Download presentation
Presentation is loading. Please wait.
1
© 2004 VeriSign, Inc. Secure Letterhead Phillip Hallam-Baker Principal Scientist VeriSign Inc.
2
2 We are not in Kansas any more
3
3 Their Goal
4
4 Our Goal
5
5 We do not have to find a silver bullet
6
6 20% reduction
7
7 Make your problem their problem
8
8 Phishing: The use of social engineering to steal access credentials
9
9 Approach 1 Respond to Attacks
10
10 Approach 2 Deploy Strong Credentials
11
11 Approach 2 Disrupt the Social Engineering Attack
12
12 User Education
13
13 The Real End-to-End Security Story
14
14 We must take multiple approaches
15
15 Which is Best?
16
16 All of them.
17
17 Strong Inbound Authentication + Fraud Detection + Capture Site Take Down + Strong Outbound Authentication
18
18 Secure Letterhead: How to know a message is authentic
19
19 Phishing criminals have other tactics
20
20 before the next horse…
21
21 Phishing is not the only Internet crime
22
22 How does a user identify a site today?
23
23 What was the DNS designed to do?
24
24 A location service should be permissive + Where do I find The dotFuture Manifesto on the Web? + www.thedotfuturemanifesto.com + www.the-dotfuture-manifesto.com + www.thedotfuturemanifesto.org + dotfuturemanifesto.blogspot.com
25
25 An authentication service should be restrictive
26
26 Solution: Separate the authentication channel
27
27 How do we deploy?
28
28 Solution: Leverage the SSL Certificate Market
29
29 First Generation SSL Certs: Accountability
30
30 Secure Letterhead
31
31
32
32 Who Guards the Guardians?
33
33 Accountability
34
34 The Trust Brand on the Line
35
35 What is missing?
36
36 Browser Support
37
37 LOGOTYPE Certificate Issuers
38
© 2004 VeriSign, Inc. Thank You www.verisign.com/antiphishing dotcrimemanifesto.blogspot.com
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.