Tweet
CONTEST RUNS THROUGH JUNE 21!
SEE CURRENT SCENARIO FOR DEF CON 33 --> https://forum.defcon.org/node/252733
Contest Overview
You will be supplied with a variety of articles and profiles of potential targets within a fictional company. Your goal is to find a way to get your selected target to click while trying to make us laugh along the way. How you go about that is up to you. Remember, though, this contest is as much about creativity and writing as it is about your technical aptitude. We’ve given you the background, but it’s up to you to “fill in the blanks.”
How do I win?
The ultimate winner will find a way to combine clickability with laughability. Combining humor with a targeted phishing attempt is a delicate balance, but our winner will find a way. Never fear, however, there are multiple ways to win in this competition. We understand that balancing both humor and clickability is a challenge. So, if you happen to be better at one or the other, you’ve still got a way to win.
We’ll select three winners after reviewing all the entries:
Each submission features two distinct documents:
Save the e-mail and Backstory to a text file. Attach that text file to an e-mail and send it to: phishstories@protonmail.com.
Contest begins May 4th and participants will have until 11:59pm Las Vegas time on June 21st to submit their entry.
One entry per participant – if you submit more than one, we’re only counting and reading the first.
You will receive confirmation of your entry within 48 hours of submission. Please contact us if you do not hear back from us within that timeframe. Illustrations and graphics are not accepted.
Please include your e-mail address and alias/hacker name (or real name if you prefer) for communication and recognition.
Please do not include any of the DEF CON staff, goons, etc., without EXPRESS WRITTEN PERMISSION from the individual which MUST BE forwarded to phishstories@protonmail.com, along with contact information. The individual will be contacted by a member of the Phish Stories contest staff before the entry is allowed.
Scoring Criteria
Judging will be conducted by a panel and completed within 2 weeks of the end of the contest.
The panel will individually stack rank each of the entries based on the following categories:
E-Mail Clickability – The point of a phish is to get someone to click, is yours going to hook someone?
Use of Sources – We’ve given you the scenario and some sources, show us you’ve read them! There are nuggets stored throughout, some are not so obvious.
After the Click – Can you tell us what happens when someone actually clicks on the link?
E-mail Humor – Did the e-mail make us laugh?
Backstory Humor – How about the backstory? Another chance for a chuckle.
Creative Ingenuity – How creative were you? Show us some outside-the-box storytelling.
Winners will be selected in the following fashion:
Ruler – Highest score of all 6 categories
Wizard – Highest score of E-Mail Clickability + Use of Sources + After the Click + Creative Ingenuity
Jester – Highest score of E-Mail Humor + Backstory Humor + Creative Ingenuity
Only one winner per category. The Ruler will be identified first, and the remaining entries will be ranked to determine the Wizard and the Jester.
Prizes (In-Person at the Con)
Ruler – 2 Human Badges
Wizard – 1 Human Badge
Jester – 1 Human Badge
The winners will get recognition in the online program and in social media. If on-site during the conference, they will also be recognized at the Contest Closing Ceremony.
We will be posting ALL entries in the DEF CON Forums for everyone to enjoy along with the winners.
See last year's scenario, entries, and winners for more information.
You can follow @phishstories.bsky.social on BlueSky and @phishstories on X (Twitter) for updates and information. Attempts will be made to provide updates and information to other social media platforms as well including:
Defcon.social (serum@defcon.social)
Reddit (u/phishstories)
For more contest information, check out the Phish Stories website.
Feel free to e-mail phishstories@protonmail.com with questions.
Enjoy!
SEE CURRENT SCENARIO FOR DEF CON 33 --> https://forum.defcon.org/node/252733
Contest Overview
You will be supplied with a variety of articles and profiles of potential targets within a fictional company. Your goal is to find a way to get your selected target to click while trying to make us laugh along the way. How you go about that is up to you. Remember, though, this contest is as much about creativity and writing as it is about your technical aptitude. We’ve given you the background, but it’s up to you to “fill in the blanks.”
How do I win?
The ultimate winner will find a way to combine clickability with laughability. Combining humor with a targeted phishing attempt is a delicate balance, but our winner will find a way. Never fear, however, there are multiple ways to win in this competition. We understand that balancing both humor and clickability is a challenge. So, if you happen to be better at one or the other, you’ve still got a way to win.
We’ll select three winners after reviewing all the entries:
- The Ruler – Best overall combination of clickability and humor. The Ruler is our overall winner.
- The Wizard – Best technical and clickable e-mail.
- The Jester – Funniest overall entry.
Each submission features two distinct documents:
- The backstory – you’ll need to fill out the assumptions you made about your target(s). The more creative you get, the better chance you have to win. This is where you can really tell a story and fill in those blanks. Tell us why you chose the target you did and tell us what happens after they click on that link! The backstory must be 600 words or less.
- The e-mail – again, this should be limited to 600 words or less.
Save the e-mail and Backstory to a text file. Attach that text file to an e-mail and send it to: phishstories@protonmail.com.
Contest begins May 4th and participants will have until 11:59pm Las Vegas time on June 21st to submit their entry.
One entry per participant – if you submit more than one, we’re only counting and reading the first.
You will receive confirmation of your entry within 48 hours of submission. Please contact us if you do not hear back from us within that timeframe. Illustrations and graphics are not accepted.
Please include your e-mail address and alias/hacker name (or real name if you prefer) for communication and recognition.
Please do not include any of the DEF CON staff, goons, etc., without EXPRESS WRITTEN PERMISSION from the individual which MUST BE forwarded to phishstories@protonmail.com, along with contact information. The individual will be contacted by a member of the Phish Stories contest staff before the entry is allowed.
Scoring Criteria
Judging will be conducted by a panel and completed within 2 weeks of the end of the contest.
The panel will individually stack rank each of the entries based on the following categories:
E-Mail Clickability – The point of a phish is to get someone to click, is yours going to hook someone?
Use of Sources – We’ve given you the scenario and some sources, show us you’ve read them! There are nuggets stored throughout, some are not so obvious.
After the Click – Can you tell us what happens when someone actually clicks on the link?
E-mail Humor – Did the e-mail make us laugh?
Backstory Humor – How about the backstory? Another chance for a chuckle.
Creative Ingenuity – How creative were you? Show us some outside-the-box storytelling.
Winners will be selected in the following fashion:
Ruler – Highest score of all 6 categories
Wizard – Highest score of E-Mail Clickability + Use of Sources + After the Click + Creative Ingenuity
Jester – Highest score of E-Mail Humor + Backstory Humor + Creative Ingenuity
Only one winner per category. The Ruler will be identified first, and the remaining entries will be ranked to determine the Wizard and the Jester.
Prizes (In-Person at the Con)
Ruler – 2 Human Badges
Wizard – 1 Human Badge
Jester – 1 Human Badge
The winners will get recognition in the online program and in social media. If on-site during the conference, they will also be recognized at the Contest Closing Ceremony.
We will be posting ALL entries in the DEF CON Forums for everyone to enjoy along with the winners.
See last year's scenario, entries, and winners for more information.
You can follow @phishstories.bsky.social on BlueSky and @phishstories on X (Twitter) for updates and information. Attempts will be made to provide updates and information to other social media platforms as well including:
Defcon.social (serum@defcon.social)
Reddit (u/phishstories)
For more contest information, check out the Phish Stories website.
Feel free to e-mail phishstories@protonmail.com with questions.
Enjoy!
Comment