Protection from credential loss through in-house phishing campaign profiling
Phishing that leads to credential loss is a problem for organisations and individuals globally. High-profile data breaches regularly feature phishing and credential loss as major contributing factors. Previous research efforts have focussed on the identification of phishing emails and websites for all organisations. The focus of this study is to take datasets that are the product of one organisation’s in-house account protection efforts and determine if successful phishing campaigns can be profiled. Findings include common characteristics of high-risk phishing campaigns and the profiling of IP addresses that were involved in phishing and credential loss specific to the target organisation.