© 2006 Consumer Jungle Malware: Spam, Viruses, Spyware, Phishing, Pharming, Trojans, Worms, Backdoors, and Zombie Computers.

Slides:



Advertisements
Similar presentations
Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Advertisements

Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Telnet and FTP. Telnet Lets you use the resources of some other computer on the Internet to access files, run programs, etc. Creates interactive connection.
Internet Phishing Not the kind of Fishing you are used to.
Computer Viruses.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.
Threats To A Computer Network
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
S EC (4.5): S ECURITY 1. F ORMS OF ATTACK There are numerous way that a computer system and its contents can be attacked via network connections. Many.
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
Title: The Internet LO: Security risks. Security risks Types of risks: 1.Phishing 2.Pharming 3.Spamming 4.Spyware 5.Cookies 6.Virus.
Quiz Review.
Trojan Horse Chris Wise & Jacob Summers. Overview What is Trojan Horse? Types of Trojan Horses? How can you be infected? What do attackers want?
Threats to I.T Internet security By Cameron Mundy.
Security Issues: Phishing, Pharming, and Spam
Internet Safety By Megan Wilkinson. Viruses If your computer haves a viruses on it, it will show one of them or a different one. All commuters have different.
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Contents  Viruses Viruses  Computer Worms Computer Worms  Trojans Trojans  Spyware Spyware  Adware Adware  Spam Spam  Hoaxes and Scams Hoaxes and.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Unit 2 - Hardware Computer Security.
Detrick Robinson & Amris Treadwell.  Computer viruses- are pieces of programs that are purposely made up to infect your computer.  Examples: › Internet.
Security Chapter What Should I Ask Santa Claus For? spoofing: fraudulent activity in which the sender address and other parts of the.
Safe Computing. Computer Maintenance  Back up, Back up, Back up  External Hard Drive  CDs or DVDs  Disk Defragmenter  Reallocates files so they use.
Scams & Schemes Common Sense Media.
Threat to I.T Security By Otis Powers. Hacking Hacking is a big threat to society because it could expose secrets of the I.T industry that perhaps should.
IT security By Tilly Gerlack.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
People use the internet more and more these days so it is very important that we make sure everyone is safe and knows what can happen and how to prevent.
Introduction to ITE Chapter 9 Computer Security. Why Study Security?  This is a huge area for computer technicians.  Security isn’t just anti-virus.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
Here is a list of viruses Adware- or advertising-supported software-, is any software package which automatically plays, displays, or downloads advertisements.
Trojan Horses on the Web. Definition: A Trojan horse a piece of software that allows the user think that it does a certain task, while actually does an.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Chapter 7 Phishing, Pharming, and Spam. Phishing Phishing is a criminal activity using computer security techniques. Phishers try to acquire information.
About Phishing Phishing is a criminal activity using social engineering techniques.criminalsocial engineering Phishers attempt to fraudulently acquire.
Understanding Computer Viruses: What They Can Do, Why People Write Them and How to Defend Against Them Computer Hardware and Software Maintenance.
What is risk online operation:  massive movement of operation to the internet has attracted hackers who try to interrupt such operation daily.  To unauthorized.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Topic 5: Basic Security.
Security Risks Viruses, worms, Trojans Hacking Spyware, phishing Keylogging Online fraud Identity theft DOS (Denial of Service attacks.
INTRODUCTION & QUESTIONS.
Vocabulary Cassandra Peoples. Pharming the practice of redirecting computer users from legitimate websites to fraudulent ones for the purposes of extracting.
Any criminal action perpetrated primarily through the use of a computer.
Presented By: Jennifer Thayer, SPHR, SHRM-SCP.  Identify CyberCrime and Types  Identify Steps to Take to Prevent Identity Theft  Learn Tips and Tricks.
PCs ENVIRONMENT and PERIPHERALS Lecture 10. Computer Threats: - Computer threats: - It means anything that has the potential to cause serious harm to.
Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.
Catching Phish. If I went fishing what would I be doing? On the Internet fishing (phishing) is similar! On the internet people might want to get your.
Created by the E-PoliceSlide 122 February, 2012 Dangers of s By Michael Kuc.
An Introduction to Phishing and Viruses
Learn how to protect yourself against common attacks
IT Security  .
ISYM 540 Current Topics in Information System Management
Information Security 101 Richard Davis, Rob Laltrello.
Phishing is a form of social engineering that attempts to steal sensitive information.
Malware: Spam, Viruses, Spyware, Phishing, Pharming, Trojans, Worms, Backdoors, and Zombie Computers © 2006 Consumer Jungle.
HOW DO I KEEP MY COMPUTER SAFE?
Computer Security.
How to keep the bad guys out and your data safe
Security in mobile technologies
ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.
Presentation transcript:

© 2006 Consumer Jungle Malware: Spam, Viruses, Spyware, Phishing, Pharming, Trojans, Worms, Backdoors, and Zombie Computers

© 2006 Consumer Jungle Estimating the Threat of Malware 1-in-3 chance of suffering: –computer damage –financial loss Viruses & Spyware –$2.6 Billion to Protect yet $9 Billion to Replace

© 2006 Consumer Jungle Spam

© 2006 Consumer Jungle What is Spam? An that is: –Unsolicited –Advertising something Similar to: –Junk mail delivered in the mail –Telemarketing calls on the phone

© 2006 Consumer Jungle CAN SPAM Act of 2003 Acronym stands for: –Controlling the Assault of Non- Solicited Pornography And Marketing Allows spam as long as it contains: –an opt-out mechanism –a valid subject line and header (routing) information –the legitimate physical address of the mailer –a label if the content is for adults only Regulated by the FTC, but has made little impact to curb Spam.

© 2006 Consumer Jungle Virus

© 2006 Consumer Jungle What is a Virus? A program that can replicate itself and spreads itself by means of a transferable host. How a virus spreads: –Removable Medium –Network Connection

© 2006 Consumer Jungle Why is it Called a Virus? Similar to a biological virus that spreads itself into living cells. –Insertion of a virus is called an infection –Infected file is called a host.

© 2006 Consumer Jungle Virus Tricks: What to Look For

© 2006 Consumer Jungle The Infected Document Subject line includes the name of the sender –Probably someone you know Message tempts you to open attachment Attachment is a legitimate Word file that is infected with a macro

© 2006 Consumer Jungle The Misleading File Name Look at the attachment's name "LOVE-LETTER-FOR-YOU.TXT.vbs –Looks like a harmless text (TXT) file, but it is a vbs file with a windows script –The suffix (.vbs) might be completely hidden – appearing to be a type of file you’d willingly open i.e. JPEG, MP3,or PDF.

© 2006 Consumer Jungle The Offer You Can’t Refuse Gives a compelling message – get rid of a computer virus Doesn’t disguise that the attachment is a program The program is a worm that sends itself to addresses it finds on your computer

© 2006 Consumer Jungle The Fake Web Link Subject and message suggest that opening attachment will take you to a web page containing party photos. Attachments name resembles a web address –Actually a program that sends itself to people in your address book Designed to tie up your ; can also be designed to destroy data

© 2006 Consumer Jungle Spyware

© 2006 Consumer Jungle What is Spyware? Malicious software that –Subverts the computer’s operation for the benefit of a third party Designed to exploit infected computers for commercial gain via: –Unsolicited pop-up advertisements –Theft of personal information –Monitoring of web-browsing for marketing purposes –Re-routing of http requests to advertising sites

© 2006 Consumer Jungle Example of Spyware According to an October 2004 study by America Online and the National Cyber-Security Alliance: –80% of surveyed users had some form of spyware on their computer.

© 2006 Consumer Jungle Phishing

© 2006 Consumer Jungle What is Phishing? An attempt to fraudulently acquire confidential information, such as: –passwords –credit card details By masquerading as a trustworthy: –Business –Financial Institution –Government Agency –Internet Service Provider –Online Payment Service –Person In an apparently official electronic communication, such as: –an –an instant message.

© 2006 Consumer Jungle Why is it called Phishing? Hackers coined the phrase –“Fish” for accounts –Ph is a common hacker replacement for the letter “f”.

© 2006 Consumer Jungle How does Phishing Work? contains a link to a “look alike” website. Website asks the consumer to : –Confirm –Re-enter –Validate (or) –Verify Their personal info, i.e. –Social Security Number –Bank Account Number –Credit Card Number –Password

© 2006 Consumer Jungle PayPal Phishing Look for spelling mistakes: –Choise –Temporaly Presence of an IP address in the link visible under the yellow box ("Click here to verify your account")

© 2006 Consumer Jungle Phishing for eBay Customers Phishing s from eBay’s online payment company PayPal is very popular. However, eBay no longer sends out s. –They created an online e- mail account for customers to receive s after they’ve logged into the secure website.

© 2006 Consumer Jungle Advanced Phishing Techniques Instead of sending an e- mails persuading consumers to visit websites, the deploys a key-logging Trojan. As soon as the user visits their bank’s website all the typed keys are logged and sent back to the hacker with the account number, passwords, and other critical data.

© 2006 Consumer Jungle How to Avoid Phishing Be skeptical Ignore the “dire consequences” warning. Don’t reply Don’t click on the link –Contact the company directly via a: Legitimate telephone number Website Look at the “address bar” –Often a different domain name

© 2006 Consumer Jungle More Tips on Avoiding Phishing Don’t personal or financial information. Open a new browser and look for secure indicators: –Secure lock –https: (s stands for secure)

© 2006 Consumer Jungle What to do with Phishing s Forward to and cc the group that the impersonates. Mark as “Junk Mail” in your Spam Software Delete immediately File a complaint with the Federal Trade Commission (FTC) – –1-877-FTC-HELP ( )

© 2006 Consumer Jungle Pharming

© 2006 Consumer Jungle What is Pharming? Exploitation of a vulnerability in the hosts’ file or DNS server software that allows a hacker to: –Acquire the domain name for a site –Redirect that website’s traffic to another website For gaining access to usernames, passwords, etc.

© 2006 Consumer Jungle Pharming Techniques The criminal uses a virus or Trojan to modify a user’s ‘Hosts’ file. –OR The criminal sends out a spam for and the message links to an illegitimate site. –AND When the user opens the browser and enters the website address, they get sent to the phishing site instead.

© 2006 Consumer Jungle Trojans

© 2006 Consumer Jungle What is a Trojan? A malicious program that is disguised as a legitimate program. Usually has a useful function that camouflages undesired functions. Can not replicate or spread itself.

© 2006 Consumer Jungle Why is it Called a Trojan? Derived from myth. –Greeks left large wooden horse outside the city of Troy. –Trojans thought it was a gift and moved the horse inside the city wall. –The horse was hollow and filled with Greek soldiers. –Greek soldiers opened the city gates at night for the remaining army to attack. Application: Greeks gained malicious access to the city of Troy just like a Trojan program gains malicious access to your computer.

© 2006 Consumer Jungle Example of a Trojan Program posted on a website: –Called FREEMP3.EXE –Promise “free mp3 files” Instead, when run: –Erases all the files on your computer –Displays a taunting message

© 2006 Consumer Jungle What Can a Trojan Do? Erase or overwrite data on a computer Corrupt files in a subtle way Spread other malware, such as viruses. In this case the Trojan horse is called a 'dropper'. Set up networks of zombie computers in order to launch “Denial of Service” attacks or send out spam. Spy on the user of a computer and covertly reports data like browsing habits to other people. Log keystrokes to steal information such as passwords and credit card numbers. Phish for bank or other account details. Install a backdoor on a computer system.

© 2006 Consumer Jungle Where Do Trojans Come From? Infected Programs Websites Direct Connection to the Internet

© 2006 Consumer Jungle Worms

© 2006 Consumer Jungle What is a Worm? Computer program –self-replicating –self-contained Designed to exploit the file transmission capabilities on your computer

© 2006 Consumer Jungle Why is it Called a Worm? Word taken from a 1970’s science fiction novel: –The Shockwave Rider By John Brunner Researchers found that their self- replicating program was similar to the worm program described in the book.

© 2006 Consumer Jungle What Can a Worm Do? Delete files on a host system Send documents via Create excessive network traffic Install a backdoor

© 2006 Consumer Jungle What is a Backdoor? Method of remaining hidden on a computer while: –bypassing normal authentication –Securing remote access to a computer Can be installed by a worm

© 2006 Consumer Jungle What is a Zombie Computer? Computer attached to the internet that: –Is under remote direction of an illegitimate user Check your computer –

© 2006 Consumer Jungle Zombie Computers & Spam Used to send spam –50% to 80% of all spam worldwide is now sent by zombie computers. Allows spammers to: –Avoid detection –Have zombie computers pay for their bandwidth.

© 2006 Consumer Jungle Suspicion = Prevention Best prevention is awareness Be suspicious of everything to avoid: –Spam –Viruses –Spyware –Phishing –Pharming –Trojans –Worms –Backdoors

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.