Download presentation
Presentation is loading. Please wait.
Published byHoratio Charles Modified over 9 years ago
1
Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin
2
Structure Spam (Sebastian) Definition History Types Counteraction Damage Facts Summary Phishing (Björn) Definition History Types Counteraction Damage Facts Summary
3
FHTW-Berlin Germany Spam and Phishing Spam Björn Bittins Sebastian Kühnau
4
FHTW-Berlin Germany Spam and Phishing Definition of SPAM massmail, not personal addressed, unwanted (commercial) content „recipient's personal identity and context are irrelevant because the message is equally applicable to many other potential recipients“ www.spamhaus.org Björn Bittins Sebastian Kühnau
5
FHTW-Berlin Germany Spam and Phishing History spam: trademark for canned meat (spiced ham) word first used in a Monty Python sketch first spam mail in 1978: Digital Equipment Corp. sent commercial to 400 users of ARPANET Björn Bittins Sebastian Kühnau
6
FHTW-Berlin Germany Spam and Phishing Types UBE (unsolicited bulk email) UCE (unsolicited commercial email) collateral spam forum-spam index spamming, wiki spam, spam over mobile phone (Spom) phishing mails own type of spam for every type of communication channel Björn Bittins Sebastian Kühnau
7
FHTW-Berlin Germany Spam and Phishing Counteraction on user site: using disposable mail adresses post no mail adresses on public boards trash-mail.com on blog/wiki operator site using „captchas“ for posting messages on mail server operator site black-/white-/greylisting using a secure configuration (no open relay) Björn Bittins Sebastian Kühnau
8
FHTW-Berlin Germany Spam and Phishing General counteraction changes in protocols (SMTP) legal basic conditions (laws) use of spam filters (bayes filter) Björn Bittins Sebastian Kühnau
9
FHTW-Berlin Germany Spam and Phishing Damage Björn Bittins Sebastian Kühnau financial loss (for provider/receiver) loss of time / productivity slowdown of mail traffic / breakdown of server spam filters are needed
10
FHTW-Berlin Germany Spam and Phishing Facts / Statistics Spam Statistics – (2003) Email considered Spam40% of all email Daily Spam emails sent12,4 billion Annual Spam recieved per person2.200 Spam cost to all non corp users$255 million Spam cost to all U.S. Corporations in 2002$8,9 billion States with Anti-Spam Laws26 Email address changes due to spam16% Estimated Spam increase by 200763% Annual Spam in 1.000 employee company2.1 million Users who reply to Spam email28% Users who purchased from Spam email8% Corporate email that is considered Spam15-20% Wasted corporate time per Spam email4-5 secounds 10 worst Spam origin Countries – (2003) RankCountryNumber of current known spam issues 1United States1993 2China448 3Russia258 4United Kingdom213 5South Korea185 6Germany177 7Japan171 8Canada149 9France145 10Italy134 www.spam-filter-review.toptenreviews.com/spam-statistics.htmlwww.spamhaus.org/statistics/countries.lasso Björn Bittins Sebastian Kühnau
11
FHTW-Berlin Germany Spam and Phishing more Facts / Statistics Björn Bittins Sebastian Kühnau www.computerbase.de - 2006
12
FHTW-Berlin Germany Spam and Phishing Summary Björn Bittins - FHTW Spam / Phishing unwanted mail, without preexisting relationship almost every communication channel has it‘s own type of spam counteraction: on user/operator site causes damage in many areas
13
FHTW-Berlin Germany Spam and Phishing Björn Bittins - FHTW Spam / Phishing
14
FHTW-Berlin Germany Spam and Phishing Definition of phishing Björn Bittins - FHTW Spam / Phishing neogolism for password fishing getting confidential personal information from a user by pretending to be a serious provider (e.g. bank, eBay)
15
FHTW-Berlin Germany Spam and Phishing History of phishing Björn Bittins - FHTW Spam / Phishing 1990‘s: AOL accounts were stolen to share illegal content (warez) 2001: first known phishing attack against payment service (E-gold) since 2004: phishing is recognized as fully industrialized part of crime scene
16
FHTW-Berlin Germany Spam and Phishing Types / Functionality Björn Bittins - FHTW Spam / Phishing email phishing sending mails that look trustworthy to user “man in the middle” – attack uses trojan horses to intercept personal information
17
FHTW-Berlin Germany Spam and Phishing Types / Functionality Bjoern Bittins Sebastian Kuehnau
18
FHTW-Berlin Germany Spam and Phishing Types / Functionality Björn Bittins - FHTW Spam / Phishing email phishing sending mails that look trustworthy to user “man in the middle” – attack uses trojan horses to intercept personal information
19
FHTW-Berlin Germany Spam and Phishing Types / Functionality Bjoern Bittins Sebastian Kuehnau
20
FHTW-Berlin Germany Spam and Phishing Counteraction / Protection Björn Bittins - FHTW Spam / Phishing phishing filter compares website with a black list senses typical criteria of phishing mails avoid clicking on links from untrustworthy sources be sensible in publishing private data
21
FHTW-Berlin Germany Spam and Phishing Counteraction / Protection Bjoern Bittins Sebastian Kuehnau
22
FHTW-Berlin Germany Spam and Phishing Damage Björn Bittins - FHTW Spam / Phishing wide range of damage possible denial of access to mail account identitytheft (used to commit crime) financial loss US 04-05: 1.2 mio user suffered loss of $ 929mio UK losses by bank fraud (mostly phishing) 2004: £ 12.2mio 2005: £ 23.2mio Forrester survey (2005) “trillion dollar problem”
23
FHTW-Berlin Germany Spam and Phishing Facts / Statistics Björn Bittins - FHTW Spam / Phishing 2004: one in every 943 mails 2005: one in every 304 mails
24
FHTW-Berlin Germany Spam and Phishing Facts / Statistics 2 Björn Bittins - FHTW Spam / Phishing origin of phishing attacks
25
FHTW-Berlin Germany Spam and Phishing Summary Björn Bittins - FHTW Spam / Phishing getting confidential personal information email phishing / “man in the middle” – attacks amount of phishing attacks grows phishing filter / user awareness wide range of damage
26
FHTW-Berlin Germany Spam and Phishing The End Questions? Björn Bittins - FHTW Spam / Phishing
27
FHTW-Berlin Germany Spam and Phishing Sources http://www.forrester.com http://www.forrester.com http://www.bsi.de http://www.bsi.de http://www.spamhaus.org http://www.spamhaus.org http://www.spampolitik.de http://www.spampolitik.de http://en.wikipedia.org http://en.wikipedia.org Björn Bittins - FHTW Spam / Phishing
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.