çŸåšããããã¯ãŒã¯ç®¡çè ãæ å ±ã»ãã¥ãªã㣠ãšã³ãžãã¢ã¯ãäŒæ¥ãããã¯ãŒã¯ã®å¢çãããŸããŸãªè åšããä¿è·ããããã«å€å€§ãªæéãšåŽåãè²»ãããã€ãã³ããé²æ¢ããã³ç£èŠããããã®æ°ããã·ã¹ãã ãç¿åŸããŠããŸãããããã§ãå®å šãªã»ãã¥ãªãã£ãä¿èšŒãããããã§ã¯ãããŸããã ãœãŒã·ã£ã« ãšã³ãžãã¢ãªã³ã°ã¯æ»æè ã«ãã£ãŠç©æ¥µçã«äœ¿çšãããŠãããé倧ãªçµæãããããå¯èœæ§ããããŸãã
ãã¹ã¿ããåãã«æ å ±ã»ãã¥ãªã㣠ãªãã©ã·ãŒã®ãã¹ããå®æœã§ãããããã®ã«ããšäœåºŠèããããšãããã§ããããã æ®å¿µãªãããå€åæéå ã§ã®å€§éã®ã¿ã¹ã¯ãéãããæéãšãã圢ã§ãæèã¯èª€è§£ã®å£ã«ã¶ã€ãããŸãã ç§ãã¡ã¯ã人æãã¬ãŒãã³ã°ã®èªåååéã«ãããææ°ã®è£œåãšãã¯ãããžãŒã«ã€ããŠããã€ããããå®è£ ã®ããã®é·æéã®ãã¬ãŒãã³ã°ãå¿ èŠãšããããã¹ãŠãé çªã«èª¬æããäºå®ã§ãã
çè«çåºç€
çŸåšãæªæã®ãããã¡ã€ã«ã® 80% 以äžãé»åã¡ãŒã«çµç±ã§é åžãããŠããŸã (ããŒã¿ã¯ãã€ã³ããªãžã§ã³ã¹ ã¬ããŒã ãµãŒãã¹ã䜿çšããŠãéå» XNUMX 幎éã«ãã§ã㯠ãã€ã³ãã®å°é家ããå¯ããããã¬ããŒãããååŸãããã®ã§ã)ã
æªæã®ãããã¡ã€ã«ã®é åžã®æ»æãã¯ãã«ã«é¢ããéå» 30 æ¥éã®ã¬ããŒã (ãã·ã¢) - Check Point
ããã¯ãé»åã¡ãŒã« ã¡ãã»ãŒãžã®ã³ã³ãã³ããæ»æè ã«ããæªçšã«å¯ŸããŠéåžžã«è匱ã§ããããšã瀺åããŠããŸãã æ·»ä»ãã¡ã€ã«å ã®æãäžè¬çãªæªæã®ãããã¡ã€ã«åœ¢åŒ (EXEãRTFãDOC) ãèæ ®ãããšããããã«ã¯ååãšããŠãã³ãŒãå®è¡ã®èªåèŠçŽ (ã¹ã¯ãªããããã¯ã) ãå«ãŸããŠããããšã¯æ³šç®ã«å€ããŸãã
åä¿¡ããæªæã®ããã¡ãã»ãŒãžã®ãã¡ã€ã«åœ¢åŒã«é¢ãã幎次ã¬ããŒã - Check Point
ãã®æ»æãã¯ãã«ã«ã©ã察åŠããã°ããã§ãããã? ã¡ãŒã«ã®ãã§ãã¯ã«ã¯ã»ãã¥ãªã㣠ããŒã«ã®äœ¿çšãå«ãŸããŸãã
-
ã¢ã³ããŠã€ã«ã¹ â è åšã®ã·ã°ããã£æ€åºã
-
ãšãã¥ã¬ãŒã·ã§ã³ - æ·»ä»ãã¡ã€ã«ãéé¢ãããç°å¢ã§éãããã®ãµã³ãããã¯ã¹ã
-
ã³ã³ãã³ãã®èªè â ããã¥ã¡ã³ãããã¢ã¯ãã£ããªèŠçŽ ãæœåºããŸãã ãŠãŒã¶ãŒã¯ãã¯ãªãŒã³ã¢ãããããããã¥ã¡ã³ã (é垞㯠PDF 圢åŒ) ãåãåããŸãã
-
ã¢ã³ãã¹ãã â åä¿¡è /éä¿¡è ã®ãã¡ã€ã³ã®è©å€ã確èªããŸãã
ãããŠãçè«çã«ã¯ããã§ååã§ãããäŒç€Ÿã«ãšã£ãŠã¯ãã XNUMX ã€åæ§ã«è²ŽéãªãªãœãŒã¹ããããŸããããã¯ãäŒæ¥ããŒã¿ãšåŸæ¥å¡ã®å人ããŒã¿ã§ãã è¿å¹Žã次ã®ãããªã€ã³ã¿ãŒãããè©æ¬ºãçãã«è¡ãããŠããŸãã
ãã£ãã·ã³ã° ïŒè±èªã®ãã£ãã·ã³ã°ãé£ã - é£ããé£ãããïŒ - ã€ã³ã¿ãŒãããè©æ¬ºã®äžçš®ã ãã®ç®çã¯ããŠãŒã¶ãŒèå¥ããŒã¿ãååŸããããšã§ãã ããã«ã¯ããã¹ã¯ãŒããã¯ã¬ãžãã ã«ãŒãçªå·ãéè¡å£åº§ããã®ä»ã®æ©å¯æ å ±ã®çé£ãå«ãŸããŸãã
æ»æè ã¯ãã£ãã·ã³ã°æ»æã®ææ³ãæ¹è¯ãã人æ°ã®ãããµã€ãããã® DNS ãªã¯ãšã¹ãããªãã€ã¬ã¯ããããœãŒã·ã£ã« ãšã³ãžãã¢ãªã³ã°ã䜿çšããŠé»åã¡ãŒã«ãéä¿¡ãããã£ã³ããŒã³å šäœãéå§ããŠããŸãã
ãããã£ãŠãäŒæ¥é»åã¡ãŒã«ããã£ãã·ã³ã°ããä¿è·ããã«ã¯ã次㮠XNUMX ã€ã®ã¢ãããŒãã䜿çšããããšããå§ãããŸããããããçµã¿åãããŠäœ¿çšââããããšã§æè¯ã®çµæãåŸãããŸãã
-
æè¡çãªä¿è·ããŒã«ã åè¿°ããããã«ãæ£åœãªã¡ãŒã«ã®ã¿ããã§ãã¯ããŠè»¢éããããã«ãããŸããŸãªãã¯ãããžãŒã䜿çšãããŠããŸãã
-
çè«çãªäººæè²æã ããã¯ãæœåšçãªç ç²è ãç¹å®ããããã®è·å¡ã®å æ¬çãªæ€æ»ã§æ§æãããŸãã ãã®åŸãåãã¬ãŒãã³ã°ãããçµ±èšãåžžã«èšé²ãããŸãã
ä¿¡çšããŠç¢ºèªããªãã§ãã ãã
ä»æ¥ã¯ããã£ãã·ã³ã°æ»æãé²ãããã® XNUMX çªç®ã®ã¢ãããŒããã€ãŸããäŒæ¥ããŒã¿ãšå人ããŒã¿ã®å šäœçãªã»ãã¥ãªã㣠ã¬ãã«ãé«ããããã®äººæãã¬ãŒãã³ã°ã®èªååã«ã€ããŠèª¬æããŸãã ãªãããã»ã©å±éºãªããšãããã®ã§ãããã?
ãœãŒã·ã£ã«ãšã³ãžãã¢ãªã³ã° â ç¹å®ã®è¡åãå®è¡ããããïŒæ å ±ã»ãã¥ãªãã£ã«é¢é£ããŠïŒæ©å¯æ å ±ãé瀺ãããããããã«ã人ã ãå¿ççã«æäœããããšã
å žåçãªãã£ãã·ã³ã°æ»æå±éã·ããªãªã®å³
ãã£ãã·ã³ã° ãã£ã³ããŒã³ã®æµããç°¡åã«èª¬æãã楜ãããããŒãã£ãŒããèŠãŠã¿ãŸãããã ããŸããŸãªæ®µéããããŸãã
-
äžæ¬¡ããŒã¿ã®åéã
21äžçŽã§ã¯ããœãŒã·ã£ã«ãããã¯ãŒã¯ãããŸããŸãªããŒãã®ãã©ãŒã©ã ã«ç»é²ããŠããªã人ãèŠã€ããã®ã¯å°é£ã§ãã åœç¶ã®ããšãªãããç§ãã¡ã®å€ãã¯ãçŸåšã®å€åå ãååã®ã°ã«ãŒããé»è©±ãã¡ãŒã«ãªã©ãèªåèªèº«ã«é¢ãã詳现ãªæ å ±ãæ®ããŸãã ããã«ãå人ã®èå³ã«é¢ããããŒãœãã©ã€ãºãããæ å ±ãè¿œå ãããšããã£ãã·ã³ã° ãã³ãã¬ãŒãã圢æããããã®ããŒã¿ãåŸãããŸãã ããšããã®ãããªæ å ±ãæã£ãŠãã人ãèŠã€ããããšãã§ããªãã£ããšããŠããèå³ã®ãããã¹ãŠã®æ å ± (ãã¡ã€ã³ ã¡ãŒã«ãé£çµ¡å ãã³ãã¯ã·ã§ã³) ãèŠã€ããããšãã§ããäŒæ¥ Web ãµã€ããåžžã«ååšããŸãã
-
ãã£ã³ããŒã³ã®éå§ã
åºçºç¹ãçšæããããç¡æãŸãã¯ææã®ããŒã«ã䜿çšããŠãç¬èªã®ã¿ãŒã²ãããçµã£ããã£ãã·ã³ã° ãã£ã³ããŒã³ãéå§ã§ããŸãã ã¡ãŒã«ã®éä¿¡ããã»ã¹äžã«ãé ä¿¡ãããã¡ãŒã«ãéå°ãããã¡ãŒã«ãã¯ãªãã¯ããããªã³ã¯ãå ¥åãããèªèšŒæ å ±ãªã©ã®çµ±èšãèç©ãããŸãã
åžè²©ã®è£œå
ãã£ãã·ã³ã°ã¯ãæ»æè ãšäŒæ¥ã®æ å ±ã»ãã¥ãªãã£æ åœè ã®äž¡æ¹ããåŸæ¥å¡ã®è¡åãç¶ç¶çã«ç£æ»ããããã«å©çšããå¯èœæ§ããããŸãã äŒæ¥åŸæ¥å¡åãã®èªåãã¬ãŒãã³ã° ã·ã¹ãã ã®ç¡æããã³åçšãœãªã¥ãŒã·ã§ã³ã®åžå Žã¯ã次ã®ãããªãã®ãæäŸããŠãããŸãã
-
ãŽãŒãã£ãã·ã¥ ã¯ããã£ãã·ã³ã° ãã£ã³ããŒã³ãå±éããŠåŸæ¥å¡ã® IT ãªãã©ã·ãŒããã§ãã¯ã§ãããªãŒãã³ ãœãŒã¹ ãããžã§ã¯ãã§ãã ã¡ãªãããšããŠã¯ãå±éãç°¡åã§ãã·ã¹ãã èŠä»¶ãæå°éã§ããããšã ãšæããŸãã æ¬ ç¹ã¯ãæ¢è£œã®éµéãã³ãã¬ãŒãããªãããšãã¹ã¿ããåãã®ãã¹ãããã¬ãŒãã³ã°è³æãäžè¶³ããŠããããšã§ãã -
KnowBe4 â ãã¹ãæ åœè ãå©çšã§ãã補åãå€æ°ãããµã€ãã -
ãã£ãã·ã¥ãã³ â åŸæ¥å¡ã®ãã¹ããšãã¬ãŒãã³ã°ã®ããã®èªåã·ã¹ãã ã 10 人ãã 1000 人以äžã®åŸæ¥å¡ããµããŒããã補åã®ããŸããŸãªããŒãžã§ã³ããããŸãã ãã¬ãŒãã³ã° ã³ãŒã¹ã«ã¯çè«ãšå®è·µçãªèª²é¡ãå«ãŸããŠããããã£ãã·ã³ã° ãã£ã³ããŒã³åŸã«åŸãããçµ±èšã«åºã¥ããŠããŒãºãç¹å®ããããšãã§ããŸãã ãã®ãœãªã¥ãŒã·ã§ã³ã¯åçšå©çšå¯èœã§ãè©Šçšãå¯èœã§ãã -
察è©æ¬º â èªåãã¬ãŒãã³ã°ããã³ã»ãã¥ãªãã£ç£èŠã·ã¹ãã ã ãã®åçšè£œåã§ã¯ãå®æçãªãã¬ãŒãã³ã°æ»æãåŸæ¥å¡ãã¬ãŒãã³ã°ãªã©ãæäŸãããŸãã ãã£ã³ããŒã³ã¯è£œåã®ãã¢çãšããŠæäŸãããŠããããã³ãã¬ãŒãã®å±éãš XNUMX ã€ã®ãã¬ãŒãã³ã°æ»æã®å®æœãå«ãŸããŸãã
äžèšã®ãœãªã¥ãŒã·ã§ã³ã¯ãèªå人æãã¬ãŒãã³ã°åžå Žã§å©çšå¯èœãªè£œåã®äžéšã«ãããŸããã ãã¡ãããããããã«ç¬èªã®é·æãšçæããããŸãã ä»æ¥ãç§ãã¡ã¯ç¥ãåãã«ãªããŸã
ãŽãŒãã£ãã·ã¥
ãããç·Žç¿ã®æéã§ãã GoPhish ãéžã°ããã®ã¯å¶ç¶ã§ã¯ãããŸãããGoPhish ã¯ã次ã®æ©èœãåãã䜿ããããããŒã«ã§ãã
-
ã€ã³ã¹ããŒã«ãšèµ·åãç°¡çŽ åãããŸããã
-
REST APIã®ãµããŒãã ããã¯ãšãªãäœæã§ããŸãã
ããã¥ã¡ã³ããŒã·ã§ã³ èªåã¹ã¯ãªãããé©çšããŸãã -
䟿å©ãªã°ã©ãã£ã«ã«ã³ã³ãããŒã«ã€ã³ã¿ãŒãã§ã€ã¹ã
-
ã¯ãã¹ãã©ãããã©ãŒã ã
éçºããŒã ã¯çŽ æŽããããã®ãçšæããŸãã
éèŠãªãç¥ããïŒ
ãã®çµæããããã€ãããããŒã¿ã«ã«é¢ããæ å ±ãšèªèšŒããŒã¿ (ããŒãžã§ã³ 0.10.1 ããå€ãããŒãžã§ã³ã«é¢é£) ãã¿ãŒããã«ã§åä¿¡ãããã¯ãã§ãã èªåã®ãã¹ã¯ãŒããä¿è·ããããšãå¿ããªãã§ãã ããã
msg="Please login with the username admin and the password <ÐÐÐ ÐÐЬ>"
GoPhish ã®èšå®ãç解ãã
ã€ã³ã¹ããŒã«åŸãã¢ããªã±ãŒã·ã§ã³ãã£ã¬ã¯ããªã«èšå®ãã¡ã€ã«ïŒconfig.jsonïŒãäœæãããŸãã ãããå€æŽããããã®ãã©ã¡ãŒã¿ã説æããŸãããã
ããŒ
å€ (ããã©ã«ã)
説æ
admin_server.listen_url
127.0.0.1:3333
GoPhish ãµãŒããŒã® IP ã¢ãã¬ã¹
admin_server.use_tls
false
GoPhish ãµãŒããŒãžã®æ¥ç¶ã« TLS ã䜿çšãããŠããŸãã
admin_server.cert_path
ããšãã° .crt
GoPhish 管çããŒã¿ã«ã® SSL 蚌ææžãžã®ãã¹
admin_server.key_path
äŸ.ããŒ
ç§å¯SSLããŒãžã®ãã¹
phish_server.listen_url
0.0.0.0:80
ãã£ãã·ã³ã° ããŒãžããã¹ããããŠãã IP ã¢ãã¬ã¹ãšããŒã (ããã©ã«ãã§ã¯ãGoPhish ãµãŒããŒèªäœã®ããŒã 80 ã§ãã¹ããããŠããŸã)
â> 管çããŒã¿ã«ã«ç§»åããŸãã ç§ãã¡ã®å Žåã«ã¯ïŒ https://127.0.0.1:3333
â> ããªãé·ããã¹ã¯ãŒããç°¡åãªãã¹ã¯ãŒãã«å€æŽãããããã®éã«å€æŽããããã«æ±ããããŸãã
éä¿¡è ãããã¡ã€ã«ã®äœæ
ãéä¿¡ãããã¡ã€ã«ãã¿ãã«ç§»åããã¡ãŒã«ã®éä¿¡å ãšãªããŠãŒã¶ãŒã«é¢ããæ å ±ãå ¥åããŸãã
ããã§ïŒ
åå
éä¿¡è å
éä¿¡è ã®é»åã¡ãŒã«
ã©ã€ããã»ãã©ã€ãããªã³ããã³ããããª
åä¿¡ã¡ãŒã«ããªãã¹ã³ããã¡ãŒã« ãµãŒããŒã® IP ã¢ãã¬ã¹ã
ã¡ãŒã«ãµãŒããŒã®ãŠãŒã¶ãŒã¢ã«ãŠã³ããã°ã€ã³ã
ãã¹ã¯ãŒã
ã¡ãŒã«ãµãŒããŒã®ãŠãŒã¶ãŒã¢ã«ãŠã³ãã®ãã¹ã¯ãŒãã
ãã¹ã ã¡ãã»ãŒãžãéä¿¡ããŠãé ä¿¡ãæåããããšã確èªããããšãã§ããŸãã ããããã¡ã€ã«ãä¿åããã¿ã³ã䜿çšããŠèšå®ãä¿åããŸãã
åä¿¡è ã®ã°ã«ãŒããäœæãã
次ã«ãããã§ãŒã³ ã¬ã¿ãŒãåä¿¡è ã®ã°ã«ãŒãã圢æããå¿ èŠããããŸãã ããŠãŒã¶ãŒãšã°ã«ãŒããâãæ°ããã°ã«ãŒããã«é²ã¿ãŸãã è¿œå ããæ¹æ³ã¯ XNUMX ã€ãããŸããæåã§è¿œå ããæ¹æ³ãšãCSV ãã¡ã€ã«ãã€ã³ããŒãããæ¹æ³ã§ãã
XNUMX çªç®ã®æ¹æ³ã§ã¯ã次ã®å¿ é ãã£ãŒã«ããå¿ èŠã§ãã
-
å
-
å§
-
ã¡ãŒã«
-
圹è·
äŸãšããŠïŒ
First Name,Last Name,Position,Email
Richard,Bourne,CEO,[email protected]
Boyd,Jenius,Systems Administrator,[email protected]
Haiti,Moreo,Sales & Marketing,[email protected]
ãã£ãã·ã³ã°ã¡ãŒã«ãã³ãã¬ãŒãã®äœæ
ä»®æ³ã®æ»æè ãšæœåšçãªè¢«å®³è ãç¹å®ããããã¡ãã»ãŒãžãå«ããã³ãã¬ãŒããäœæããå¿ èŠããããŸãã ãããè¡ãã«ã¯ããé»åã¡ãŒã« ãã³ãã¬ãŒããâãæ°ãããã³ãã¬ãŒããã»ã¯ã·ã§ã³ã«ç§»åããŸãã
ãã³ãã¬ãŒããäœæãããšãã¯ãæè¡çãã€åµé çãªã¢ãããŒãã䜿çšãããŸãããµãŒãã¹ããã®ã¡ãã»ãŒãžã¯ã被害ãŠãŒã¶ãŒã«éŠŽæã¿ã®ãããã®ããŸãã¯è¢«å®³ãŠãŒã¶ãŒã«ç¹å®ã®åå¿ãåŒãèµ·ãããã®ãæå®ããå¿ èŠããããŸãã å¯èœãªãªãã·ã§ã³:
åå
ãã³ãã¬ãŒãå
件å
æçŽã®ä»¶å
ããã¹ã/ HTML
ããã¹ããŸãã¯HTMLã³ãŒããå ¥åãããã£ãŒã«ã
Gophish ã¯æåã®ã€ã³ããŒãããµããŒãããŠããŸãããç¬èªã®æåãäœæããŸãã ãããè¡ãããã«ãäŒæ¥ãŠãŒã¶ãŒã瀟å ã¡ãŒã«ãããã¹ã¯ãŒãã®å€æŽãæ±ããæçŽãåãåããšããã·ããªãªãã·ãã¥ã¬ãŒãããŸãã 次ã«ã圌ã®åå¿ãåæããŠããã£ããããèŠãŠã¿ãŸãããã
ãã³ãã¬ãŒãå
ã®çµã¿èŸŒã¿å€æ°ã䜿çšããŸãã 詳现ã«ã€ããŠã¯äžèšãåç
§ããŠãã ãã
ãŸãã次ã®ããã¹ããããŒãããŸãããã
{{.FirstName}},
The password for {{.Email}} has expired. Please reset your password here.
Thanks,
IT Team
ããã«ããããŠãŒã¶ãŒã®ååãïŒä»¥åã«æå®ãããæ°ããã°ã«ãŒããé ç®ã«åŸã£ãŠïŒèªåçã«å ¥åããã圌ã®äœæã衚瀺ãããŸãã
次ã«ããã£ãã·ã³ã° ãªãœãŒã¹ãžã®ãªã³ã¯ãæäŸããå¿ èŠããããŸãã ãããè¡ãã«ã¯ãããã¹ãå ã®ãããããšããåèªã匷調衚瀺ããã³ã³ãããŒã« ããã«ã§ããªã³ã¯ããªãã·ã§ã³ãéžæããŸãã
URL ãçµã¿èŸŒã¿å€æ° {{.URL}} ã«èšå®ããŸããããã¯åŸã§å ¥åããŸãã ãã£ãã·ã³ã°ã¡ãŒã«ã®æ¬æã«èªåçã«åã蟌ãŸããŸãã
ãã³ãã¬ãŒããä¿åããåã«ãããã©ããã³ã°ç»åã®è¿œå ããªãã·ã§ã³ãå¿ããã«æå¹ã«ããŠãã ããã ããã«ããããŠãŒã¶ãŒãé»åã¡ãŒã«ãéãããã©ããã远跡ãã 1x1 ãã¯ã»ã«ã®ã¡ãã£ã¢èŠçŽ ãè¿œå ãããŸãã
æ®ãã¯ããŸãå€ããããŸãããããŸã Gophish ããŒã¿ã«ã«ãã°ã€ã³ããåŸã«å¿ èŠãªæé ããŸãšããŸãã
-
éä¿¡è ãããã¡ã€ã«ãäœæããŸãã
-
ãŠãŒã¶ãŒãæå®ããé åžã°ã«ãŒããäœæããŸãã
-
ãã£ãã·ã³ã°ã¡ãŒã«ã®ãã³ãã¬ãŒããäœæããŸãã
åæããŸããã»ããã¢ããã«ã¯ããã»ã©æéã¯ããããŸããã§ããããã£ã³ããŒã³ãéå§ããæºåã¯ã»ãŒæŽããŸããã æ®ã£ãŠããã®ã¯ãã£ãã·ã³ã° ããŒãžãè¿œå ããããšã ãã§ãã
ãã£ãã·ã³ã°ããŒãžã®äœæ
ãã©ã³ãã£ã³ã°ããŒãžãã¿ãã«ç§»åããŸãã
ãªããžã§ã¯ãã®ååãæå®ããããã«æ±ããããŸãã ãœãŒã¹ãµã€ããã€ã³ããŒãããããšãå¯èœã§ãã ãã®äŸã§ã¯ãã¡ãŒã« ãµãŒããŒã®åäœäžã® Web ããŒã¿ã«ãæå®ããããšããŸããã ãããã£ãŠãïŒå®å šã§ã¯ãããŸãããïŒHTML ã³ãŒããšããŠã€ã³ããŒããããŸããã ãŠãŒã¶ãŒå ¥åãååŸããããã®èå³æ·±ããªãã·ã§ã³ã次ã«ç€ºããŸãã
-
éä¿¡ãããããŒã¿ããã£ããã£ããŸãã æå®ãããµã€ãããŒãžã«åçš®å ¥åãã©ãŒã ãå«ãŸããå Žåããã¹ãŠã®ããŒã¿ãèšé²ãããŸãã
-
ãã¹ã¯ãŒãã®ãã£ãã㣠- å ¥åããããã¹ã¯ãŒãããã£ããã£ããŸãã ããŒã¿ã¯æå·åãããã«ãã®ãŸãŸ GoPhish ããŒã¿ããŒã¹ã«æžã蟌ãŸããŸãã
ããã«ãããªãã€ã¬ã¯ãå ããªãã·ã§ã³ã䜿çšãããšãè³æ Œæ å ±ãå ¥åããåŸã«ãŠãŒã¶ãŒãæå®ãããããŒãžã«ãªãã€ã¬ã¯ãã§ããŸãã ãŠãŒã¶ãŒãäŒæ¥é»åã¡ãŒã«ã®ãã¹ã¯ãŒããå€æŽããããã«æ±ããããã·ããªãªãèšå®ããŠããããšãæãåºããŠãã ããã ãããè¡ãããã«ãåœã®ã¡ãŒã«èªèšŒããŒã¿ã« ããŒãžãæäŸããããã®åŸããŠãŒã¶ãŒã¯å©çšå¯èœãªä»»æã®äŒæ¥ãªãœãŒã¹ã«éä¿¡ãããŸãã
å®æããããŒãžãå¿ããã«ä¿åãããæ°ãããã£ã³ããŒã³ãã»ã¯ã·ã§ã³ã«ç§»åããŠãã ããã
GoPhish ãã£ãã·ã³ã°ã®éå§
å¿ èŠãªæ å ±ã¯ãã¹ãŠæäŸããŸããã ãæ°èŠãã£ã³ããŒã³ãã¿ãã§ãæ°ãããã£ã³ããŒã³ãäœæããŸãã
ãã£ã³ããŒã³ãéå§ãã
ããã§ïŒ
åå
ãã£ã³ããŒã³å
ã¡ãŒã«ãã³ãã¬ãŒã
ã¡ãã»ãŒãžãã³ãã¬ãŒã
ã©ã³ãã£ã³ã°ããŒãž
ãã£ãã·ã³ã°ããŒãž
URL
GoPhish ãµãŒããŒã® IP (被害è ã®ãã¹ããšã®ãããã¯ãŒã¯å°éå¯èœæ§ãå¿ èŠ)
æã¡äžãæ¥
ãã£ã³ããŒã³éââå§æ¥
ã¡ãŒã«ã®éä¿¡è
ãã£ã³ããŒã³çµäºæ¥ïŒåçé åžïŒ
éä¿¡ãããã¡ã€ã«
éä¿¡è ãããã£ãŒã«
ã°ã«ãŒã
ã¡ãŒã«åä¿¡è ã°ã«ãŒã
éå§åŸã¯ãéä¿¡ã¡ãã»ãŒãžãéããã¡ãã»ãŒãžããªã³ã¯ã®ã¯ãªãã¯ãã¹ãã ã«è»¢éãããæ®ããŒã¿ãªã©ã瀺ãçµ±èšãåžžã«ç¥ãããšãã§ããŸãã
çµ±èšããã1 ã€ã®ã¡ãã»ãŒãžãéä¿¡ãããããšãããããŸããåä¿¡è åŽããã¡ãŒã«ã確èªããŠã¿ãŸãããã
å®éã被害è ã¯ãäŒæ¥ã¢ã«ãŠã³ãã®ãã¹ã¯ãŒããå€æŽããããã®ãªã³ã¯ããã©ãããæ±ãããã£ãã·ã³ã°ã¡ãŒã«ãç¡äºã«åãåããŸããã èŠæ±ãããã¢ã¯ã·ã§ã³ãå®è¡ããã©ã³ãã£ã³ã° ããŒãžã«éä¿¡ãããŸããçµ±èšã¯ã©ããªãã®ã§ãããã?
ãã®çµæããŠãŒã¶ãŒã¯ãã£ãã·ã³ã° ãªã³ã¯ãã¯ãªãã¯ããã¢ã«ãŠã³ãæ å ±ãæ®ãããå¯èœæ§ããããŸããã
èè ã®ã¡ã¢ïŒ ãã¹ã ã¬ã€ã¢ãŠãã䜿çšãããããããŒã¿å ¥åããã»ã¹ã¯èšé²ãããŸããã§ãããããã®ãããªãªãã·ã§ã³ã¯ååšããŸãã ãã ããã³ã³ãã³ãã¯æå·åããããGoPhish ããŒã¿ããŒã¹ã«ä¿åãããããããã®ç¹ã«æ³šæããŠãã ããã
代ããã«ãçµè«ã®
ä»æ¥ã¯ãåŸæ¥å¡ããã£ãã·ã³ã°æ»æããå®ããIT ãªãã©ã·ãŒãé«ããããã«ãåŸæ¥å¡åãã®èªåãã¬ãŒãã³ã°ãå®æœãããšããçŸåšã®ãããã¯ã«ã€ããŠè§ŠããŸããã Gophish ã¯æé ãªäŸ¡æ Œã®ãœãªã¥ãŒã·ã§ã³ãšããŠå°å ¥ãããå°å ¥æéãšçµæã®ç¹ã§è¯å¥œãªçµæãåŸãããŸããã ãã®ã¢ã¯ã»ã¹å¯èœãªããŒã«ã䜿çšãããšãåŸæ¥å¡ãç£æ»ããåŸæ¥å¡ã®è¡åã«é¢ããã¬ããŒããçæã§ããŸãã ãã®è£œåã«ãèå³ãããããŸãããããã®å°å ¥ãšåŸæ¥å¡ã®ç£æ»ã«é¢ããæ¯æŽãæäŸããããŸã ([ã¡ãŒã«ä¿è·]).
ãã ããXNUMX ã€ã®ãœãªã¥ãŒã·ã§ã³ã®æ€èšã«ãšã©ãŸããããã¬ãŒãã³ã° ããã»ã¹ãèªååããåŸæ¥å¡ã®ã»ãã¥ãªãã£ãç£èŠããããã®ãšã³ã¿ãŒãã©ã€ãº ãœãªã¥ãŒã·ã§ã³ã«ã€ããŠã話ãåããµã€ã¯ã«ãç¶ç¶ããäºå®ã§ãã ç§ãã¡ãšäžç·ã«ããŠãèŠæããŠãã ããïŒ
åºæïŒ habr.com