Internet Hoaxes Charles Hornat April 29, 2003.

Slides:



Advertisements
Similar presentations
What Are Scams? Scams are designed to trick you into giving away your money or your personal details. Scams come to you in many forms – by mail, ,
Advertisements

Fraud Protection. Agenda Start time: ____ Break time: ____ (10 minutes) End time: ____ Please set phones to silent ring and answer outside of the room.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
Modules 9.1.  When someone knowingly deceives you for their own personal gain.  They convince you that something is true when it isn’t.  They make.
Fraud and Identity Theft Test Review. Who should you contact if you are a victim of identity theft?
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
Cyber check Do you work safely and responsibly online? Do you know about the risks to your cyber security? What are your online responsibilities ? How.
Computer Technology Day 18
Netiquette Guidelines
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
URBAN LEGENDS. DEFINE URBAN LEGENDS -A myth that has been passed on from past generations.
Viruses, Worms, Spyware, and Other Perils of an On- Line World Computer Services Tech Talk September 23, 2003.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
INTERNET THREATS AND HOW TO PROTECT YOUR COMPUTER -BRIAN ARENDT.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Kimberly Siebott Lynn Yip. Definition  A crime in which the perpetrator develops a scheme using one or more elements of the Internet to deprive a person.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Threats to I.T Internet security By Cameron Mundy.
Contents  Viruses Viruses  Computer Worms Computer Worms  Trojans Trojans  Spyware Spyware  Adware Adware  Spam Spam  Hoaxes and Scams Hoaxes and.
Component 4: Introduction to Information and Computer Science Unit 8: Security Lecture 1 This material was developed by Oregon Health & Science University,
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
SAFETY What to be aware of and how to avoid problems. **This is not meant to make you fearful of . The goal of this discussion is to make sure.
Staying Safe in Cyberspace Jessica Kohler ITC 525 Jessica Kohler ITC 525.
The Internet Netiquette and Dangers. Outline Netiquette Dangers of the Internet.
Lesson 2- Protecting Yourself Online. Determine the strength of passwords Evaluate online threats Protect against malware/hacking Protect against identity.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
 a crime committed on a computer network, esp. the Internet.
Made by Kristóf Somorjai.  The Internet is a global computer network that connects billions of users by using Internet protocol. Briefly about the Internet.
Deception and Fraud Section 3.3. Deception vs. Fraud Deception Deception Exaggeration Exaggeration Legal Legal Misleading Misleading Fraud Fraud Deliberate.
Cyber Security Anchorage School District – 7 th grade Internet Safety.
IT internet security. The Internet The Internet - a physical collection of many networks worldwide which is referred to in two ways: The internet (lowercase.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Etiquette in the Workplace
Malware and Phishing By: Sydney Langley. MALWARE- includes viruses and spyware to steal your personal information PHISHING- is an internet scam sending.
Scams and Hoaxes By: Group 2 Krista Brumbaugh, Justin Gfeller, Taylor Dunham, Cody Flowers, and Danielle Yadon By: Group 2 Krista Brumbaugh, Justin Gfeller,
Company LOGO Internet Safety By: Melissa Pinnell.
SCAMS CIS MONITORY GAIN Help me move my money from my country – Government must set tone Free Credit Report – Can you tell the difference.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
BASIC ETIQUETTE Use the BCC and CC appropriately. 3.
Guide to web safety for Key Stage 1. Being safe on the internet is really important. If you follow these rules at all times you can still have lots of.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Threats to IT security Jordan pilcher. phishing Phishing is when companies or people from other people who think they can get away with scamming you for.
By: Austin Kellogg. What’s the difference Phishing Scam where frauds send pop-up messages to lure personal information.
11Digital Evidence as Alibi Dr. John P. Abraham Professor UTPA.
Imagine receiving a real live from Walt Disney, Jr. himself? Hard to believe but enough people actually did to make this Disney hoax a real problem.
5 different ways to get tricked on the internet. 1. Viruses A virus is a computer malware program that copies it’s files to the computer. This may allow.
S CAMS AND S CHEMES. I DENTIFY T HEFT Someone unlawfully obtains and uses a person’s personal data to commit fraud or deception for financial gain Opens.
Digital Media Safety Issues Physical Safety Issues Safety issues pertinent to digital media professionals fall under two categories: Physical.
Any criminal action perpetrated primarily through the use of a computer.
FLTCYBERCOM / C10F    U.S. FLEET CYBER COMMAND / U.S. TENTH FLEET    1 Overall Classification of this Briefing is UNCLASSIFIED//FOUO Phishing.
Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.
An Introduction to Phishing and Viruses
Scams & Schemes Common Sense Media.
Learn how to protect yourself against common attacks
Unit 4 IT Security.
Social Engineering Charniece Craven COSC 316.
Lesson 3 Safe Computing.
Information Security and Privacy Pertaining to Phishing and Internet Scams Brian Corl COSC 316 Information Security and Privacy.
Name Job Title Library Name
What to be aware of and how to avoid problems.
Protect Your Computer Against Harmful Attacks!
Lesson 2- Protecting Yourself Online
Lesson 2- Protecting Yourself Online
Memos, Business Letters, s, and Presentations.
Privacy, Security, and Ethics
Presentation transcript:

Internet Hoaxes Charles Hornat April 29, 2003

Agenda Defining a Hoax Types of Hoaxes PayPal Example Microsoft Example How to Identify Hoaxes Resources In this quick presentation, we will examine Internet Hoaxes and how to identify them. Two examples that recently were received will also be dissected so that you can see the steps taken to determine their validity (or lack thereof). Copyright 2003 www.infosecwriters.com

What is an Internet Hoax An Internet Hoax is an email sent to you that contains false information and intends to deceive you into doing something. An Internet Hoax is basically an email meant to deceive or threaten the user into performing a specific action. That action could be to forward an email to multiple people, disclose personal or confidential information, or trick the reader into installing or deleting applications on their computer. Copyright 2003 www.infosecwriters.com

Types of Hoaxes Ex.: AOL and specific files in the OS Malware Alerts – Viruses, Worms and Trojans Ex.: AOL and specific files in the OS Urban Myths – Stories Ex.: Columbia Explosion and WTC Give Aways – Gifts to those who comply Ex.: Outback Steak and Applebees Inconsequential warnings – Ill speaking of companies Ex.: Pepsi and Dr. Pepper Sympathy Letters and cries to help someone Chain Letters – Tag with emails Threat Letters – Threatens you to take action Scam Letters – Convince the reader to disclose credit card or personal info. Ex.: PayPal, IRS and AOL Hoaxes can be categorized into a lot of different categories. Some of the more popular ones are outlined above. There is one additional hoax I have seen several times and each time has been a bad experience. A coworker got an email recently explaining of a new virus that is causing havoc on the Internet. It instructs the user to search their computer for a file, and delete it if found. Of course the un-suspecting user opens up Internet Explorer and searches for the file. And of course the file is found. And of course they delete the file. Later on that day the computer does not operate correctly, and is constantly crashing or is too slow. Copyright 2003 www.infosecwriters.com

PayPal Example Copyright 2003 www.infosecwriters.com This is an example of a scam letter email. It is meant to convince the reader that PayPal is looking out for my best interest. The only problem is I don’t have, nor I ever used PayPal. Notice the header and their logo. Looks very official. Copyright 2003 www.infosecwriters.com

Microsoft Example Copyright 2003 www.infosecwriters.com This is a real example that found its way into my personal email account. Notice the sender and the layout. Even the copyright at the bottom is included. This is also an example of a scam hoax. The part that should tip you off on this is that Microsoft will never ever email hotfixes or patches. They will give you basic information and a link to a page that has more details and includes a link to download. Copyright 2003 www.infosecwriters.com

Steps on Identifying Hoaxes Does it ask you to send it to anyone? Is it from a credible source? Look at the email header Does the format include a: Hook Threat Request Most Hoax threats follow one simple pattern: Hook, Threat, and Request. The email will first try to get your attention through a clever title and and start off with drama or other interesting tidbits. Then it will deliver some sort of threat For example, everyone who has deleted this has received 11 years of bad luck or something similar. Finally it makes a request. If you send it to 100 people, then the threat will not occur to you. Second, is the email from someone who is a security professional? Even if its from your mom, does she know enough to determine this to be credible? The last two items are the most obvious. If it ask you to send it to anyone, it’s probably a hoax. Antivirus and application companies will not ask you to email anything to anyone. They will do it themselves. And look at the email headers to make sure they are from the source they appear to be from. We will cover the technical aspect of that later in this presentation. Copyright 2003 www.infosecwriters.com

Examining the PayPal Example Before ever clicking on the link, you should check the destination. To do this simply hover your pointer over the link and the URL should appear in the bottom of your browser. However, this can be deceiving as well. The best way is to right click on the link, and select properties. In this example, you will find the url: http://www.paypal.com/@211.75.58.108/pp/processing.htm. Notice the ‘@’ sign. Anything before that is irrelevant. Everything after that is the real link. One could put anything they wanted in front of that ‘@’ sign. For more information on URL manipulation, go to: http://www.noccc.org/bytes/articles/v01/648.html. Copyright 2003 www.infosecwriters.com

Examining the Microsoft Example In this particular hoax, the email gives a subtle hint to possible foul play (iamlzytaw_903216@support.msdn.com). Further research will be needed to confirm the suspicions that that ID is not real. Copyright 2003 www.infosecwriters.com

Examining the Microsoft Example The best way to tell if an email is from who it claims to be is to view the header. This can be done several different ways depending on the email application you are using. If you use Yahoo, then there is an option in the upper right corner titled “Full Headers”. When we selected that for this example, we found the “Return Path” to be: ftballguy68@cox.net. This doesn’t sound like an official Microsoft address does it? If you also look at the “Received” items, they all include a *.cox.net (nothing regarding Microsoft). Even the “Message ID” is referencing *.cox.net. Email Headers hold a great deal of information!!! Copyright 2003 www.infosecwriters.com

Additional Resources http://www.microsoft.com/technet/treeview/?url=/technet/security/topics/hoaxes.asp http://hoaxbusters.ciac.org/ http://www.vmyths.com/ http://www.symantec.com/avcenter/hoax.html Finally, you can search the Internet for further information. When you get a possible hoax, and you want to research it, simply go to google or yahoo (www.google.com or www.yahoo.com) and type in the title of the email or other relevant information and see what comes up. You can also reference the sites listed above for further information as well as additional steps on combating Internet Hoaxes. Good Luck! Copyright 2003 www.infosecwriters.com

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.