For Big Game Phishermen, The Low-Risk/High-Reward target is the state of Delaware


Of all 50 states, only the state of Oregon has DMARC Enforcement to prevent phishing and email impersonation (see my list of states and their protectors here). So where is the highest-reward/lowest-risk state? I would shoot for Delaware, as a ton of big corporations incorporate in that state. Which mens they file reports in that state. And what is the risk/reward equation?

Pretend to be sending official email from Delaware to corporations and get inside information on earnings and mergers. Then act on that inside information by buying/selling equities in the legal and open markets. Avoid Bitcoin and ransomware scams, where you have to stay one step ahead of the law and lurk on the Dark Web.

You want to plant your latest and greatest worm on THE BIG BOYS SYSTEMS? Just send an email from the Delaware Division of Corporations to Fortune CFOs with the subject line: "Attached is the new accelerated five-step Delware Corporation filing process." Then include a memory resident and fully self-contained PowerShell virus (see my article here). You've got the keys to the kingdom and haven't even had to actually roach the Delaware state systems. But you can go all in and actually take over a real Delaware state employee email account and carry on a conversation with your phishees. Talk about spearphishing? Man, get me a harpoon, because "Thar she blows!"

Phishing in Delaware is a heck of a lot easier than breaking into the SEC or Edgar filing sites, not to mention carries a lot less risk for doing jail time.

I should do a Yelp review for PHISHING HOLES. In fact I just did. We'll see if it sticks. Check out Yelp.com for MadMax@MadCISO.com in Dover, DE. Sometimes I crack myself up.

Mad Max



#delaware #phishing #powershell #virus #yelp

Comments

Popular Posts