“Testing your users and systems with generic phishing pretexts use to be enough, but now attackers are using open-source intelligence to customize their phishing campaigns. Step up your game! Let Stephanie show you how OSINT methods can be used to create a tailored pretext augmented by a 2nd stage vishing strategy. The 2015 Verizon DBIR reveals that for two years “more than two-thirds of incidents that comprise the Cyber-Espionage pattern have featured phishing.” Hot on the heels of this and other data breaches we are seeing the industry move to complement the yearly pentest with phishing-based assessments. Attendees will learn the following: How attackers use OSINT to build targeted phishing campaigns How adding vishing can make an ineffective phish still work How a tailored phishing assessment and meaningful training better prepare your organization’s employees”