Blog

Introducing in-browser app banners: Set guardrails for cloud apps | Learn more →

Resource

A Phisher’s Guide to Slack

Unlike phishing via email, IM apps and the messages within them are typically more trusted by employees, making social engineering via Slack a juicy target.

In this guide on external phishing attacks via Slack, we'll show red teamers and pentesters how to get initial access as the first step in the attack kill chain. Once you've got a foothold on Slack, we'll show you:

icon-bulb
New attack possibilities that help you gain and maintain persistence
icon-bulb
How to conduct more advanced social engineering attacks to move laterally
icon-bulb
Link-spoofing techniques that can make phishing links much harder to spot
icon-bulb
How malicious Slack messages can be modified later to replace the phishing link, covering your tracks
download card
Download your copy