Open-Source Social Engineering Tool Uses AI to Conduct Spear-Phishing at Scale
LAKE FOREST, CALIFORNIA -October 2, 2018 – Tevora, a leading cybersecurity consulting firm, today announced the release of new open-source phishing tool, Dragnet, designed to utilize AI to conduct spear-phishing at scale. The tool collects publicly available information on its targets, then suggests the email template that each target is most likely to click on. Dragnet illustrates how sophisticated hackers are becoming in targeting individuals on a massive scale, highlights the need for individuals to protect themselves online, and will help businesses test their defenses against cutting edge attacks.
Dragnet begins by collecting dozens of OSINT data points on past and present social engineering targets. Then, using conversion data from previous engagements, it provides recommendations for use on current targets: phishing templates, vishing scripts and physical pretexts – all to increase conversions with minimal effort. The tool also features landing page cloning and domain registration, alongside standard infrastructure deployment, call scheduling and email delivery, setting it apart from other open-source phishing frameworks.
The framework presents opportunities for multiple audiences. An organization can utilize the tool to run a simulated social engineering phishing campaign internally to understand where there are vulnerabilities and what can be done to increase security. Additionally, Dragnet raises awareness about consumer privacy online and the importance of smart security habits.
“Social engineering attacks are the leading point of entry in major data breaches for huge companies, and these breaches aren’t going away; in fact, they are going to get worse,” said Dragnet creator and Tevora Security Analyst, Truman Kain. “The best way to reduce that risk is for individuals to instill positive privacy habits. When consumers take the necessary steps to harden their security postures, those good habits carry over into the workplace, better protecting organizations from attack,” he continued.
Dragnet was released free of charge as an open-source tool on Github on October 3, 2018.
Founded in 2003, Tevora is a specialized management consultancy focused on cybersecurity, risk and compliance services. Based in Lake Forest, CA, our experienced consultants are devoted to supporting the CISO in protecting their organization’s digital assets. We make it our responsibility to ensure the CISO has the tools and guidance they need to build their departments, so they can prevent and respond to daily threats.
Our expert advisors take the time to learn about each organization’s unique pressures and challenges, so we can help identify and execute the best solutions for each case. We take a hands-on approach to each new partnership, and –year after year –apply our cumulative learnings to continually strengthen the company’s digital defenses.
For more information about Tevora please visit www.tevora.com, or follow us on Twitter @tevora.
Media Contact: Liz Kydoniefs, PR Manager