phishing_ spoof spam_ security.ppt
TRANSCRIPT
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
1/17
Phishing, Spoofing,
Spamming and SecurityHow To Protect Yourself
Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation, some images from Anti-Phishing Workgroups Phishing Archive,Carnegie Mellon CyLab
Dr. Harold L. Bud Cothern
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
2/17
Recognize Phishing Scams and Fraudulent E-mails
Phishing is a type of deception designed to stealyour valuable personal data, such as credit cardnumbers, passwords, account data, or otherinformation.
Con artists might send millions of fraudulent e-mailmessages that appear to come from Web sites youtrust, like your bank or credit card company, andrequest that you provide personal information.
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
3/17
Phreaking + Fishing = Phishing- Phreaking= making phone calls for free back in 70s- Fishing = Use bait to lure the target
Phishing in 1995Target: AOL usersPurpose: getting account passwords for free timeThreat level: lowTechniques: Similar names ( www.ao1.com for www.aol.com ), social
engineering
Phishing in 2001Target: Ebayers and major banksPurpose: getting credit card numbers, accountsThreat level: medium
Techniques: Same in 1995, keylogger
Phishing in 2007
Target: Paypal, banks, ebay
Purpose: bank accounts
Threat level: high
Techniques: browser vulnerabilities, link obfuscation
History of Phishing
http://www.ao1.com/http://www.aol.com/http://www.aol.com/http://www.ao1.com/ -
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
4/17
2,000,000 emails are sent
5% get to the end user 100,000 (APWG) 5% click on the phishing link 5,000 (APWG)
2% enter data into the phishing site100 (Gartner)
$1,200 from each person who enters data (FTC)
Potential reward: $120,000
A bad day phishin, beats a good day workin
In 2005 David Levi made over $360,000 from 160people using an eBay Phishing scam
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
5/17
Over 28,000 unique phishing attacks reported in Dec.2006, about double the number from 2005
Estimates suggest phishing affected 2 million UScitizens and cost businesses billions of dollars in2005
Additional losses due to consumer fears
Phishing: A Growing Problem
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
6/17
What Does a Phishing Scam Look Like?
As scam artists become more sophisticated, sodo their phishing e-mail messages and pop-upwindows.
They often include official-looking logos from realorganizations and other identifying informationtaken directly from legitimate Web sites.
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
7/17
Employ visual elements from target site DNS Tricks:
www.gooogle.comUnicode attacks
JavaScript AttacksSpoofed SSL lock
CertificatesPhishers can acquire certificates for domainsthey ownCertificate authorities make mistakes
Current Phishing Techniques
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
8/17
The following is an example of what a phishing scam e-mail message might look like:
QuickTime and a
TIFF (Uncompressed) decompressorare needed to see this picture.
Example of a phishing e-mail message, including adeceptive URL address
linking to a scam Web site.To make these phishing e-mail messages look evenmore legitimate, the scamartists may place a link inthem that appears to go tothe legitimate Web site (1),but it actually takes you to aphony scam site (2) orpossibly a pop-up windowthat looks exactly like the
official site.These copycatsites are also called"spoofed" Web sites. Onceyou're at one of thesespoofed sites, you mightunwittingly send personal
information to the con artists.
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
9/17
Socially aware attacksMine social relationships from public data
Phishing email appears to arrive from someone known to the victim
Use spoofed identity of trusted organization to gain trust Urge victims to update or validate their account
Threaten to terminate the account if the victims not reply Use gift or bonus as a bait
Security promises
Context-aware attacksYour bid on eBay has won!The books on your Amazon wish list are on sale!
Spear-Phishing: Improved Target Selection
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
10/17
Another Example:
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
11/17
But wait
WHOIS 210.104.211.21:Location: Korea, Republic Of
Even bigger problem:
I dont have an account with US Bank!
Images from Anti-Phishing Working Groups Phishing Archive
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
12/17
Here are a few phrases to look for if you think an e-mail message is a
phishing scam.
"Verify your account."Businesses should not ask you to sendpasswords, login names, Social Security numbers, or other personalinformation through e-mail. If you receive an e-mail from anyone askingyou to update your credit card information, do not respond: this is aphishing scam.
"If you don't respond within 48 hours, your account will beclosed."These messages convey a sense of urgency so that you'llrespond immediately without thinking. Phishing e-mail might even claim
that your response is required because your account might have beencompromised.
How To Tell If An E-mail Message is Fraudulent
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
13/17
How To Tell If An E-mail Message is Fraudulent (contd)
"Dear Valued Customer."Phishing e-mail messages areusually sent out in bulk and often do not contain your first orlast name.
"Click the link below to gain access to youraccount."HTML-formatted messages can contain links orforms that you can fill out just as you'd fill out a form on a Web
site.The links that you are urged to click may contain all orpart of a real company's name and are usually "masked,"meaning that the link you see does not take you to that address
but somewhere different, usually a phony Web site. Notice in the following example that resting the mouse pointer
on the link reveals the real Web address, as shown in the boxwith the yellow background. The string of cryptic numbers looksnothing like the company's Web address, which is a suspicioussign.
QuickTime and a
TIFF (Uncompressed) decompressorare needed to s ee this picture.
Example of masked
URL address
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
14/17
Con artists also use Uniform Resource Locators (URLs)that resemble the name of a well-known company but areslightly altered by adding, omitting, or transposing letters.
For example, the URL "www.microsoft.com" could appearinstead as:www.micosoft.comwww.mircosoft.comwww.verify-microsoft.com
How To Tell If An E-mail Message is Fraudulent (contd)
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
15/17
Never respond to an email asking for personal information
Always check the site to see if it is secure. Call the phonenumber if necessary
Never click on the link on the email. Retype the address in anew window
Keep your browser updated
Keep antivirus definitions updated Use a firewall
P.S: Always shred your home documents before discarding them.
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
16/17
Phishing Filter
(http://www.microsoft.com/athome/security/online/phishing_filter.mspx) helps protect you from Web fraud and the risks ofpersonal data theft by warning or blocking you from reported
phishing Web sites. Install up-to-date antivirus and antispyware software.Some phishing e-mail contains malicious or unwanted software(like keyloggers) that can track your activities or simply slowyour computer.
Numerous antivirus programs exist as well as comprehensivecomputer maintenance services like Norton Utilities. To helpprevent spyware or other unwanted software, downloadWindows Defender.
Install the Microsoft Phishing Filter Using
Internet Explorer 7 or Windows Live Toolbar
-
8/2/2019 Phishing_ Spoof Spam_ Security.ppt
17/17
Thank You
For Your