HONEY USERS

# It is kind of honey pots except in case of fake machines here you will use fake user mail ID’s . You have to put these mail ID’s on the places where the attackers will mostly look for to gather victim information’s like your company site , company LinkedIn page or anywhere else. So that when an attackers , attacks this mail we can captured, monitor their moves or even soft block them by marking & sending it to SPAM.

DOMAIN MONITORING

# Domain monitoring is useful to check number of similar websites out there that resembles like that of your organization. We can simple use ” whois <domain name> “ command to get the information’s but there are few good tools which gives proper information’s of those similar domains.

NOTE : If there is a similar domain with our organization name and if it has MX records then there might be a chance that you could get a phishing email from that domain. So to verify this we need the tools.

TOOLS :-

• Spoofpoint – https://github.com/grahamhelton/spoofpoint
• dnstwist – https://github.com/elceef/dnstwist

USER TRAINING

# User awareness is the first line of defense , if this is broken then everything might turn into a disaster.

# Always remember whenever it comes to cybersecurity,  you are only as good as your weakest link.