If you’re running a security conference that you advertise as the ‘biggest and best’ of its kind, it’s a little embarrassing when your delegates start receiving phishing messages.
But that’s what happened at the BlackHat event over the weekend. Attendees started receiving emails headed ‘Your admin password’, claiming to come from the conference organizers, and asking them to reset their passwords via a link.
It was a bit of a poor attempt, though, as the link, which was broken, didn’t even try to look like an official BlackHat address.
“Perhaps the phishers were hoping that the missing username and password might trick the recipients into logging in to the bogus site with their real username and password to see what was going on?” suggests Paul Ducklin of security form Sophos.
“Fortunately, as a phish, this was never going to work, because of the broken link.”
The email was sent to around 7,500 people who had registered to attend the conference in Las Vegas. The company has now apologized and explained what happened.
“For those of you intimately acquainted with Black Hat, our show is powered by an army of volunteers – they handle everything from building classrooms for training, proctoring speakers and sessions, to checking you in at registration,” BlackHat’s general manager, Trey Ford, explains in a blog post.
“The email this morning was an abuse of functionality by a volunteer who has been spoken to. This feature has since been removed as a precautionary measure.”