WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.

Slides:



Advertisements
Similar presentations
Phishing Scams use spoofed s and websites as lures to prompt people to voluntarily hand over sensitive information Phishing s may contain.
Advertisements

Keeping Your Identity Your Own Amy Ginther, Project NEThics Coordinator OIT Town Meeting August 24, 2005.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Identity Theft: How to Protect Yourself. Identity Theft Identity theft defined:  the crime of obtaining the personal or financial information of another.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
Internet Safety Prevents ID Theft Business Law II Chapter 33.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
Network Security aka CyberSecurity Monitor and manage security risks at the network level for the entire Johns Hopkins Network.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
Jason Rich CIS  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.
PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Internet Phishing Not the kind of Fishing you are used to.
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
Does Domain Highlighting Help People Identify Phishing Sites? Eric Lin, Saul Greenberg Eileah Trotter, David Ma & John Aycock University of Calgary.
1 Phishing the Open Net Lure 101 Zane Brys, Nicholas Bingell,and Omar Heniene.
URL Obscuring COEN 152/252 Computer Forensics  Thomas Schwarz, S.J
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
The OWASP Foundation OWASP Chennai Phishing.
How It Applies In A Virtual World
Examining the Effectiveness and Techniques of the Anti-Phishing Technology in Leading Web Browsers and Security Toolbars. Wesley W. Owen
Web Spoofing John D. Cook Andrew Linn. Web huh? Spoof: A hoax, trick, or deception Spoof: A hoax, trick, or deception Discussed among academics in the.
P HI SH I NG !. WHAT IS PHISHING ? In computer security phishing is trying to acquire important information such as; passwords, usernames and credit card.
INE1020 Introduction to Internet Engineering Tutorial 8 All about Lab 6.
By: Mrs. McGinnis Sept,  Fradulent online shops  Sites that distruibute pirated music, videos and software  Bogus charity websites  Sites that.
KAIST Web Wallet: Preventing Phishing Attacks by Revealing User Intentions Min Wu, Robert C. Miller and Greg Little Symposium On Usable Privacy and Security.
Reliability & Desirability of Data
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation,
URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
Drive-by pharming is an interesting type of networking attack that combines multiple networking vulnerabilities and average user laziness to create an.
 We live in an information age where it's very easy to publish on the Internet. The average person can write their own blog and add to Wikipedia. Anything.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Identity Theft Since 2005, there has been a dramatic increase in the occurrence of identity theft among students online.
Soni Sarin, Gina Striffolino, Chioma Ihekweazu, Mary Rhee December 7, 2010 ENGL
CCT355H5 F Presentation: Phishing November Jennifer Li.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Phishing Internet scams. Phishing phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and.
BY : MUHAMMAD KHUZAIMI B. ISHAK 4 ADIL PUAN MAZITA INFORMATION AND COMMUNICATION OF TECHNOLOGY.
Phishing A practical case study. What is phishing? Phishing involves fraudulently acquiring sensitive information (e.g. passwords, credit card details.
How Phishing Works Prof. Vipul Chudasama.
URL Obscuring COEN 252 Computer Forensics  Thomas Schwarz, S.J
Configure the Server –Login to the Web-Based Server Manager Username “admin” Password – your password –You can change the.
Topic 5: Basic Security.
Saphe surfing! 1 SAPHE Secure Anti-Phishing Environment Presented by Uri Sternfeld.
Created by Jodie Kleymeer, July 18, Permission to view and use with credit given to author. Evaluating Web Resources Authority, Content, Objectivity,
Activity 4 Catching Phish. Fishing If I went fishing what would I be doing? On the Internet fishing (phishing) is similar!
Phishing & Pharming Methods and Safeguards Baber Aslam and Lei Wu.
Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Dr. Harold Cothern, Educause/SonicWall, Hendra Harianto Tuty, Microsoft.
Catching Phish. If I went fishing what would I be doing? On the Internet fishing (phishing) is similar! On the internet people might want to get your.
Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
Cyber security. Malicious Code Social Engineering Detect and prevent.
Fall Phishing - attempt to acquire sensitive information, like bank account information or an account password, by posing as a legitimate entity.
Agenda Spoofing Types of Spoofing o IP Spoofing o URL spoofing o Referrer spoofing o Caller ID spoofing o Address Spoofing.
Take the Quiz and find out more!
4 Criteria for evaluating digital information
IT Security  .
ISYM 540 Current Topics in Information System Management
Phishing is a form of social engineering that attempts to steal sensitive information.
Information Security Session October 24, 2005
Introduction to JavaScript
Presentation transcript:

WEB SPOOFING by Miguel and Ngan

Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed page Signs that you have been a victim Stats of Web Spoofing Conclusion Questions

What is Web Spoofing Pretending to be a legitimate site Attacker creates convincing but false copy of the site Stealing personal information such as login ID, password, credit card, bank account, and much more. aka Phishing attack False Web looks and feels like the real one Attacker controls the false web by surveillance Modifying integrity of the data from the victims

How the attack works Explain demo…

Different types of Web Spoofing DNS server spoofing attack One of the most complex types of attack Alter a domain name to point to different IP address Redirect to a different server hosting a spoofed site

Different types of Web Spoofing Content theft A copy of a site can be created from the original by saving all the publicly accessible pages, images, and scripts from a site to another server. (Miguel’s Demo) Can be done automated by using programs called “spiders”

Different types of Web Spoofing Subdomain Spoofing Normal subdomain: Tricking internet user that they are on the correct URL Make the URL long enough so that the user cannot see the entire URL And more… IP Address as URL, with HTML attached, Frameless Pop-up, and more…

How to detect a spoofed webpage URL (this is the easiest way to detect the attack!) Triple check the spelling of the URL Look for small differences such as a hyphen (-) or an underscore (e.g. suntrust.com vs. sun-trust.com) Mouse over message (careful: this can be spoofed too!) Beware of pages that use server scripting such as php these tools make it easy to obtain your information. Beware of javascripting as well. Beware of longer than average load times.

Signs that you may have been a victim If an unexpected error occurs, you may be a victim of web spoofing (sorry) (This relates to Dr. Burmester's example of the fake ATM's) If you have to click submit buttons repeatedly. (class example) If you have to enter your password repeatedly (class example) If there is any redirection to other webpages.

Stats of Web Spoofing Web spoofing is increasing at a rapid pace According to a study by Gartner Research Two million users gave such information to spoofed web sites. About $1.2 billion direct losses to U.S. Bank and credit card issuers in 2003 And about $400 million to $1 billion losses from the victims Archives of reported scams

Gartner Research - Graph

Resources Web Spoofing: Internet Con Game - Web Spoofing What is Web Spoofing - How Web Spoofing Works - Different types of spoofing - Archives of Web Spoofing - TrustBar: Protecting Web User -

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.