Module 9 of C1b3rWall Academy 2021-2022 is proving to be a great success. Today we have enabled the second part of the module on “Pentesting” with the participation of Eduardo Sanchez from ALLPENTESTING, Victor Flores from VIEWNEXT, Manuel Lopez and Pablo Plaza from the BISITE Research Group.

Pentesting is a type of cybersecurity audit that consists of performing a set of simulated attacks aimed at a computer system in order to detect weaknesses or vulnerabilities so that they can be fixed, preventing their exploitation.

Thanks to the use of pentesting techniques, Eduardo Sanchez, CEO of AllPentesting and head of Hack & Beers, will discuss the scams that companies are most likely to fall victim to.

Impersonation with a changed TLD

Attackers buy the domain of a website, but with a different extension, and clone the original website.

Fraudulent ads on real pages

Attackers clone the ad with the same photos and change the host name and location. If you contact them, they will send you to a fake Airbnb, Tripadvisor… where you could make a payment.            

Phishing of banking credentials

It is common to receive emails or SMS from banks or institutions such as Social Security or Post Office with issues related to our bank accounts. To “solve” what they ask us in the message we have to click on a link that redirects us to a fake website where they ask us for our data.

These are just some of the scams that companies often suffer, you can learn about other cases in the presentation of Eduardo, free registration here.