Email Fraud: An Inside Look at the FraudstersAgari's John Wilson on How to Respond to the Latest Tactical Strikes
Agari's John Wilson doesn't just fight email fraud schemes - he also is the occasional target. What have the fraudsters inadvertently taught him about their latest tactics? And how can these lessons help organizations to improve their defenses?
See Also: Role of Deception in the 'New Normal'
In a video interview at Information Security Media Group's New York Fraud and Breach Prevention Summit, Wilson, Agari's field CTO, shares some of what he's learned from playing along with the fraudsters' schemes and responding to their emails.
In this cat-and-mouse game, Wilson has been able to have some fraudulent bank accounts shut down, but he acknowledges that the scams keep on coming - and evolving.
"You've got to be on constant lookout, and you don't know what the next attack is going to look like," Wilson says. "CEO wire fraud - we've all heard about it and we're on the lookout for it. But we've seen one [attack] where they're looking for AWS credentials. That's not something you're looking for."
In this video interview, Wilson discusses:
- Today's most common email fraud schemes;
- How to detect exploits that lack a malware component;
- New defensive measures organizations must take to detect and take down these schemes.
Before joining Agari in September 2010, Wilson held CTO positions at several Silicon Valley startups, including Brandmail Solutions, Concuro and 365 Media. Earlier, he spent more than six years at German software giant SAP, where he held a variety of senior engineering posts. As part of his work with SAP, he co-authored two patents in the areas of user interface design and data visualization.