You win ! <\/li><\/ol><\/li><\/ol>\n\n\n\nBut how ?, the key part of approach is psychology – if you attack infrastructure it can be bought easily, success of a phishing attack depends on how good results the attacker gets. <\/p>\n\n\n\n
Reasoning<\/h2>\n\n\n\n
if you ever conducted an actual phishing attack or have observed programmatic logics – attackers have adopted methods to get 2FA from clients but once verified data is valuable. Let’s do some math. <\/p>\n\n\n\n
Let’s say you are conducting a phishing attack & it costs you to 100$ to compromise a web site or host it, sending email might cost you 0.001$.
Assuming 1\/1000 spam are clicked – you are technically going to spend 1$ per click, let’s say 10% of clickers turn to victim. To get useful data you will require 10$. <\/p>\n\n\n\n
if captured data is being sold in market at 20$ for every good data – you are going to make profit of 10$ excluding hosting cost. <\/p>\n\n\n\n
but what if you are getting bogus data, which feels just good but now it is useless since 2FA has failed, or may be the server’s are not responding. Overall if vendors can make cost of Phishing high, only those will survive who have willingness to catch a whale. <\/p>\n","protected":false},"excerpt":{"rendered":"
Phishing is a never ending war thug of war where one side is only trying to stop other side from winning, “Attackers are always trying to be innovative while defenders are trying to innovate on the innovation done by defenders.” Ironic as it may sound, but this is what it is. This article is not … <\/p>\n
Continue reading<\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[38],"tags":[],"class_list":["post-262","post","type-post","status-publish","format-standard","hentry","category-security","item-wrap"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_shortlink":"https:\/\/wp.me\/pciGs2-4e","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/posts\/262","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/comments?post=262"}],"version-history":[{"count":4,"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/posts\/262\/revisions"}],"predecessor-version":[{"id":344,"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/posts\/262\/revisions\/344"}],"wp:attachment":[{"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/media?parent=262"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/categories?post=262"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/madhurendra.com\/wp-json\/wp\/v2\/tags?post=262"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}