atacurile de phishing in romania si in strainatate
DESCRIPTION
TRANSCRIPT
![Page 1: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/1.jpg)
1
Atacurile de phishing in Romania si in strainatate
Vlad Valceanu Catalin Cosoi
BitDefender
![Page 2: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/2.jpg)
2
• Cine suntem noi?• Ce se mai intampla in lume?• Ce se mai intampla in Romania?• Ce putem face noi?• Intrebari si raspunsuri.
Agenda
![Page 3: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/3.jpg)
3
Cine suntem noi?
• Laboratorul AntiSpam din cadrul BitDefender
• 5 ani experienta• Interes special in phishingul romanesc• Spam, phishing, malware
![Page 4: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/4.jpg)
4
Phishing-ul in lume
• Generalitati– trecere rapida in revista a tehnicii
• Noutati– Malware cu scop de phishing– Romania - fruntasa– SUA: cati bani se pierd?– paralela Romania - International
4
![Page 5: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/5.jpg)
5
Phishing-ul in lume - malware
• Pana acum ne temeam doar de e-mailuri• De acum apar din ce in ce mai multi
troieni, keylogger-e dedicate pe furt de conturi etc.
5
![Page 6: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/6.jpg)
6
Phishing-ul in lume
• Aspect de crima organizata• Calea de la site-clona pana la cash• Valoarea unui set de credentiale: de la 50
de centi (!) pana la 100 de dolari. Se vand bulk
6
![Page 7: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/7.jpg)
7
Phishing-ul in lume
• Inca sunt preferate tintele usoare• Site-urile clona gazduite in botneti
7
![Page 8: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/8.jpg)
8
Phishing-ul in SUA
Sursa: Gartner
![Page 9: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/9.jpg)
9
Phishing-ul in SUA
• 2007: 3.2 miliarde USD pierduti • 12 ani de evolutie• baza mare de utilizatori de online
banking
9
![Page 10: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/10.jpg)
10
Romania
• Locul 5 la hosting• Know-how luat direct de la tarile cu traditie
in phishing• Kituri de generat atacuri de phishing• Pierderile din phishing in Romania vor
creste– numarul de utilizatori de online banking creste– corelatia neliniara cu numarul de victime: raul
de-abia acum incepe10
![Page 11: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/11.jpg)
11
Phishingul in Romania
• De 3 ori mai multe atacuri decat in 2007
• Evolutie tehnica considerablila… la standarde internationale– De la greseli gramaticale la text credibil si corect– HTML atasat in mail in loc de URL (ocolirea filtrelor
RBL)– Pagina este encodata (ocolirea filtrelor bazate pe
continut)
![Page 12: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/12.jpg)
12
Un alt fel de phishing…
Subject: UBA-BONAZA Imprumutului OFERTE (APLICA ACUM)
SALUT, PREZENTA este de a informa publicul larg ca managementul de UBA BANCA, (Nigeria) este dat IEFTINE accesibile Imprumutului de foarte rata scazuta AS LOR YEARLY BONANZA Imprumuturi OFERTA FARA NICI o garantie pentru aprobare, WE OFERTA credite comerciale, student Ómprumuturi, si persoane fizice.ContactatiBANCA servicii prin lor publice ACUM LA ADRESA DE EMAIL [email protected]
Informatii cerute: nume, prenume, tipul creditului dorit, sex, adresa, varsta, tara si durata creditului…
![Page 13: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/13.jpg)
13
Toolbar AntiPhishing
• Real Time Black List• WhiteList/Blacklist• Dynamic Whitelisting • Antiphishing Scripting Language• Advanced Proactive Webpage forgery detector• This is not phishing• Report as phishing• Image Filter
![Page 14: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/14.jpg)
14
Worst Case Scenario - 1
• Phishing nou, foarte nou• Utilizatorul intra pe site• Tehnologiile locale nu reusesc sa-l depisteze• RBL-ul nu intoarce nimic• Utilizatorul isi introduce datele• Utilizatorul este furat
![Page 15: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/15.jpg)
15
Worst Case Scenario - 2
• Interogarile primite, indiferent de raspuns, sunt analizate automat
• Noile phishinguri descoperite astfel sunt adaugate in RBL
• Utilizatorul 2 intra pe site
• Query-ul RBL anunta ca este phishing
• Pagina este blocata
• In cel mai rau caz, doar primul utilizator isi pierde datele
![Page 16: Atacurile de phishing in Romania si in strainatate](https://reader033.vdocuments.net/reader033/viewer/2022061120/546c38acaf79596c298b4ece/html5/thumbnails/16.jpg)
16
Ce vrem sa facem?
• Avem phishing!• Avem clienti in toata lumea…. Primim astfel si
mai mult phishing nou!• Vrem sa ne educam clientii (si nu numai) cu
privire la phishing, smishing, vishing etc.• Dorim sa stopam acest fenomen• Dorim sa dezvoltam tehnologii noi de combatare