You’ve got Mail (and Misdirected Funds): A live demo of email hacking

Presentation given at CypherCon, March 31, 2023

In 2022, email compromises were one the costliest forms of cybercrime reported to the FBI, leading to $2.4 billion in losses. These email compromises, called Business Email Compromise (BEC), can lead to misdirected payments, fraudulent wire transfers, and other similar types of financial fraud. This session will look at common ways attackers gain access to email, what they do when they have access to victim email, and how to prevent them from getting in. We will also walk through a demo of how BEC looks through some live email hacking.

Slides and notes are below