Presentation is loading. Please wait.

Presentation is loading. Please wait.

What Does It Mean To You? Internet Security. 1.Use you to spread their worms and viruses. 2.Install spyware programs on your computer so they can monitor.

Published byArlene Henry Modified over 9 years ago

Similar presentations

Presentation on theme: "What Does It Mean To You? Internet Security. 1.Use you to spread their worms and viruses. 2.Install spyware programs on your computer so they can monitor."— Presentation transcript:

1 What Does It Mean To You? Internet Security

2 1.Use you to spread their worms and viruses. 2.Install spyware programs on your computer so they can monitor everything you do on the Internet. 3.Alter your browser, forcing it to visit websites you don't want to visit. 4.Get your personal information so they can steal your money and identity. Hackers want to… Goal 1 is usually about “FUN” Goals 2, 3 and 4 are usually about MONEY!

3 How You Get Hacked: Via email attachments  Trojan/viruses  Trojan/worms Via malicious websites  Spyware  Browser hijacking Via email  Phishing  Pharming

4 Greeks bearing gifts… TROJAN HORSES  Gifts you want that contain things you don’t want…  A Trojan horse is a normal application, such as a game or self- displaying photo, that contains a hidden program – often a virus - that executes when the Trojan is executed.  Trojan horses are usually email attachments

5 VIRUSES A program that attaches itself to another program so that it can reproduce without the victim’s knowledge  Much like the common cold, it wants to spread – often using the victim’s email address book as a source for new victims to whom it sends itself  Viruses generally spread via email-attached Trojans or embedded in illicitly downloaded software.

6 eMail Viruses Open the attachment, enjoy your infection.

7 Antivirus 2010, 2011 Antivirus 2010 properties: Changes browser settings Shows commercial adverts Connects itself to the Internet Stays resident in background It is distributed through online advertisements that are disguised as anti-virus scanners. If user clicks on such a banner, he or she is receives false reports about infections detected. Antivirus2010 tries to intimidate people by reporting nonexistent threats in order to get them interested in downloading this application.

8 The Internet Is Not A Virus Scanner Tried to go to a Website and got redirected and warned that you had a virus? More than likely the legitimate site you were going to was involved in DNS hijacking. DNS hijacking, also known as DNS poisoning merely manipulates the numeric resolver to a new address.

9 WORMS A specially written program that replicates itself  Unlike a virus, it does not attach itself to other programs  Worms, in general are resource hogs; some have bogged down major portions of the Internet  Worms generally spread via server vulnerabilities (e.g. buffer overflows) – not via email attached Trojans The Blaster Worm infected multiple systems in the mid 2000s causing an overflow within Windows NT 5.x based systems (XP, 2003). It had no other use than to replicate and cease productivity.

10 Conflicker Little is known about the use of conflicker other than it easily replicates to insecure machines and has multiple open ports. It is assumed the usage is as a Zombie to be used in large scale DDOS attacks.

11 Viruses vs.Worms In the final analysis, most people who are affected by a virus or worm could care less about the distinctions between them.  Most viruses and worms are launched into the Internet by attackers who have no particular target in mind  They just want to see what will happen – or they seek notoriety among their “colleagues”

12 Spyware Spyware: Any software that covertly gathers user information.  Monitors victim’s Internet activity and transmits that information via the Internet to the hacker, who sells it.  Often bundled as a hidden component of “free” programs that are downloaded from the Internet Symptoms: SLOW Web browsing  PCs are often infested with 50 -1000 spyware programs  The more you surf, the more invested you become  Real time protection is free and readily available

13 Spyware RealPlayer tracks and “phones home” your listening habits Kazaa - You are trusting infected users to share their music and files with you – enough said. Comet Systems has over 160,000 customers to whom it sells the data collected by its spyware Wild (Tangent) Games are “free” but you agree to a lot when you accept them!

14 Browser Hijacking Symptoms:  Your browser’s default start page is changed  Porn and gambling links are added to your favorites list  Porn sites pop up on your screen Goal:  To force your browser – and entice you - to visit websites whose owners pay the hacker for sending people to their sites Spyware, browser hijacking, and phishing are all about MONEY!

15 Browser Hijacking The malicious website makes changes to your computer via known vulnerabilities, for which patches exist  Sometimes, the changes are easily reversed  More often, a “cleaner” tool is needed to fix things  It’s often necessary to manually edit the Windows registry  Often, the hijacking software redoes the hacked settings every time you reboot the computer

16 Phishing Phishing: The act of sending an email that falsely claims to be from a bank or other E-commerce enterprise  The e-mail: Directs the user to visit a cloned website where they are asked to “update” personal information.  Goal: To trick the recipient into surrendering private information that will be used for identity theft.  Usernames/passwords; credit card, social security, and bank account numbers  Perpetrators: Increasingly used by organized crime syndicates, many based in central and eastern Europe. Those who have been arrested were young, American males.

17 A bad day phishin’, beats a good day workin’ 2,000,000 emails are sent 5% get to the end user – 100,000 (Anti-Phishing Working Group) 5% click on the phishing link – 5,000 (APWG) 2% enter data into the phishing site – 100 (FTC) $1,200 from each person who enters data (FTC) Potential reward: $120,000 In 2005 David Levi made over $360,000 from 160 people using an eBay Phishing scam

18 Phishing From can easily be spoofed Not a match Images from Anti-Phishing Working Group’s Phishing Archive

19 Typical Phishing Site Not https – not secure An IP address, not a resolved name Images from Anti-Phishing Working Group’s Phishing Archive

20 Typical Phishing Site Images from Anti-Phishing Working Group’s Phishing Archive

21 Fake Site Not https: No security lock Images from Anti-Phishing Working Group’s Phishing Archive

22 Real Site Images from Anti-Phishing Working Group’s Phishing Archive

23 Corporate Phishing/Spear Phishing

24 Spear-Phishing: Improved Target Selection Socially aware attacks Mine social relationships from public data Phishing email appears to arrive from someone known to the victim Use spoofed identity of trusted organization to gain trust Urge victims to update or validate their account Threaten to terminate the account if the victims not reply Use gift or bonus as a bait Security promises Context-aware attacks “Your bid on eBay has won!” “The books on your Amazon wish list are on sale!”

25 Another Example Images from Anti-Phishing Working Group’s Phishing Archive

26 But Wait!! WHOIS 210.104.211.21: Location: Korea, Republic Of Even bigger problem: I don’t have an account with US Bank! Images from Anti-Phishing Working Group’s Phishing Archive

27 Pharming

28 How To Tell If An E-mail Message is Fraudulent Here are a few phrases to look for if you think an e-mail message is a phishing scam. "Verify your account." Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through e-mail. If you receive an e-mail from anyone asking you to update your credit card information, do not respond: this is a phishing scam. "If you don't respond within 48 hours, your account will be closed." These messages convey a sense of urgency so that you'll respond immediately without thinking. Phishing e-mail might even claim that your response is required because your account might have been compromised.

29 Continued "Dear Valued Customer." Phishing e-mail messages are usually sent out in bulk and often do not contain your first or last name. "Click the link below to gain access to your account." HTML-formatted messages can contain links or forms that you can fill out just as you'd fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company's name and are usually "masked," meaning that the link you see does not take you to that address but somewhere different, usually a phony Web site.

Download ppt "What Does It Mean To You? Internet Security. 1.Use you to spread their worms and viruses. 2.Install spyware programs on your computer so they can monitor."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.

Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.

Protect your PC virus, worm, Trojan horse, phishing, spam, botnet and zombies, spoofing, social engineering, identity theft, spyware, rootkits Click.
Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,

Online Safety. Introduction The Internet is a very public place Need to be cautious Minimize your personal risk while online Exposure to: viruses, worms,
SECURITY CHECK Protecting Your System and Yourself Source:

SECURITY CHECK Protecting Your System and Yourself Source:
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.

Computer Ethics Ms. Scales. Computer Ethics Ethics  the right thing to do Acceptable Use Policy  A set of rules and guidelines that are set up to regulate.
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation,

Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation,
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Computer Viruses.

Computer Viruses.
What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.

What are Trojan horses?  A Trojan horse is full of as much trickery as the mythological Trojan horse it was named after. The Trojan horse, at first glance.
Cyber X-Force-SMS alert system for E-mail threats.

Cyber X-Force-SMS alert system for threats.
Threats To A Computer Network

Threats To A Computer Network
Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.

Don’t Lose Your Identity – Protect Yourself from Spyware Dan Frommer Sherry Minton.
Phishing – Read Behind The Lines Veljko Pejović

Phishing – Read Behind The Lines Veljko Pejović
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Similar presentations

Ads by Google