau txais cov ntaub ntawv qhia tus neeg siv. Qhov no suav nrog kev nyiag tus password, tus lej credit card, cov txhab nyiaj hauv txhab nyiaj thiab lwm yam ntaub ntawv rhiab heev.
Attackers tab tom txhim kho txoj hauv kev ntawm phishing tawm tsam, hloov pauv DNS thov los ntawm cov chaw nrov, thiab pib tag nrho cov phiaj xwm siv social engineering xa email.
Yog li, txhawm rau tiv thaiv koj tus email lag luam los ntawm phishing, nws raug nquahu kom siv ob txoj hauv kev, thiab lawv siv ua ke ua rau cov txiaj ntsig zoo tshaj plaws:
Kev tiv thaiv cov cuab yeej. Raws li tau hais ua ntej, ntau yam thev naus laus zis tau siv los kuaj xyuas thiab xa mus tsuas yog xa ntawv raug cai.
Kev cob qhia theoretical ntawm cov neeg ua haujlwm. Nws muaj kev sim ua tiav ntawm cov neeg ua haujlwm txhawm rau txheeb xyuas cov neeg raug tsim txom. Tom qab ntawd lawv raug retrained thiab cov txheeb cais raug kaw tas li.
Tsis txhob ntseeg thiab xyuas
Niaj hnub no peb yuav tham txog qhov thib ob txoj hauv kev los tiv thaiv phishing tawm tsam, uas yog kev cob qhia cov neeg ua haujlwm ua haujlwm txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau txhawm rau tiv thaiv phishing. Vim li cas qhov no yuav txaus ntshai?
social engineering - Kev tswj xyuas kev puas siab puas ntsws ntawm tib neeg txhawm rau ua qee yam kev ua lossis nthuav tawm cov ntaub ntawv tsis pub lwm tus paub (nrog rau cov ntaub ntawv kev ruaj ntseg).
Daim duab ntawm ib tug raug phishing nres xa tawm scenario
Cia peb saib ntawm daim ntawv qhia kev lom zem uas piav qhia luv luv txog kev taug kev ntawm phishing phiaj los nqis tes. Nws muaj ntau theem:
Kev sau cov ntaub ntawv tseem ceeb.
Nyob rau hauv lub xyoo pua 21st, nws yog ib qhov nyuaj rau nrhiav tau ib tug neeg uas tsis tau sau npe nyob rau hauv ib tug social network los yog nyob rau hauv ntau yam thematic forums. Lawm, ntau ntawm peb tawm cov ncauj lus kom ntxaws txog peb tus kheej: qhov chaw ua haujlwm tam sim no, pab pawg rau cov npoj yaig, xov tooj, xa ntawv, thiab lwm yam. Ntxiv rau cov ntaub ntawv ntiag tug no hais txog tus neeg nyiam thiab koj muaj cov ntaub ntawv los ua tus qauv phishing. Txawm hais tias peb nrhiav tsis tau cov neeg uas muaj cov ntaub ntawv zoo li no, yeej ib txwm muaj lub tuam txhab lub vev xaib uas peb tuaj yeem nrhiav tau tag nrho cov ntaub ntawv uas peb xav tau (sau email, hu, sib txuas).
Tshaj tawm ntawm kev sib tw.
Thaum koj muaj lub caij nplooj ntoo hlav hauv qhov chaw, koj tuaj yeem siv cov cuab yeej pub dawb lossis them nyiaj los tsim koj tus kheej phiaj xwm phishing. Thaum lub sij hawm xa ntawv, koj yuav sau cov txheeb cais: xa ntawv xa tuaj, xa ntawv qhib, txuas nyem, cov ntawv pov thawj nkag, thiab lwm yam.
Cov khoom lag luam hauv khw
Phishing tuaj yeem siv los ntawm ob tus neeg tawm tsam thiab cov tuam txhab cov ntaub ntawv kev ruaj ntseg cov neeg ua haujlwm txhawm rau ua qhov kev tshuaj xyuas tsis tu ncua ntawm cov neeg ua haujlwm tus cwj pwm. Dab tsi yog kev ua lag luam ntawm kev lag luam dawb thiab kev daws teeb meem rau cov kev cob qhia automated rau cov neeg ua haujlwm hauv tuam txhab muab rau peb:
GoPhish yog qhov qhib qhov phiaj xwm uas tso cai rau koj siv lub phiaj xwm phishing los kuaj xyuas IT kev paub ntawm koj cov neeg ua haujlwm. Kuv yuav xav txog qhov zoo yog qhov yooj yim ntawm kev xa mus thiab cov kev xav tau tsawg kawg nkaus. Qhov tsis zoo yog qhov tsis muaj cov qauv xa ntawv xa tuaj, tsis muaj cov ntawv xeem thiab cov ntaub ntawv qhia rau cov neeg ua haujlwm.
Cov kev daws teeb meem saum toj no tsuas yog ib feem ntawm cov khoom muaj nyob rau ntawm cov neeg ua haujlwm kev cob qhia ua lag luam. Tau kawg, txhua tus muaj nws qhov zoo thiab qhov tsis zoo. Hnub no peb yuav tau paub nrog GoPhish, simulate phishing nres, thiab tshawb nrhiav cov kev xaiv muaj.
GoPhish
Yog li, nws yog lub sijhawm los xyaum. GoPhish tsis raug xaiv los ntawm lub sijhawm: nws yog cov cuab yeej siv tau zoo nrog cov yam ntxwv hauv qab no:
Yooj yim installation thiab pib.
Kev them nyiaj yug REST API. Tso cai rau koj los tsim cov lus nug los ntawm cov ntaub ntawv thiab siv automated scripts.
Yooj yim graphical tswj interface.
Hla-platform.
Pab neeg txhim kho tau npaj ib qho zoo heev qhia ntawm deploying thiab configuring GoPhish. Qhov tseeb, txhua yam koj yuav tsum ua yog mus chaw cia khoom, rub tawm ZIP archive rau cov OS sib xws, khiav cov ntaub ntawv binary sab hauv, tom qab ntawd cov cuab yeej yuav raug teeb tsa.
CEEB TOOM!
Yog li ntawd, koj yuav tsum tau txais cov ntaub ntawv nyob rau hauv lub davhlau ya nyob twg hais txog lub deployed portal, nrog rau cov ntaub ntawv tso cai (tseem ceeb rau versions laus dua version 0.10.1). Tsis txhob hnov qab khaws tus password rau koj tus kheej!
msg="Please login with the username admin and the password <ПАРОЛЬ>"
Nkag siab txog kev teeb tsa GoPhish
Tom qab kev teeb tsa, cov ntaub ntawv teeb tsa (config.json) yuav raug tsim nyob rau hauv daim ntawv teev npe thov. Cia peb piav qhia txog cov kev hloov pauv rau nws:
Thaum peb tau txheeb xyuas qhov xav txog tus neeg tawm tsam thiab cov neeg raug tsim txom, peb yuav tsum tsim ib daim qauv nrog cov lus. Txhawm rau ua qhov no, mus rau "Email Templates" → "Cov Qauv Tshiab" ntu.
Thaum tsim ib tus qauv, siv txoj hauv kev thiab kev muaj tswv yim; cov lus los ntawm cov kev pabcuam yuav tsum tau teev tseg uas yuav paub txog cov neeg siv raug tsim txom lossis yuav ua rau lawv muaj qee yam tshuaj tiv thaiv. Cov kev xaiv ua tau:
lub npe
Template npe
Subject
Tsab ntawv
Text/HTML
Teb rau nkag mus rau cov ntawv nyeem lossis HTML code
Gophish txhawb nqa cov ntawv sau, tab sis peb yuav tsim peb tus kheej. Txhawm rau ua qhov no, peb simulate qhov xwm txheej: ib tus neeg siv lub tuam txhab tau txais tsab ntawv thov kom nws hloov tus password los ntawm nws lub tuam txhab email. Tom ntej no, cia peb txheeb xyuas nws cov lus teb thiab saib peb "ntes".
Peb yuav siv built-in variables nyob rau hauv lub template. Cov ntsiab lus ntxiv tuaj yeem pom nyob rau saum toj no qhia seem Template Siv.
Ua ntej, cia peb thauj cov ntawv hauv qab no:
{{.FirstName}},
The password for {{.Email}} has expired. Please reset your password here.
Thanks,
IT Team
Yog li, tus neeg siv lub npe yuav raug nkag mus rau hauv (raws li yav dhau los teev "Tshiab Pab Pawg" yam khoom) thiab nws qhov chaw nyob xa ntawv yuav raug qhia.
Tom ntej no, peb yuav tsum muab qhov txuas rau peb cov peev txheej phishing. Txhawm rau ua qhov no, taw qhia lo lus "ntawm no" hauv cov ntawv nyeem thiab xaiv "Txuas" kev xaiv ntawm cov tswj vaj huam sib luag.
Peb mam li teeb qhov URL mus rau qhov sib txawv ua ke {{.URL}}, uas peb yuav sau rau tom qab. Nws yuav cia li muab tso rau hauv cov ntawv ntawm phishing email.
Ua ntej txuag tus qauv, tsis txhob hnov qab qhib qhov "Add Tracking Image" kev xaiv. Qhov no yuav ntxiv 1x1 pixel media caij uas yuav taug qab seb tus neeg siv tau qhib email.
Yog li, tsis muaj ntau ntau, tab sis ua ntej peb yuav xaus cov kauj ruam yuav tsum tau tom qab nkag mus rau hauv Gophish portal:
Peb yuav raug ceeb toom kom qhia lub npe ntawm cov khoom. Nws muaj peev xwm mus import qhov chaw. Hauv peb qhov piv txwv, kuv tau sim qhia qhov ua haujlwm lub vev xaib ntawm tus xa ntawv xa ntawv. Raws li, nws tau imported li HTML code (txawm tias tsis tag). Cov hauv qab no yog cov kev xaiv nthuav rau kev ntes cov neeg siv tswv yim:
Capture xa cov ntaub ntawv. Yog tias nplooj ntawv teev npe muaj ntau cov ntaub ntawv nkag, ces tag nrho cov ntaub ntawv yuav raug kaw.
Capture Passwords - ntes cov passwords nkag. Cov ntaub ntawv sau rau GoPhish database tsis muaj encryption, zoo li yog.
Tsis tas li ntawd, peb tuaj yeem siv qhov "Redirect to" kev xaiv, uas yuav hloov tus neeg siv mus rau nplooj ntawv teev npe tom qab nkag mus rau daim ntawv pov thawj. Cia kuv ceeb toom rau koj tias peb tau teeb tsa qhov xwm txheej uas tus neeg siv tau hais kom hloov tus password rau kev lag luam email. Txhawm rau ua qhov no, nws tau muab nplooj ntawv tso cai xa ntawv cuav, tom qab ntawd tus neeg siv tuaj yeem xa mus rau txhua lub tuam txhab muaj peev txheej.
IP ntawm koj tus neeg rau zaub mov GoPhish (yuav tsum muaj peev xwm ncav cuag lub network nrog tus neeg raug tsim txom tus tswv tsev)
Pib Hnub
Hnub pib phiaj xwm
Xa Emails Los ntawm
Hnub kawg ntawm kev sib tw (kev xa ntawv xa tuaj sib npaug)
Xa Profile
Xa ntawv profile
Cov pawg lwm
Pab pawg neeg txais kev xa ntawv
Tom qab pib, peb yeej ib txwm tau paub nrog cov txheeb cais, uas qhia tias: xa cov lus, qhib cov lus, nyem rau ntawm qhov txuas, sab laug cov ntaub ntawv xa mus rau spam.
Los ntawm cov txheeb cais peb pom tias 1 cov lus tau xa, cia peb kuaj cov ntawv xa los ntawm tus neeg txais kev pab sab:
Tseeb tiag, tus neeg raug tsim txom tau txais ib qho email phishing nug nws kom ua raws li qhov txuas los hloov nws tus lej account tus neeg siv khoom. Peb ua raws li qhov kev thov, peb raug xa mus rau Cov Ntawv Tshaj Tawm, ua li cas txog cov txheeb cais?
Yog li ntawd, peb cov neeg siv tau nyem rau ntawm qhov txuas phishing, qhov twg nws tuaj yeem tso nws cov ntaub ntawv tus account.
Tus sau ntawv: cov txheej txheem nkag cov ntaub ntawv tsis tau sau tseg vim yog siv qhov kev sim layout, tab sis muaj qhov kev xaiv ntawd. Txawm li cas los xij, cov ntsiab lus tsis yog encrypted thiab khaws cia hauv GoPhish database, thov nco ntsoov qhov no.
Es tsis txhob ib tug xaus
Niaj hnub no peb tau chwv cov ncauj lus tam sim no ntawm kev ua haujlwm automated rau cov neeg ua haujlwm txhawm rau tiv thaiv lawv los ntawm phishing tawm tsam thiab txhim kho IT kev paub hauv lawv. Gophish tau siv los ua qhov kev daws teeb meem pheej yig, uas pom tau tias muaj txiaj ntsig zoo ntawm lub sijhawm xa mus thiab qhov tshwm sim. Nrog rau cov cuab yeej siv tau no, koj tuaj yeem tshawb xyuas koj cov neeg ua haujlwm thiab tsim cov ntawv ceeb toom ntawm lawv tus cwj pwm. Yog tias koj txaus siab rau cov khoom no, peb muab kev pabcuam hauv kev xa nws thiab tshuaj xyuas koj cov neeg ua haujlwm ([email tiv thaiv]).
Txawm li cas los xij, peb yuav tsis tso tseg ntawm kev tshuaj xyuas ib qho kev daws teeb meem thiab npaj mus txuas ntxiv lub voj voog, qhov twg peb yuav tham txog Enterprise cov kev daws teeb meem rau automating txheej txheem kev cob qhia thiab saib xyuas cov neeg ua haujlwm ruaj ntseg. Nyob nrog peb thiab ceev faj!