February Chapter Meeting

Please let us know how we can better serve your needs by sending an email message to our Board of Directors.


Active Defense: Why Duck when you can Hit back?

February 15, 2018 - click to add to calendar

CPE Credits: up to 2.0 hours of CPE is available

Presented by: John Wilson

Active Defense: Why Duck when you can Hit back?

Tempting as it may be to "hack back", current US law makes it illegal to do so. Hacking back is illegal, and sitting back is frustrating and ineffective. Fortunately, there's a middle ground: Active Defense.

Learning Points: In this presentation I will present the results of numerous Active Defense operations that have resulted in

  • Seizure of bank accounts used to launder money,
  • Takedown of various online accounts used to lure victims and money mules,
  • (Legal!) Exfiltration of the scammer's mailbox.
  • I will also present some of the findings from the exfiltrated mailboxes, such as the different types of scams the BEC actors are involved with, which Crypter services are used by the BEC scammers, and which services the scammers use to find their victims.

    About the Speaker:
    John Wilson
    has been combating email-based fraud since 2006, when he developed an authentication-based anti-phishing solution as CTO of Brandmail Solutions. John continues his mission to rid the world of email fraud at Agari, a venture-backed startup that helped to develop the DMARC standard. Leveraging DMARC and private-channel email data, John assisted Microsoft and the FS-ISAC with the B54 Citadel botnet takedown by providing data related to Citadel botnet infections and by acting as a declarant in the civil forfeiture action filed in US District Court. In his current role as Field CTO of Agari, John researches various email scams and conducts experiments in "Active Defense". In the course of these experiments, John has identified and reported more than 120 bank accounts used by fraudsters to launder money, and has referred several cases to law enforcement for further investigation. John holds a B.S. in Computer Science and Engineering from MIT.

    Who should attend
    IT Leaders (CIOs/CTOs/CSOs/CISOs), IT practitioners (Directors and Managers), IT Audit and Security professionals, Internal and External Auditors.

    Field of Study
    Auditing & Governance

    Instructional delivery method
    Group Live

      11:00 a.m. - 12:00 p.m. Registration, Lunch & Networking
    12:00 p.m. - 12:10 p.m. Chapter Announcements
    12:10 p.m. - 1:50 p.m. Presentation
    1:50 p.m. - 2:00 p.m. Wrap up and Door prizes
    ISACA Denver Chapter Members:   $15
    Non-Members:   $25

    There is a $5.00 discount for credit card payments.

    Walk-in non-members must pay by cash/check and will be charged an additional $10.00 fee above the normal non-member fee.

    Walk-ins may be turned away if space is not available.

    Location Regis University
    3333 Regis Blvd
    Denver, CO 80221
    » See Map

    Parking Lot Map

    Parking Lot Rates


    To make your reservation, please complete the following registration form by 5:00PM, Tuesday, February 13, 2018. If you make a reservation and are unable to attend or substitute, you will be billed unless you cancel before February 14, 2018.

    If an individual registers for a meeting, indicates that he/she will be paying at the door (with cash or check), and then does not show and does not cancel before the cancellation date indicated on the chapter's website, that individual will not be allowed to register for or to attend another meeting until their account has been settled with ISACA Denver. In addition, the individual will be charged an additional $10 late fee when he/she makes payment on the delinquent charge.

    For additional information, please refer to the Chapter's Meeting Attendance Policy.

      first last
    Member Type: ISACA Denver Chapter Member
    Membership ID:
    Payment Options: Credit Card
    Reset Register


    To cancel your reservation for this event, enter your email address and click 'Cancel Reservation'. Cancellations for this event must be received before February 14, 2018 at 5:00pm.

    Cancel Reservation
    © 2004-2013 ISACA Denver Chapter. All rights reserved.