LAS VEGAS—Phishing is about to get a whole lot more personal, thanks to ethical hackers at Trustwave. A new tool that is being released at the Black Hat security conference by security researchers from Trustwave aims to improve social engineering attacks with more targeted and convincing spear-phishing messages.
The tool uses online activity as a digital fingerprint to create a better spear phisher. Spear-phishing messages are highly targeted, socially engineered attacks designed to trick a user into thinking that a message that is a fraud is in fact legitimate.
Trustwave security consultants Joaquim Espinhara and Ulisses Albuquerque, built their tool to help users improve IT security.
The goal of the Microphisher tool is to help craft messages that are similar in appearance, style and language usage to a given person of interest, Espinhara told eWEEK. The general idea is to be able to write and send a message to the spear-phishing target that looks as though it legitimately came from a known contact, he said.