Presentation is loading. Please wait.

Presentation is loading. Please wait.

Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power.

Published byEmily Gallagher Modified over 9 years ago

Similar presentations

Presentation on theme: "Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power."— Presentation transcript:

1 Phishing Problem Kristián Kučerák Milan Just

2 Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power of information exchange and commerce at our fingertips. Networks and systems are continuously evolving to become more robust, thereby maximizing our convenience and productivity – 24 hours a day, seven days a week. Over the last few years, online banking, including online bill paying, has become very popular as more financial institutions begin to offer free online services.With the increase in online fraud and identity theft, financial crimes have changed from direct attacks to indirect attacks—in other words, rather than robbing a bank at gunpoint, the criminals target the bank's customers. This type of indirect attack significantly impacts the financial institutions themselves because their inability to adequately protect their customer assets tarnishes their reputations and overall trust.

3 Spam Classification Spam organization 1. Bulk-mailing tool identification. Identification of unique mailing attributes found in the e-mail header. 2. Feature subsets Items such as hash busters, (format and location), content attributes (spelling errors, grammar), and unique feature subsets from the bulk-mailing tool. 3. Sending methods Classification techniques 1. Unsolicited commercial e-mail (UCE) 2. Nonresponsive commercial e-mail (NCE) 3. List makers 4. Scams (Phishing)

4 Cyber Crime Evolution

5 What is Phishing ? Gather private information (credit card information, bank account passwords First Phishing reported against financial institution in July 2003 It introduced a new class of attack vektor – overlooked human element

6 Phishing Statistics Phishers are refining their e-mail techniques Phishers of 2005 build their own PHP bulk- mailing Phishers are becoming more technically savvy Phishers are taking advantage of Cross-Site Scripting (XSS) vulnerabilities Phishers are refining their key-logging malware

7 Go Phish! Most popular phishing methods : Impersonating Attack Forwarding Attack Pop-up Attack

8 Impersonating Attack

9 Forwarding Attack

10 Popup Attack

11 Harvesting e-mail Addresses 86 percent of the e-mail addresses posted to Web pages receive spam (@ sign) the majority of spammers and phishers use bots or crawlers (www.bestextractor.com)www.bestextractor.com Extract Link, Whois Extractor, List Monitor, Email Verifier

12 Sending Spam/Phish Two competing popular bulk mailers: Send-Safe ( “real anonymous mailer”, was authored by Ruslan Ibragimov – author of Sobig Virus ) Dark-Mailer ( easy of use, forging headers, sending roughly 500,000 e- mails per hour, supports HTTP and SOCKS proxies )

13 Conclusion Significant and growing problem A lot of antiphishing vendors – be careful “secure by marketing” – campaing just to get sales Good idea product evaluated by a professional security team

14 Thank you for your attention Any questions ???

Download ppt "Phishing Problem Kristián Kučerák Milan Just. Abstract In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk email o Over 70% of email traffic  Bugs ---

Chapter 1 We’ve Got Problems…. Four Horsemen  … of the electronic apocalypse  Spam --- unsolicited bulk o Over 70% of traffic  Bugs ---
Victoria ISD Common Sense Media Grade 6: Scams and schemes

Victoria ISD Common Sense Media Grade 6: Scams and schemes
What is Identity Theft, and how can you protect yourself from it?

What is Identity Theft, and how can you protect yourself from it?
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
1 Identity Theft and Phishing: What You Need to Know.

1 Identity Theft and Phishing: What You Need to Know.
Breaking Trust On The Internet

Breaking Trust On The Internet
What is identity theft, and how can you protect yourself from it?

What is identity theft, and how can you protect yourself from it?
Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing emails are designed.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.
Social media threats. Warning! May contain mild peril.

Social media threats. Warning! May contain mild peril.
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.

1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Electronic Payment By: El Panda. What is an electronic payment? Electronic money (also known as e-currency, e-money, electronic cash, electronic currency,

Electronic Payment By: El Panda. What is an electronic payment? Electronic money (also known as e-currency, e-money, electronic cash, electronic currency,
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
CERN - IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Update on the underground economy and making profit on the black market Wojciech Lapka.

CERN - IT Department CH-1211 Genève 23 Switzerland t Update on the underground economy and making profit on the black market Wojciech Lapka.

Similar presentations

Ads by Google