Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and...
-
Upload
emily-gallagher -
Category
Documents
-
view
213 -
download
0
Transcript of Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and...
![Page 1: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/1.jpg)
Phishing Problem
Kristián KučerákMilan Just
![Page 2: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/2.jpg)
Abstract
In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power of information exchange and commerce at our fingertips.
Networks and systems are continuously evolving to become more robust, thereby maximizing our convenience and
productivity – 24 hours a day, seven days a week. Over the last few years, online banking, including online bill paying, has
become very popular as more financial institutions begin to offer free online services.With the increase in online fraud and
identity theft, financial crimes have changed from direct attacks to indirect attacks—in other words, rather than
robbing a bank at gunpoint, the criminals target the bank's customers. This type of indirect attack significantly impacts
the financial institutions themselves because their inability to adequately protect their customer assets tarnishes their
reputations and overall trust.
![Page 3: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/3.jpg)
Spam Classification Spam organization1. Bulk-mailing tool identification. Identification of unique mailing
attributes found in the e-mail header.2. Feature subsets Items such as hash busters, (format and location),
content attributes (spelling errors, grammar), and unique feature subsets from the bulk-mailing tool.
3. Sending methods
Classification techniques1. Unsolicited commercial e-mail (UCE)2. Nonresponsive commercial e-mail (NCE)3. List makers4. Scams (Phishing)
![Page 4: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/4.jpg)
Cyber Crime Evolution
![Page 5: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/5.jpg)
What is Phishing ?
Gather private information (credit card information, bank account passwords
First Phishing reported against financial institution in July 2003
It introduced a new class of attack vektor – overlooked human element
![Page 6: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/6.jpg)
Phishing Statistics Phishers are refining their e-mail techniques Phishers of 2005 build their own PHP bulk-
mailing Phishers are becoming more technically
savvy Phishers are taking advantage of Cross-Site
Scripting (XSS) vulnerabilities Phishers are refining their key-logging
malware
![Page 7: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/7.jpg)
Go Phish!
Most popular phishing methods :
Impersonating Attack Forwarding Attack Pop-up Attack
![Page 8: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/8.jpg)
Impersonating Attack
![Page 9: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/9.jpg)
Forwarding Attack
![Page 10: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/10.jpg)
Popup Attack
![Page 11: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/11.jpg)
Harvesting e-mail Addresses
86 percent of the e-mail addresses posted to Web pages receive spam (@ sign)
the majority of spammers and phishers use bots or crawlers (www.bestextractor.com)
Extract Link, Whois Extractor, List Monitor, Email Verifier
![Page 12: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/12.jpg)
Sending Spam/PhishTwo competing popular bulk
mailers:
Send-Safe ( “real anonymous mailer”, was authored by Ruslan Ibragimov – author of Sobig Virus )
Dark-Mailer ( easy of use, forging headers, sending roughly 500,000 e-mails per hour, supports HTTP and SOCKS proxies )
![Page 13: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/13.jpg)
Conclusion Significant and growing problem A lot of antiphishing vendors – be
careful “secure by marketing” – campaing
just to get sales Good idea product
evaluated by a professional security team
![Page 14: Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.](https://reader035.fdocuments.us/reader035/viewer/2022070400/56649f0d5503460f94c21cc0/html5/thumbnails/14.jpg)
Thank you for your attention
Any questions ???