Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using Social Networks to Harvest Addresses Reporter: Chia-Yi Lin Advisor: Chun-Ying Huang Mail: 9/14/2015 1.

Published byCory Harvey Modified over 9 years ago

Similar presentations

Presentation on theme: "Using Social Networks to Harvest Addresses Reporter: Chia-Yi Lin Advisor: Chun-Ying Huang Mail: 9/14/2015 1."— Presentation transcript:

1 Using Social Networks to Harvest Email Addresses Reporter: Chia-Yi Lin Advisor: Chun-Ying Huang Mail: m98570015@ntou.edu.tw 9/14/2015 1

2 Reference I. Polakis, G. Kontaxis, S. Antonatos, E. Gessiou, T. Petsas, and E. P. Markatos, “Using social networks to harvest email addresses,” in WPES ’10: Proceedings of the 9th annual ACM workshop on Privacy in the electronic society 9/14/2015 2

3 Outline Introduction Social network harvest email Facebbok informaition Conclusions 9/14/2015 3

4 Introduction Social networking is one of the most popular Internet activities ▫Facebook has more than 400 million users ▫Twitter has more than 40 million users Privacy leakage is one of the biggest problems of social networking 9/14/2015 4

5 http://www.checkfacebook.com/ 9/14/2015 5

6 Social network Used for malicious purposes ▫name, nickname  https://www.facebook.com/btaylor How names extracted from social networks ▫harvest email addresses Names collected ▫Facebook and Twitter networks Query terms for the Google search engine ▫harvest almost 9 million unique email 9/14/2015 6

7 Current Methodologies Give a brief overview of the current methodologies used by spammers to harvest email addresses ▫Web crawling ▫Crawling mailing list archives sites ▫Malware ▫Malicious sites ▫Dictionary attacks 9/14/2015 7

8 Two approaches Present two different approaches to harvesting ▫Blind harvesting ▫Targeted harvesting Social network ▫Facebbok and Twitter Google search engine ▫gather email addresses Facebook ▫personal information 9/14/2015 8

9 Find name and nickname Crawlers for extracting names ▫Facebook  fan pages ▫Twitter  crawled the accounts the user follows 9/14/2015 9

10 Google search engine Once the names have been harvested ▫8 different combinations  "term@hotmail.com", "term“, "term@msn.com", "term at “, "term@windowslive.com", "term@", "term@gmail.com", "term@yahoo.com" ▫retrieve the first 50 results ▫parse the two-line summary provided 9/14/2015 10

11 Blind Harvesting (1/2) Able to harvest, on average ▫45 emails per name for the Facebook names ▫25 emails per name for the Twitter nicknames 9/14/2015 11

12 Blind Harvesting (2/2) Dictionary :http://wordnet.princeton.edu/ Surnames: http://www.census.gov/genealogy/www/data/ 9/14/2015 12

13 Targeted harvesting (1/3) Traditional phishing contain generic terms ▫“Dear user”, ”Dear customer”, ”Hello subscriber” Personalized phishing ▫Email look like they originate from a friend 9/14/2015 13

14 Targeted harvesting (2/3) Use the harvested email addresses in the Facebook search utility ▫gain profile The first technique ▫Uses information from the Facebook network  Successfully link 11.5% of the harvested names with their actual email address The second technique ▫Uses information from the Twitter network  43.4% of the profiles returned 9/14/2015 14

15 Targeted harvesting (3/3) The third technique ▫collected from other social networks ▫harvest profiles from Google Buzz  40.5% valid Gmail addresses 9/14/2015 15

16 Fetch name Method ▫facebook app ▫friend 9/14/2015 16

17 Permissions Read Permissions Write Permissions Page Permissions 9/14/2015 17

18 Basic profile 9/14/2015 18

19 9/14/2015 19

20 Facebook profile 9/14/2015 20

21 Content categorization 9/14/2015 21

22 Conclusions We present how information, that is publicly available in social networking sites ▫for harvesting email addresses ▫deploying personalized phishing campaigns We present two different approaches to harvesting email ▫greatly enhance the efficiency of a spam campaign 9/14/2015 22

23 Thanks for Your Attention Q & A 9/14/2015 23

Download ppt "Using Social Networks to Harvest Addresses Reporter: Chia-Yi Lin Advisor: Chun-Ying Huang Mail: 9/14/2015 1."

Similar presentations

Surrey Libraries Computer Learning Centres January 2012 Internet Searching Teaching Script Totally New to Computers Internet Searching.

Surrey Libraries Computer Learning Centres January 2012 Internet Searching Teaching Script Totally New to Computers Internet Searching.
Privacy: Facebook, Twitter

Privacy: Facebook, Twitter
NHnetWORKS December 14, 2009.  Facebook is a global Social Networking website that is operated and privately owned by Facebook, Inc.  Users can add.

NHnetWORKS December 14,  Facebook is a global Social Networking website that is operated and privately owned by Facebook, Inc.  Users can add.
Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.

Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.
All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks Reporter : 鄭志欣 Advisor: Hsing-Kuo Pao Date : 2010/12/06 1.

All Your Contacts Are Belong to Us: Automated Identity Theft Attacks on Social Networks Reporter : 鄭志欣 Advisor: Hsing-Kuo Pao Date : 2010/12/06 1.
Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing emails are designed.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.
Marketing Communications Services www.writeforyoumarketing.com Hayward, WI.

Marketing Communications Services Hayward, WI.
Design and Evaluation of a Real- Time URL Spam Filtering Service Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, Dawn Song University of California,

Design and Evaluation of a Real- Time URL Spam Filtering Service Kurt Thomas, Chris Grier, Justin Ma, Vern Paxson, Dawn Song University of California,
Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.

Ahmad Radaideh.  Abstract  Introduction  Google Cached Content  GOOGLE HACKING Procedures  Google Advance Operators  Google hacking Result Categories.
Facebookin’ for Bucks A Beginner’s Guide Sarah Spencer.

Facebookin’ for Bucks A Beginner’s Guide Sarah Spencer.
What’s the Difference? Groups or Pages?. What are Groups and Pages? Facebook Groups are pages that you create within the Facebook.

What’s the Difference? Groups or Pages?. What are Groups and Pages? Facebook Groups are pages that you create within the Facebook.
Inbound Statistics Slides Attract. 1 Blogging There are 31% more bloggers today than there were three years ago 46% of people read blogs more than once.

Inbound Statistics Slides Attract. 1 Blogging There are 31% more bloggers today than there were three years ago 46% of people read blogs more than once.
E-mail Privacy By Mohammed Al-Ghamdi. Outline Introduction E-mail Privacy How to Provide Privacy E-mail Ethics Summary.

Privacy By Mohammed Al-Ghamdi. Outline Introduction Privacy How to Provide Privacy Ethics Summary.
 Search engines are programs that search documents for specified keywords and returns a list of the documents where the keywords were found.  A search.

 Search engines are programs that search documents for specified keywords and returns a list of the documents where the keywords were found.  A search.
What does the course cover:  The course is a practical guide to use digital marketing to effectively reach out to internet audience while building your.

What does the course cover:  The course is a practical guide to use digital marketing to effectively reach out to internet audience while building your.
The Privacy Tug of War: Advertisers vs. Consumers Presented by Group F.

The Privacy Tug of War: Advertisers vs. Consumers Presented by Group F.
MAKING THE INTERNET WORK FOR A HEALTHCARE FACILITY Creating functional websites with optimal Customer Service.

MAKING THE INTERNET WORK FOR A HEALTHCARE FACILITY Creating functional websites with optimal Customer Service.
Social Networking – The Ways and Means Rosey Broderick May 2011.

Social Networking – The Ways and Means Rosey Broderick May 2011.
Social networking FACEBOOK AND TWITTER. Then In the beginning of Facebook, there were very few features. There were no status updates, messages, photo.

Social networking FACEBOOK AND TWITTER. Then In the beginning of Facebook, there were very few features. There were no status updates, messages, photo.
1 Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling - Proceedings.

1 Measurements and Mitigation of Peer-to-Peer-based Botnets: A Case Study on Storm Worm T. Holz, M. Steiner, F. Dahl, E. Biersack, and F. Freiling - Proceedings.

Similar presentations

Ads by Google