Download presentation
Presentation is loading. Please wait.
Published byKyla Kindred Modified over 9 years ago
1
Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 1
2
Supplied on \web site. on January 10 th, 2008 Why is Internet fraud growing? In April 2008, over 500,000 new malicious objects were unleashed No mainstream security application was capable of detecting more than 60% of these threats Mainstream PC antivirus and internet security suites are failing to detect and remove rootkit, advanced spyware and targeted attack malware in ever increasing volumes A recent banking industry report by the FDIC concluded that most online banking fraud resulted from - “malicious software surreptitiously installed on the customer’s PC” If a PC is controlled by a rootkit infection or has active malware running it must be removed before the PC can ever be considered safe To make matters worse, users are understandably reluctant to run two hour antivirus scans on their PC resulting in malware infections being active for longer Banks and eCommerce businesses have no control or intelligence about the customer’s PC security but must transact online regardless Customers are shielded from the cost of internet fraud as banks do not believe they can pass/share the losses with the customer Banks have an urgent need do implement Customer Security Management tools June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 2
3
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 3 eCommerce Site Access Control The first step to implementing Customer Security Management
4
Supplied on \web site. on January 10 th, 2008 eSAC Overview Lightweight Client A lightweight client just 600 Kbytes watches over the customer PC and then immediately before the user begins to login: – Checks the web site URL and DNS resolution for spoofed web sites or poisoned DNS – Checks the PC for active malware Rootkits, advanced spyware and targeted attack malware are all covered – Checks to ensure that critical PC security patches have been applied – Informs the user and your web site if the PC is infected or there are other security concerns – Allows the user to remove active malware immediately eSAC massively reduces the chances of your web site transacting with an infected PC June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 4
5
Supplied on \web site. on January 10 th, 2008 eSAC Overview ‘Herd Intelligence’ Model Prevx are the World leaders in Herd Intelligence and automated malware research The eSAC client feeds, and feeds off the Prevx ‘herd intelligence’ database in real time ensuring it is always up to date The database learns about 250,000 new software objects every day and uses automated malware research to identify and determine more than 15,000 new malicious software objects a day Prevx ‘herd intelligence’ detection is highly additive to the mainstream antivirus and internet security suites with particular strength in the detection of rootkits, advanced spyware and targeted attack malware Prevx has built and invested in a massively scalable architecture for ‘herd intelligence’ that can be expanded to manage more than 1,000 times the volumes of malware seen today June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 5
6
Supplied on \web site. on January 10 th, 2008 eSAC Overview Web Site Authentication Database The eSAC client records the URL, DNS Server IP Address and DNS Resolution of each web request or access to protected web sites and potential spoof sites This information is stored and correlated by the Web Site Authentication Database DNS intelligence is automatically monitored in real time allowing the system to detect and alert you and your customers to spoofed web sites or poisoned DNS and DNS servers June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 6
7
Supplied on \web site. on January 10 th, 2008 eSAC Overview Customer Security Management Information eSAC is the perfect platform for Customer Security Management providing you with a complete view of your Customers’ security landscape – Number of customers with PC infections – Number of infections removed – Number of customers without critical patches – History of customer’s PC security state for each login – Alerts for new spoof web sites and poisoned DNS entries/servers – Alerts to new target attack malware – Alerts to volume threats and which security products are most vulnerable eSAC Customer Security Management web site allows you to monitor all issues enabling you to strengthen your customer’s protection in real time June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 7
8
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 8 eSAC walk-thru Demonstration of the customer install and execution procedure for eSAC IMPORTANT NOTES: 1. This procedural example is applicable to both www.bigexamplebank.com and www.bigbucksbank.comwww.bigexamplebank.comwww.bigbucksbank.com 2. Any previous installations of Prevx CSI should be thoroughly uninstalled before running the eSAC walk-thru.
9
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 9 eSAC walk-thru Enrolment - On arrival at an eSAC enabled site the visitor has the option to enrol in the eSAC system. Enrolling is a one time process, begin here:
10
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 10 eSAC walk-thru Enrolment - The enrolment procedure clearly outlines the 3 steps required by the user to download and install the eSAC client:
11
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 11 eSAC walk-thru Enrolment – Once installation is complete, an initial eSAC scan is run in order to detect active malware and baseline the client machine, this takes about one minute, subsequent scans are much faster at about 10 to 20 seconds.
12
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 12 eSAC walk-thru Logon Procedure – A clean scan results in the user being able to logon with their personal credentials without fear of identity theft.
13
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 13 eSAC walk-thru Logon Procedure – To identify the presence of malware during the scan, the eSAC scan dialogue immediately changes to a RED status.
14
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 14 eSAC walk-thru Logon Procedure – If a malware infection is found during the eSAC scan the user is forwarded to the following webpage. There they have the option to logon with a known infection or rescan to confirm.
15
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 15 eSAC walk-thru Logon Procedure – If malware is detected on the customer PC then both the user and web site are informed. Here is the user display:
16
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 16 eSAC walk-thru Logon Procedure – Once enrolled, a user can utilise the eSAC logon protection mechanism and faster scan times.
17
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 17 eSAC walk-thru Logon Procedure – As an eSAC enrolled client the logon scan is automatically initiated.
18
Supplied on \web site. on January 10 th, 2008 eSAC walk-thru Phishing and DNS Poisoning June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 18
19
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 19 eSAC walk-thru Phishing and DNS poisoning detection – Because eSAC offers domain and DNS monitoring, hosts file and DNS based browser redirection is automatically detected when attempting to log onto a malicious site.
20
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 20 eSAC walk-thru DNS poisoning example – Bigbucksbank.com has an example Phishing site available which illustrates the obfuscation normally seen with changes to the DNS or hosts file of a client machine. To view this example simply change your local DNS configuration to : 83.100.223.120 The example phishing site is identified with the addition of “Phishing” to the site logo. Please note: Prevx eSAC will reconfigure your DNS to a “safe” IP once the example logon has been executed. For this change to take effect you must reboot your machine. To illustrate that you are still running under our rogue DNS we have redirected www.google.com to a notification page.www.google.com
21
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 21 eSAC walk-thru Phishing and DNS poisoning detection – Prior to running a malware scan on the client machine the IP address and DNS resolution for the site are checked. The example below illustrates that the client is attempting to log on via an invalid or unknown IP for the domain:
22
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 22 eSAC walk-thru Phishing and DNS poisoning detection – This further example illustrates the notification to the user when DNS poisoning is detected by the eSAC client.
23
Supplied on \web site. on January 10 th, 2008 June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 23 eSAC walk-thru Phishing and DNS poisoning detection – The final dialogue confirms the eSAC client has reset the local DNS to a safe IP and indicates that a reboot is required to finalise the change.
24
Supplied on \web site. on January 10 th, 2008 eSAC eCommerce Site Access Control the first step towards Customer Security Management For more information email us at: esac@prevx.com June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited 2007, 2008 Prepared For Web Site. 24
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.