Phishing (Cred harvester) Response

Incident Response Playbook (High Level)

Having a plan for how you will respond to common incidents is key. It’s a good idea to have procedural level “playbooks” (we used to just call these procedures, maybe I’m old!) but let’s get taktic00l and call them:

Playbooks/Runbooks/Aide-mémoire etc.

That aside (words are fun right!) they key part here is to identify the people, roles and responsibilities and the systems/actions/decisions you will need to take. To start with let’s look at a common incident of Phishing with credential harvesting, this may lead onto business email compromise (BEC) and attempted or successful fraud or downstream supply chain attacks.

Read more “Phishing (Cred harvester) Response” →