Well, sometimes you can.

During the first campaign, around 200 people, these days closer to 800

no patching it either:P

busty-ka tumblr com great presentation, and accent haha

Mike Chaves her accent is confusing to me, she's Australian but cuts in and out of an American accent. I'm Australian also

she is the ideal "boyish" girlfriend

Pretty sure she's done some voice-training. And I gotta say, it has paid off in spades, the clarity and lack of distraction in the delivery would have made any public speaker proud. (Not denigrating the content, which was also an excellent composition.)

Her name is : Karla Burnett

for more phishing research, right? XDXD

unfortunately most of the talks I've seen from Black Hat have the Q&A sections cut...

What if the admins get phished? :-D

If they are using two separate accounts. One for admin. rights for only when they need to use it and one for regular user rights for email, internet browsing, etc. They should not lose their administrative credentials due to any sort of phishing. How would the admin credentials be phished at that point? They should only be putting those credentials into 100% verified and valid portals or forms. I'm guessing I didn't clarify by what I meant enough in the original post.

+dragon1000204395 "real men run as root" Reminds me on this save email client built into the bash. It protects root from getting infected mails opened. "ReadMail -RealFast" or in short "rm -rf"

It's Australian

I ran the campaigns using only information that could be found publicly (e.g. scraped email addresses, security policy and services we've talked about externally), but Jimmy is right that I have a lot more insight into the psychology of the company than an outsider would. You would of course expect conversion rates to be lower for someone external, but with rates so high for an internal actor, I don't think they'd be zero for an external one. Jimmy's also correct that I'm not doing real science, I'm using the term colloquially - the sample sizes are far too small to be anything but indicative. If you'd like hard science, Lorrie Cranor has some great research on user security, but it focuses on less targeted and sophisticated phishing attacks than my work did.

+Karla Burnett I don't know what to say. You are a realy realy nice, smart, skilled, humorous, person. I thought that right after the video. And then you showed such a constructive and friendly attitude in this comment. You are realy great. You said we are all just human. I hope it's ok that many of us think you are great not only in your professional fields and as a person. Well I didn't write it, but you know, what I would have want to write so badly.

It's an asset if you're a hacker. Some guys see the pretty lady and ignore that she's actually doing something she shouldn't. Damn hormones.