Nov 4 – 8, 2019
Adelaide Convention Centre
Australia/Adelaide timezone

Email-based threats - addressing the human factor

Nov 7, 2019, 11:45 AM
Riverbank R4 (Adelaide Convention Centre)

Riverbank R4

Adelaide Convention Centre

Oral Track 8 – Collaboration, Education, Training and Outreach Track 8 – Collaboration, Education, Training and Outreach


Sebastian Lopienski (CERN)


Since years, e-mail is one of the main attack vectors that organisations and individuals face. Malicious actors use e-mail messages to run phishing attacks, to distribute malware, and to send around various types of scams. While technical solutions exist to filter out most of such messages, no mechanism can guarantee 100% efficiency. Recipients themselves are the next, crucial layer of protection - but unfortunately, they fall for the various tricks used by attackers way too often.

This presentation will start with a quick overview of social engineering tricks used these days in both generic and targeted attacks. We will briefly look at strengths and limitations of technical counter-measures such as spam filters and antimalware protection. We will then focus on the human aspect, and in particular on user education. Lessons from awareness raising campaigns run at CERN in the last few years will be discussed, and compared to approaches employed by other organisations, and proposed by companies offering commercial solutions.

Consider for promotion Yes

Primary author

Presentation materials