Level: Low tech

Abstract:
It may not be the fanciest or prettiest subject as there are probably no hooded h4ckers and h4ckz0rs in this, nothing to brag on forums but the social engineering attacks in their various forms compromise bulk of current threats on cyber horizon and present daily “bread and butter” for many cybersecurity companies and organizations in their struggle to prevent them. Not to mention huge financial impact and consequences of such an acts which already surpass so-called “ordinary crime”.

At SI-CERT, Slovenian national computer security incident response team, due to our vast but also very diverse constituency and also because of the successful (cyber) awareness campaign, we receive high numbers of incident reports and cases of various types of social engineering scams and attacks – ranging from “Nigerian classics”, romance scams, international crypto investment schemes and operations, fake shops, extortions, BEC, imaginative use of AI and deepfake technology up to sophisticated two-stage (spear) phishing campaigns. This gives us pretty good understanding, broader picture of threat landscape and especially intimate knowledge of “what is really going on out there”. In the presentation I will show what are the current trends, threats and how do we, as a SI-CERT, “fight” against such events. But most of all there will be showcase of real-life reported cases which may leave you dazzled, confused and in utter disbelief. You may be surprised, but cliché Arabian prince with cash surplus that just landed into your inbox or “money for nothing click here” does actually still exist. For those who believe, at least. ;)

Bio:
Miloš Gajić, SI-CERT inc. handler/sec. analyst, lecturer, author; ex NREN helpdesk, sysadmin guy. Likes to dwell into a good online scam. Otherwise grumpy but avid skier, hiker, lover of old school dystopian sci-fi and just plain dad.

Posted on Tuesday, March 10th, 2026 at 3:08 pm in talks | rss feed for comments| Both comments and pings are currently closed.