Phishing Read Behind The Lines

Similar documents
CE Advanced Network Security Phishing I

Phishing Activity Trends

Phishing Activity Trends Report August, 2006

Phishing Activity Trends

Phishing Activity Trends

Webomania Solutions Pvt. Ltd. 2017

Phishing Activity Trends

Phishing Activity Trends Report August, 2005

Best Practices Guide to Electronic Banking

Phishing Activity Trends Report October, 2004

Phishing Activity Trends Report January, 2005

Evolution of Spear Phishing. White Paper

Identity Theft, Fraud & You. PrePare. Protect. Prevent.

CompTIA Security+ Malware. Threats and Vulnerabilities Vulnerability Management

Security & Phishing

Web Application Security. Philippe Bogaerts

Phishing Activity Trends Report November, 2004

Phishing Activity Trends Report March, 2005

Unique Phishing Attacks (2008 vs in thousands)

Security Awareness. Chapter 2 Personal Security

FAQ. Usually appear to be sent from official address

Phishing. Eugene Davis UAH Information Security Club April 11, 2013

Anti-Phishing Working Group

Custom Plugin A Solution to Phishing and Pharming Attacks

A Lightweight Framework for Detection and Resolution for Phishing, Pharming and Spoofing

Identity Theft, Phishing and Pharming: Accountability & Responsibilities. OWASP AppSec DC October The OWASP Foundation

SPOOFING. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

Newcomer Finances Toolkit. Fraud. Worksheets

Web Cash Fraud Prevention Best Practices

How Cyber-Criminals Steal and Profit from your Data

Phishing Attacks. Mendel Rosenblum. CS142 Lecture Notes - Phishing Attack

An ARIN Update. Susan Hamlin Director of Communications and Member Services

Quick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page

WHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?

Employee Security Awareness Training

August 2009 Report #22

Cyber Security Practice Questions. Varying Difficulty

New Zealand National Cyber Security Centre Incident Summary

A Review Paper on Network Security Attacks and Defences

The Cost of Phishing. Understanding the True Cost Dynamics Behind Phishing Attacks A CYVEILLANCE WHITE PAPER MAY 2015


Protecting Against Online Fraud. F5 EMEA Webinar August 2014

How to recognize phishing s

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

The PKI Lie. The OWASP Foundation Attacking Certificate Based Authentication. OWASP & WASC AppSec 2007 Conference

SSAC Public Meeting Paris. 24 June 2008

Troubleshooting and Cyber Protection Josh Wheeler

RSA FRAUDACTION ANTI-PHISHING SERVICE: BENEFITS OF A COMPREHENSIVE MITIGATION STRATEGY

7. How do I obtain a Temporary ID? You will need to visit HL Bank or mail us the econnect form to apply for a Temporary ID.

CISNTWK-440. Chapter 4 Network Vulnerabilities and Attacks

Financial scams. What to look for and how to avoid them.

P2_L12 Web Security Page 1

AUTHENTICATION. Do You Know Who You're Dealing With? How Authentication Affects Prevention, Detection, and Response

Phishing. Spoofed s

Comptia RC CompTIA Security+ Recertification Exam. For More Information Visit link below: Version = Product

Authentication Security

Phishing: When is the Enemy

But it Was Such a Little Phish February 2016 Webinar

3.5 SECURITY. How can you reduce the risk of getting a virus?

Electronic Identity Theft and Basic Security

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 1 Introduction to Security

Securing Information Systems

Training UNIFIED SECURITY. Signature based packet analysis

Retail/Consumer Client Internet Banking Awareness and Education Program

Frequently Asked Questions (FAQ)

4 th Quarter Phishing Activity Trends Report. Unifying the Global Response To Cybercrime. Activity October December 2017.

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

Bringing the Fight to Them: Exploring Aggressive Countermeasures to Phishing and other Social Engineering Scams

10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS

Wireless LAN Security (RM12/2002)

Today s Presentation. Define phishing Explain phishing techniques Examples of phishing Statistics about phishing Defense against Dark Arts Resources

PEOPLE CENTRIC SECURITY THE NEW

South Central Power Stop Scams

Phishing in the Age of SaaS

Sizing and Scoping ecrime

Phishing Activity Trends Report. 4 th Quarter Unifying the. Global Response To Cybercrime. October December 2012

Symantec Intelligence Quarterly: Best Practices and Methodologies October - December, 2009

How Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong

Frauds & Scams. Why is the Internet so attractive to scam artists? 2006 Internet Fraud Trends. Fake Checks. Nigerian Scam

Thailand Initiatives and Challenges in Cyber Terrorism

Management of IT Infrastructure Security by Establishing Separate Functional Area with Spiral Security Model

IMPORTANT SECURITY CHANGES LOGGING ON. We are replacing the existing enhanced authentication.

Elementary Computing CSC 100. M. Cheng, Computer Science

CS System Security Mid-Semester Review

Korea Phishing Activity Trends Report

Phishing is Yesterday s News Get Ready for Pharming

Accounting Information Systems

PROTECTING YOUR BUSINESS ASSETS

Personal Cybersecurity

Defeating All Man-in-the-Middle Attacks

Establishing an ECAS Access UNION REGISTRY

CS 155 Final Exam. CS 155: Spring 2011 June 3, 2011

Recognizing Fraud Staying Safe 2018 Information/Cyber Security Training

Phishing Activity Trends Report. 3 rd Quarter Unifying the. Global Response To Cybercrime. July September 2012

Security Course. WebGoat Lab sessions

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 1 Introduction to Security

The Rise of Phishing. Dave Brunswick Tumbleweed Communications Anti-Phishing Working Group

IT Security Protecting Ourselves From Phishing Attempts. Ray Copeland Chief Information Officer (CIO)

Anti-Phishing Working Group

CSci530 Final Exam. Fall 2011

Transcription:

Phishing Read Behind The Lines Veljko Pejović veljko@cs.ucsb.edu

What is Phishing? "Phishing attacks use both social engineering and technical subterfuge to steal consumers' personal identity data and financial account credentials Anti phishing Working Group 2

What is Phishing? Social engineering aspect: Sending spoofed e mails Building confidence between a phisher and a victim Technical aspect: Spyware Pharming DNS poisoning 3

Key Characteristics Upsetting or exciting statements must react immediately Ask for information such as username, passwords, credit card numbers, social security numbers, etc. Emails are typically NOT personalized Masked links 4

Phishing Example Actually links to http://212.45.13.185/bank/index.php 5

Phishing Example Another false link! 6

Once you get caught... False Citi Bank URL! 7

Consequences Customers: Financial consequences stolen financial information Trust and effective communication can suffer Service providers (banks, retailers...) Diminishes value of a brand Customer loss Could affect stakeholders 8

Spear Phishing Targeted at a specific company, government agency, organization, or group Phisher gets an e mail address of an administrator/colleague Spoofed e mail asks employees to log on to a corporate network A key logger application records passwords Phisher can access corporate information 9

Phishing Techniques Phishing through compromised web servers Find vulnerable servers Gain access to the server Pre built phishing web sites are up Mass emailing tools are downloaded and used to advertise the fake web site via spam email Web traffic begins to arrive at the phishing web site and potential victims access the malicious content 10

Phishing Techniques Phishing through port redirection Find vulnerable servers Install software that will forward port 80 traffic to a remote server Make sure that it is running even after a reboot, Try not to get detected Web traffic begins to arrive at the phishing web site and potential victims access the malicious content 11

Phishing Techniques Combined technique If a remote host is lost other will continue to phish If the central phishing site is lost, compromise another and update redirections Faster configuration setup, concurrent adjustments can be made 12

Phishing Techniques Additional aproaches Register similar sounding DNS domains and setting up fake web sites, e.g. www.paypa1.com www.welsfargo.com Configure the fake phishing web site to record any input data that the user submits silently log them and then forward the user to the real web site Attempt to exploit weaknesses in the user's web browser to mask the true nature of the message content 13

Phishing Techniques Transfer of funds International transfers are monitored, find an intermediate person to send the money Hello! We finding Europe persons, who can Send/Receive bank wires from our sellings, from our European clients. To not pay TAXES from international transfers in Russia. We offer 10% percent from amount u receive and pay all fees, for sending funds back. Amount from 1000 euro per day. All this activity are legal in Europe, Thank you, FINANCIE LTD. 14

Pharming Typing URL e.g. www.newegg.com Translates to IP address 216.52.208.185 DNS a dictionary with pairs URL IP What happens if somebody hacks DNS? Instead of 216.52.208.185, www.newegg.com might take us to 192.168.10.103 Usually, a false web page is there 15

Pharming How hard is it to perform DNS poisoning? Local DNS cache Local DNS Wireless routers 16

Statistics for August 2006, APWG Number of unique phishing reports received in August: 26150 Number of unique phishing sites received in August: 10091 Number of brands hijacked by phishing campaigns in Aug: 148 Number of brands comprising the top 80% of phishing campaigns in August: 17 Country hosting the most phishing websites: United States Contain some form of target name in URL: 48 % No hostname just IP address: 36 % Percentage of sites not using port 80: 5.9 % Average time online for site: 4.5 days Longest time online for site: 31 days 17

Phishing Prevention Public Education: Do not believe anyone addressing you as a 'Dear Customer' 'Dear business partner', etc. Do not respond to an e mail requesting username, password, bank account number, etc. Do not click on the link provided in an e mail message Report phishing or spoofed e mails 18

Phishing Prevention Necessary software infrastructure: Website authentication Certificate E mail authentication Digital signature Anti virus software 19

References Anti Phishing Working Group http://www.antiphishing.org The Honeynet Project & Research Alliance: Behind the Scenes of Phishing Attacks http://www.honeynet.org Phishing, M. E. Kabay, Norwich University Let's Go Phishing, MOREnet, University of Missouri You've Been Hacked, J. King, Bakersfield College 20

Thank You! Phishing Read Behind The Lines Veljko Pejović veljko@cs.ucsb.edu

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback