Tag: EAC0015

Deceptive OAuth 2.0 Consent Screen

Craft a fake OAuth 2.0 consent screen that mimics a legitimate Google service but requests excessive or unusual permissions. Monitor interactions with this screen to identify attackers attempting to trick users into granting unauthorized access.

Read more...

Fake Google Workspace Shared Drive with “Confidential” Documents

Create a decoy Google Workspace Shared Drive containing fabricated documents with names suggesting sensitive information (e.g., “Financial Projections,” “Customer Database”). Monitor access and download activity to identify attackers attempting to exfiltrate data.

Read more...

Azure Storage Account with Honeyfiles

Create a decoy Azure Storage Account containing fabricated files that appear to be valuable or sensitive. Monitor access patterns and download attempts to identify attackers seeking to exfiltrate data or gain unauthorized access.

Read more...

Azure Logic App Honeypot

Deploy a non-functional Azure Logic App that mimics a critical workflow. Monitor any attempts to trigger or interact with this app to detect reconnaissance or attempts to disrupt business processes.

Read more...

Azure Key Vault Honeytoken

Create a fake Azure Key Vault instance containing decoy secrets and keys. Monitor access to this vault to detect attempts to steal sensitive information.

Read more...

Fake Social Media Posts

This element involves creating fake social media posts or activity that appear to originate from the user but are actually designed to mislead or deceive attackers.

Read more...

Fake Print Jobs

This element involves creating fake print jobs that appear to contain sensitive or confidential information but are actually filled with fabricated data or trigger alerts upon printing.

Read more...