World’s Worst Phishing Campaign

@rfdevere 15th July 2021 Blog

When considering a simulated phishing campaign, security vendors are keen to put their best foot forward. I can’t blame them because that’s how sales and marketing work. You wouldn’t want a BMW if it wasn’t “The ultimate driving machine” would …

Read More

Online Crime is Real Crime – Part 2

@rfdevere 5th July 2021 Blog

In part one of this blog, I talked about our journey here. It explains why I am so hopelessly fucked off with the current state of affairs and details my relationship with Policing. I’m not some confused yuppie, I’m not …

Read More

Online Crime is Real Crime – Part 1

@rfdevere 5th July 2021 Blog

When we look at online crime, we think of it as a problem that is impossible to solve. We’ve mostly just accepted the defeat. If only we could do something we cry, “if only the challenge wasn’t so big and …

Read More

The Solution To Identity Fraud

@rfdevere 28th June 2021 Blog

I really respect readers of our blog, hopefully you’ve come here to shoot down the claim in the title. I know I would if I saw it randomly on Twitter. I would drive to that persons house and argue why it …

Read More

Recycling Numbers on Twilio

@rfdevere 4th May 2021 Blog

We’ve been getting busy on Twilio recently working on our SE Honeypot project. It’s a wonderful platform, everything is placed where it feels it should be, some complex IVR tasks can be made in a drag and drop fashion – …

Read More

WhatsUpp With Scams

@rfdevere 9th April 2021 Blog 3 Comments

In some countries, being a scammer is as legitimate a profession as being a nurse or a teacher. When jobs are sparse and education is out of reach of many, often people are forced to put morals aside in order …

Read More

The UKCSC

@rfdevere 3rd April 2021 2 Minute Shorts, Blog

When tasked with naming the UK Cyber Security Council – the newly minted crack cyber council from the government. It seems some blindingly obvious errors were overlooked by the committee. The first, which is simply inexcusable after the lengthy planning …

Read More

A Month Of Cyber Security Lessons

Kirstan Norman 5th March 2021 Blog

Back in February, I took on a short contract with The AntiSocial Engineer Limited. I’m a writer and marketer and the plan was to help this awesome small business get a lot of the ideas they had for blogs down …

Read More

From Web Developer to Professional Scammer

Kirstan Norman 4th March 2021 Blog

When considering a career change, it’s always good to stick to an element of what you know and ensure that some of your skills are transferable. When ex-web developer, Chris, made the decision to leave the industry, he never thought …

Read More

Is Your Receptionist on Tinder?

Kirstan Norman 19th February 2021 Blog

Most of our social engineering jobs begin the same way – researching our “victims”. Whether it’s the accounts manager that we want to coax into paying a fake invoice, or the security guard who we need to convince to let …

Read More

Three People You Need To Watch Out For

Kirstan Norman 17th February 2021 Blog

When we carry out penetration tests on businesses, possibly the most crucial part is choosing the disguise and persona. There’s a lot more to it than sticking on a hat and glasses and remembering a script. After all, a lift …

Read More

We All Work For Namecheap

Kirstan Norman 12th February 2021 Blog

So you want to start your first phishing site. First of all, you need to purchase a domain. Something that will trick unsuspecting internet users into clicking on it and submitting their credentials. Then you have to secure a good-value …

Read More

Why is Mark Working at Midnight?

Kirstan Norman 10th February 2021 Blog

It can be easy to think that phishing attempts are nothing to worry about. After all, you’re never going to click on that email saying you’ve missed your Netflix payment when you cancelled your account back in 2018. But the …

Read More

The Power of the Flower

Kirstan Norman 9th February 2021 Blog

When you work in an office, there’s nothing better than when someone brings in their new baby or puppy for a meet and greet. Everyone immediately stops work and is temporarily wrapped up in a bubble of excitement. If an …

Read More

Why You Should Be Concerned By Jane’s Abrupt Emails

Kirstan Norman 3rd February 2021 Blog

There’s nothing more satisfying than removing the “kind” from “kind regards” and smashing that send button when you’ve lost your patience with the recipient. If you’re on the receiving end, you probably know what’s caused this sudden removal of manners, …

Read More

Trust in SMS

@rfdevere 11th January 2021 Blog

Before we get into this blog, can we please just take a second to fondly remember the fallen… for many of us the source of this modern world we now feel so familiar with. You might not remember the the …

Read More

Those Who Cannot Remember The Past

@rfdevere 25th August 2020 Blog

Information security is a fast paced industry. Everyday, people are dropping exciting projects on GitHub, data breaches keep journalists in work, universities teach the next generation of practitioners and security companies churn out invoices. It’s all frenetic, it’s a turbo …

Read More

Pyrotechnic Pretexts

@rfdevere 1st July 2020 Blog

We recently saw a video posted by the London Fire Brigade on Twitter and it got us thinking. I’m sure followers of the blog know just what we thought already… It’s probably best to rate the London Fire Brigade on …

Read More

Phishing danger is just a hyphen away.

@rfdevere 30th May 2020 Blog

Followers of the blog will know that I’m not a fan of SMS. It’s spoofable, it’s hackable, it’s from 1981. I can’t even have a meal out in peace without finding SMS weaknesses that take over some random service. So …

Read More

InfoSE – Getting Social

@rfdevere 18th May 2020 2 Minute Shorts

Hosting a meet up in 2019 was a rather easy affair. You put the word out to your friends and peers, dropped a little hype on social media and headed to M&S to grab some snacks and few bottles of …

Read More