Masiku ano, woyang'anira ma netiweki kapena injiniya woteteza zidziwitso amathera nthawi yochulukirapo komanso kuyesetsa kuti ateteze kuzungulira kwa mabizinesi ku zoopsa zosiyanasiyana, kudziwa njira zatsopano zopewera ndikuwunika zochitika, koma ngakhale izi sizitanthauza chitetezo chokwanira. Social engineering imagwiritsidwa ntchito ndi omwe akuwukira ndipo imatha kukhala ndi zotsatirapo zoyipa.
Kodi ndi kangati mwadzipeza nokha mukuganiza kuti: "Zingakhale zabwino kukonza mayeso kwa ogwira ntchito pa chidziwitso cha chitetezo cha chidziwitso"? Tsoka ilo, malingaliro amathamangira kukhoma la kusamvetsetsana mwa mawonekedwe a kuchuluka kwa ntchito kapena nthawi yochepa pa tsiku logwira ntchito. Tikukonzekera kukuuzani zazinthu zamakono ndi matekinoloje okhudzana ndi maphunziro a anthu ogwira ntchito, zomwe sizidzafuna maphunziro aatali oyendetsa ndege kapena kukhazikitsa, koma zonse zomwe zili mu dongosolo.
Theoretical maziko
Masiku ano, oposa 80% a mafayilo oyipa amagawidwa kudzera pa imelo (deta yotengedwa kuchokera ku malipoti kuchokera kwa akatswiri a Check Point chaka chatha pogwiritsa ntchito Intelligence Reports service).
Lipoti kwa masiku 30 apitawa pa vekitala yowukira yogawa mafayilo oyipa (Russia) - Check Point
Izi zikusonyeza kuti zomwe zili mu mauthenga a imelo ndizosavuta kugwiriridwa ndi omwe akuukira. Ngati tilingalira za mafayilo owopsa omwe ali muzowonjezera (EXE, RTF, DOC), ndizoyenera kudziwa kuti, monga lamulo, amakhala ndi zinthu zodziwikiratu za ma code (zolemba, macros).
Lipoti lapachaka pamafayilo omwe adalandira mauthenga oyipa - Check Point
Kodi mungathane bwanji ndi vekitala iyi? Kuwona makalata kumaphatikizapo kugwiritsa ntchito zida zotetezera:
-
Antivayirasi - kuzindikira kwa signature zowopseza.
-
kutsanzira - bokosi la mchenga lomwe zomata zimatsegulidwa pamalo akutali.
-
Kudziwitsa Zamkatimu - kuchotsa zinthu zomwe zikugwira ntchito m'malemba. Wogwiritsa amalandira chikalata choyeretsedwa (nthawi zambiri mumtundu wa PDF).
-
AntiSpam - kuyang'ana wolandila / wotumiza adani kuti ali ndi mbiri.
Ndipo, mwamalingaliro, izi ndi zokwanira, koma palinso chinthu china chofunikira kwambiri kwa kampani - deta yamakampani ndi yaumwini ya antchito. M'zaka zaposachedwa, kutchuka kwa mtundu wotsatira wachinyengo pa intaneti kwakula kwambiri:
Phishing (Chingerezi phishing, kuchokera ku nsomba - kuwedza, kusodza) - mtundu wachinyengo pa intaneti. Cholinga chake ndikupeza chidziwitso cha ogwiritsa ntchito. Izi zikuphatikiza kuba kwa mawu achinsinsi, manambala a kirediti kadi, maakaunti aku banki ndi zidziwitso zina.
Zigawenga zikuwongolera njira zochitira chinyengo, kulozeranso zopempha za DNS kuchokera patsamba lodziwika bwino, ndikuyambitsa kampeni yonse pogwiritsa ntchito uinjiniya wa anthu kutumiza maimelo.
Chifukwa chake, kuti muteteze imelo yanu yamakampani kuchinyengo, tikulimbikitsidwa kugwiritsa ntchito njira ziwiri, ndipo kugwiritsa ntchito kwawo kuphatikiza kumabweretsa zotsatira zabwino:
-
Zida zachitetezo chaukadaulo. Monga tanenera kale, matekinoloje osiyanasiyana amagwiritsidwa ntchito kuyang'ana ndi kutumiza makalata ovomerezeka okha.
-
Maphunziro aukadaulo a ogwira ntchito. Zimapangidwa ndi kuyesa kwathunthu kwa ogwira ntchito kuti adziwe omwe angakhale ozunzidwa. Kenako amaphunzitsidwanso ndipo ziwerengero zimalembedwa nthawi zonse.
Musakhulupirire ndi kufufuza
Lero tikambirana za njira yachiwiri yopewera kuukira kwa phishing, yomwe ndi maphunziro odzichitira okha kuti muwonjezere chitetezo chonse chamakampani ndi data yanu. Nβchifukwa chiyani zimenezi zingakhale zoopsa chonchi?
chikhalidwe cha anthu - Kusokoneza anthu m'maganizo kuti achite zinthu zina kapena kuulula zinsinsi (zokhudzana ndi chitetezo chazidziwitso).
Chithunzi cha zochitika zachinyengo zachinyengo
Tiyeni tiwone tchati chosangalatsa chomwe chimafotokoza mwachidule ulendo wa kampeni yachinyengo. Ili ndi magawo osiyanasiyana:
-
Kusonkhanitsa deta yoyambirira.
M'zaka za zana la 21, ndizovuta kupeza munthu yemwe sanalembetsedwe pa intaneti kapena pamabwalo osiyanasiyana. Mwachilengedwe, ambiri aife timasiya zambiri za ife eni: malo omwe timagwira ntchito pano, gulu la anzathu, foni, makalata, ndi zina. Onjezani pazokonda za munthu ndipo muli ndi chidziwitso chopanga template yachinyengo. Ngakhale sitinapeze anthu omwe ali ndi chidziwitso chotere, nthawi zonse pamakhala webusaiti ya kampani komwe tingapeze zonse zomwe timakonda (imelo ya domain, ma contacts, maulumikizidwe).
-
Kukhazikitsidwa kwa kampeni.
Mukakhala ndi poyambira, mutha kugwiritsa ntchito zida zaulere kapena zolipiridwa kuti muyambitse kampeni yanu yachinyengo. Panthawi yotumizira makalata, mudzasonkhanitsa ziwerengero: makalata otumizidwa, makalata otsegulidwa, maulalo amadina, zidziwitso zomwe zalowa, ndi zina.
Zogulitsa pamsika
Phishing zitha kugwiritsidwa ntchito ndi onse owukira komanso ogwira ntchito pakampani yoteteza zidziwitso zamakampani kuti aziwunika mosalekeza momwe amagwirira ntchito. Kodi msika wamayankho aulere komanso otsatsa pamakina ophunzitsira ogwiritsa ntchito pakampani umatipatsa chiyani:
-
ndi pulojekiti yotseguka yomwe imakulolani kuti mugwiritse ntchito kampeni yachinyengo kuti muwone luso la IT la antchito anu. Ndikadawona zabwino zake kukhala zosavuta zotumizira komanso zofunikira zochepa pamakina. Zoyipa zake ndi kusowa kwa ma tempulo okonzeka otumizira, kusowa kwa mayeso ndi zida zophunzitsira antchito.
-
- malo omwe ali ndi zinthu zambiri zomwe zilipo zoyesa anthu ogwira ntchito.
-
- makina opangira kuyesa ndi kuphunzitsa antchito. Ili ndi mitundu yosiyanasiyana yazogulitsa zomwe zimathandizira kuyambira 10 mpaka antchito opitilira 1000. Maphunzirowa amaphatikizapo malingaliro ndi ntchito zothandiza; ndizotheka kuzindikira zosowa potengera ziwerengero zomwe zapezeka pambuyo pa kampeni yachinyengo. Yankho lake ndi lamalonda ndi mwayi wogwiritsa ntchito mayesero.
-
- Makina ophunzitsira ndi kuwunikira chitetezo. Zogulitsa zamalonda zimapereka kuukira kwanthawi ndi nthawi, kuphunzitsa antchito, ndi zina. Kampeni imaperekedwa ngati chiwonetsero chazogulitsa, chomwe chimaphatikizapo kuyika ma templates ndikuchita ziwonetsero zitatu zophunzitsira.
Mayankho omwe ali pamwambawa ndi gawo chabe lazinthu zomwe zilipo pamsika wophunzitsira anthu ogwira ntchito. Inde, aliyense ali ndi ubwino wake ndi kuipa kwake. Lero tidziwana , yerekezerani zachinyengo, ndikuwona zosankha zomwe zilipo.
GoPhish
Kotero, ndi nthawi yoti muzichita. GoPhish sinasankhidwe mwangozi: ndi chida chosavuta kugwiritsa ntchito chomwe chili ndi izi:
-
Kukhazikitsa kosavuta ndi kuyambitsa.
-
Chithandizo cha REST API. Imakulolani kuti mupange mafunso kuchokera ndi kugwiritsa ntchito zolemba zokha.
-
Yabwino zithunzi kuwongolera mawonekedwe.
-
Mtanda-nsanja.
Gulu lachitukuko lakonzekera bwino kwambiri pa kutumiza ndi kukonza GoPhish. M'malo mwake, zomwe muyenera kuchita ndikupita , tsitsani zolemba za ZIP za OS yofananira, yendetsani fayilo ya binary yamkati, kenako chidacho chidzayikidwa.
ZOFUNIKA KWAMBIRI!
Zotsatira zake, muyenera kulandira mu terminal zidziwitso za portal yomwe yatumizidwa, komanso data yololeza (yoyenera kumasulira akale kuposa mtundu 0.10.1). Musaiwale kuti muteteze mawu achinsinsi anu!
msg="Please login with the username admin and the password <ΠΠΠ ΠΠΠ¬>"Kumvetsetsa kukhazikitsidwa kwa GoPhish
Pambuyo pakukhazikitsa, fayilo yosinthira (config.json) idzapangidwa muzolembera zamapulogalamu. Tiyeni tifotokoze magawo osinthira:
Mphindi
Mtengo (zofikira)
mafotokozedwe
admin_server.listen_url
127.0.0.1:3333
GoPhish adilesi ya IP ya seva
admin_server.use_tls
zabodza
TLS imagwiritsidwa ntchito kulumikiza ku seva ya GoPhish
admin_server.cert_path
chitsanzo.crt
Njira yopita ku satifiketi ya SSL ya GoPhish admin portal
admin_server.key_path
chitsanzo.kiyi
Njira yopita ku kiyi yachinsinsi ya SSL
phish_server.listen_url
0.0.0.0:80
Adilesi ya IP ndi doko pomwe tsamba lachinyengo limasungidwa (mwachisawawa limasungidwa pa seva ya GoPhish padoko 80)
-> Pitani ku malo oyang'anira. Kwa ife: https://127.0.0.1:3333
-> Mudzafunsidwa kuti musinthe mawu achinsinsi amtali kuti akhale osavuta kapena mosemphanitsa.
Kupanga mbiri ya wotumiza
Pitani ku tabu ya "Sending Profiles" ndikupereka zambiri za wogwiritsa ntchito yemwe makalata athu amachokera:
Kumeneko:
dzina
Dzina la wotumiza
kuchokera
Imelo ya wotumiza
khamu
Adilesi ya IP ya seva yamakalata yomwe maimelo omwe akubwera adzamvera.
lolowera
Lowani muakaunti ya ogwiritsa ntchito pa seva ya imelo.
achinsinsi
Mawu achinsinsi a akaunti ya seva ya imelo.
Mukhozanso kutumiza uthenga woyesera kuti muwonetsetse kuti kutumiza bwino. Sungani makonda pogwiritsa ntchito batani la "Sungani mbiri".
Kupanga gulu la olandira
Kenako, muyenera kupanga gulu la olandira "makalata a unyolo". Pitani ku "Ogwiritsa & Magulu" β "Gulu Latsopano". Pali njira ziwiri zowonjezerera: pamanja kapena kuitanitsa fayilo ya CSV.
Njira yachiwiri imafuna magawo otsatirawa:
-
Dzina loyamba
-
Dzina lomaliza
-
Email
-
malo
Chitsanzo:
First Name,Last Name,Position,Email
Richard,Bourne,CEO,[email protected]
Boyd,Jenius,Systems Administrator,[email protected]
Haiti,Moreo,Sales & Marketing,[email protected]Kupanga Template ya Imelo ya Phishing
Titazindikira yemwe akuwukirayo ndi omwe angakhale akuzunzidwa, tiyenera kupanga template yokhala ndi uthenga. Kuti muchite izi, pitani ku gawo la "Ma Templates a Imelo" β "Zatsopano Zatsopano".
Popanga template, njira yaukadaulo ndi yopangira imagwiritsidwa ntchito; uthenga wochokera ku ntchitoyo uyenera kufotokozedwa womwe udzakhala wodziwika kwa ogwiritsa ntchito omwe akuzunzidwa kapena ungawapangitse kuti achitepo kanthu. Zosankha zotheka:
dzina
Dzina lachitsanzo
mutu
Mutu wamakalata
Zolemba / HTML
Gawo lolowera zolemba kapena HTML code
Gophish imathandizira kuitanitsa zilembo, koma tidzapanga zathu. Kuti tichite izi, timatengera chitsanzo: wogwiritsa ntchito kampani amalandira kalata yomupempha kuti asinthe mawu achinsinsi kuchokera ku imelo yake yamakampani. Kenako, tiyeni tipende momwe iye amachitira ndikuyang'ana "kugwira" kwathu.
Tidzagwiritsa ntchito zosinthika zomangidwa mu template. Zambiri zitha kupezeka pamwambapa gawo .
Choyamba, tiyeni tilowetse mawu otsatirawa:
{{.FirstName}},
The password for {{.Email}} has expired. Please reset your password here.
Thanks,
IT TeamChifukwa chake, dzina la wogwiritsa ntchito lidzalowetsedwa (malinga ndi "Gulu Latsopano" lomwe latchulidwa kale) ndipo adilesi yake idzawonetsedwa.
Kenako, tiyenera kupereka ulalo ku gwero lathu phishing. Kuti muchite izi, yang'anani mawu oti "apa" m'mawu ndikusankha "Ulalo" pagawo lowongolera.
Tikhazikitsa ulalo wosinthika {{.URL}}, womwe tidzalemba pambuyo pake. Izingidwa zokha m'mawu a imelo yachinyengo.
Musanasunge template, musaiwale kuyambitsa njira ya "Add Tracking Image". Izi ziwonjezera 1x1 pixel media element yomwe iwona ngati wosuta watsegula imelo.
Chifukwa chake, palibe zambiri zomwe zatsala, koma choyamba tifotokoza mwachidule masitepe ofunikira mutalowa patsamba la Gophish:
-
Pangani mbiri ya wotumiza;
-
Pangani gulu logawa komwe mumatchula ogwiritsa ntchito;
-
Pangani template ya imelo yachinyengo.
Gwirizanani, kukhazikitsa sikunatenge nthawi yambiri ndipo tatsala pang'ono kuyambitsa kampeni yathu. Chotsalira ndikuwonjezera tsamba lachinyengo.
Kupanga tsamba lachinyengo
Pitani ku tabu "Landing Pages".
Tidzafunsidwa kuti titchule dzina la chinthucho. Ndizotheka kuitanitsa malo oyambira. Muchitsanzo chathu, ndidayesa kufotokoza tsamba lomwe likugwira ntchito la seva yamakalata. Chifukwa chake, idatumizidwa ngati HTML code (ngakhale osati kwathunthu). Zotsatirazi ndi zosangalatsa zomwe mungatenge kuti mujambule zolowetsa za ogwiritsa ntchito:
-
Jambulani Zomwe Zatumizidwa. Ngati tsamba latsamba lomwe latchulidwa lili ndi mafomu osiyanasiyana, ndiye kuti zonse zidzajambulidwa.
-
Jambulani mawu achinsinsi - jambulani mawu achinsinsi. Deta imalembedwa ku database ya GoPhish popanda kubisa, monga momwe zilili.
Kuphatikiza apo, titha kugwiritsa ntchito njira ya "Redirect to", yomwe imatsogolera wogwiritsa ntchito patsamba lodziwika atalowetsa zidziwitso. Ndiroleni ndikukumbutseni kuti takhazikitsa zomwe wogwiritsa ntchito amauzidwa kuti asinthe mawu achinsinsi a imelo yamakampani. Kuti achite izi, amapatsidwa tsamba labodza lachilolezo cha makalata, pambuyo pake wogwiritsa ntchitoyo akhoza kutumizidwa kuzinthu zilizonse zamakampani zomwe zilipo.
Musaiwale kusunga tsamba lomalizidwa ndikupita ku gawo la "Kampeni Yatsopano".
Kukhazikitsidwa kwa usodzi wa GoPhish
Tapereka zonse zofunika. Patsamba la "Kampeni Yatsopano", pangani kampeni yatsopano.
Kuyambitsa kampeni
Kumeneko:
dzina
Dzina la kampeni
Chinsinsi cha Imelo
Template ya uthenga
Kubwera Tsamba
Tsamba la Phishing
ulalo
IP ya seva yanu ya GoPhish (iyenera kukhala ndi intaneti yofikira ndi wolandila)
Tsiku loyamba
Tsiku loyambira kampeni
Tumizani Maimelo Mwa
Tsiku lomaliza la kampeni (makalata amagawidwa mofanana)
Kutumiza Mbiri
Mbiri ya wotumiza
magulu
Gulu lolandira makalata
Pambuyo poyambira, titha kudziwa nthawi zonse ziwerengero, zomwe zikuwonetsa: mauthenga otumizidwa, mauthenga otsegulidwa, kudina maulalo, kumanzere kwa data kupita ku sipamu.
Kuchokera ku ziwerengero zomwe tikuwona kuti uthenga umodzi watumizidwa, tiyeni tiwone makalata kuchokera kumbali ya wolandira:
Zowonadi, wozunzidwayo adalandira bwino imelo yachinyengo yomupempha kuti atsatire ulalo kuti asinthe chinsinsi cha akaunti yake. Timachita zomwe tafunsidwa, timatumizidwa ku Masamba Ofikira, nanga bwanji ziwerengero?
Zotsatira zake, wogwiritsa ntchito adadina ulalo wachinyengo, pomwe amatha kusiya zambiri za akaunti yake.
Ndemanga ya wolemba: ndondomeko yolowera deta sinalembedwe chifukwa chogwiritsa ntchito mawonekedwe oyesera, koma njira yotereyi ilipo. Komabe, zomwe zalembedwazo sizinasinthidwe ndipo zimasungidwa munkhokwe ya GoPhish, chonde kumbukirani izi.
M'malo mapeto
Lero takhudza mutu waposachedwa wophunzitsa ogwira ntchito okha kuti awateteze ku chinyengo ndikukulitsa luso la IT mwa iwo. Gophish idagwiritsidwa ntchito ngati njira yotsika mtengo, yomwe idawonetsa zotsatira zabwino potengera nthawi ndi zotsatira zake. Ndi chida chofikirikachi, mutha kuwunika antchito anu ndikupanga malipoti pamakhalidwe awo. Ngati muli ndi chidwi ndi mankhwalawa, timapereka chithandizo potumiza ndikuwunika antchito anu ([imelo ndiotetezedwa]).
Komabe, sitisiya kuwunikanso yankho limodzi ndikukonzekera kupitiliza kuzungulira, pomwe tidzakambirana za mayankho a Enterprise pakuwongolera njira yophunzitsira ndikuwunika chitetezo cha ogwira ntchito. Khalani nafe ndipo khalani maso!
Source: www.habr.com