Phishing attacks that leverage man-in-the-middle (MITM) phishing toolkits acting as malicious reverse proxy servers of online services are on the rise. These toolkits automate the harvesting of two-factor authenticated sessions and substantially increase the believability of phishing web pages.

Fortunately, you can take measures to defend your campus against these types of attacks. Researchers at Stony Brook University, in collaboration with a researcher at NET+ service provider Palo Alto Networks, conducted a year-long analysis of MITM phishing toolkits. By analyzing and experimenting with these toolkits, they identified intrinsic network-level properties campuses can use to identify and defend against them. Two members of the Stony Brook research team will share their insights on this emerging threat and address your questions about managing it on your campus. 

Speakers:

• Nick Nikiforakis, associate professor, Stony Brook University
• Babak Amin Azad, research assistant, Stony Brook University

Moderator:

• Nick Lewis, program manager, NET+