VENKAT DEEP RAJAN SUMALATHA REDDY KARTHIK INJARAPU

CPSC 620

CLEMSON UNIVERSITY

INTRODUCTIONINTRODUCTION

Identity Theft

Number of phishing cases escalating in number

Customers tricked into submitting their personal data

Phishing .. ?Phishing .. ?

Defined as the task of sending an email, falsely claiming to be an established enterprise in an attempt to scam a user into surrendering private information

Redirects user to a scam website, where the user is asked to submit his private data.

Derivation of the word “phishing”

Social Engineering Social Engineering FactorsFactors

Phishing attacks rely on a combination of technical deceit and social engineering practices

Phisher persuades the victim to perform some series of actions

Phisher impersonates a trusted source for the victim to believe

How does it look .. ?How does it look .. ?

Sophisticated e-mail messages and pop-up windows.

Official-looking logos from real organizations

A Phishing mailA Phishing mail

Another exampleAnother example

Delivery TechniquesDelivery Techniques

Mails or spam’s: Most common way and done by utilizing spam

tools.

Web-sites: Embedding malicious content into the website.

Delivery TechniquesDelivery Techniques

Redirecting: Cheat the customer to enter illicit website.

Trojan horse: Capturing home PC’s and utilizing them to

propagate the attacks.

Attack TechniquesAttack Techniques

Man-in-the-middle Attacks

URL Obfuscation Attacks

Cross-site Scripting Attacks

Preset Session Attack

Hidden Attacks

Man-in-the-middle AttacksMan-in-the-middle Attacks

Cross-site Scripting Cross-site Scripting AttacksAttacks

Preset Session Attack:Preset Session Attack:

Defensive mechanismsDefensive mechanisms

Client-Side

Server-Side

Enterprise Level

Client-SideClient-Side

Desktop Protection Technologies

Browser Capabilities

Digitally signed Emails

User-application level monitoring solutions

Local Anti-Virus protection

Personal Firewall

Personal IDS

Personal Anti-Spam

Spy ware Detection

Desktop Protection Technologies

Browser CapabilitiesBrowser Capabilities Disable all window pop-up functionality

Disable Java runtime support

Disable ActiveX support

Disable all multimedia and auto-play/auto-execute extensions

Prevent the storage of non-secure cookies

Digitally Signed Digitally Signed EmailEmail

Server-sideServer-side

• Validating Official Communications

• Strong token based authentication

Validating Official Validating Official CommunicationsCommunications

Digital Signatures

Visual or Audio personalization of email

Strong token based Strong token based authenticationauthentication

Enterprise LevelEnterprise Level

Mail Server Authentication

Digitally Signed Email

Domain Monitoring

Mail Server Mail Server AuthenticationAuthentication

Digitally Signed EmailDigitally Signed Email

Domain MonitoringDomain Monitoring

• Monitor the registration of Internet domains relating to their organization

• The expiry and renewal of existing corporate domains

• The registration of similarly named domains

ConclusionConclusion

Understanding the tools and technologies

User awareness

Implementing Multi-tier defense mechanisms

ReferencesReferences Cyveillance the brand monitoring network

www.cyveillance.com

http://www.technicalinfo.net/index.html

The phishing Guide www.ngssoftware.com

http://www.webopedia.com/TERM/P/phishing.html

http://www.wordspy.com/words/phishing.asp

Stutz, Michael (January 29, 1998). "AOL: A Cracker's Paradise”

http://www.technicalinfo.net/papers/Phishing.html