Upload File

phishing and pharming - evil twins

Download phishing and pharming - evil twins

If you can't read please download the document

Upload: nilantha-piyasiri

Post on 13-Apr-2017

301 views

Category:

Internet


2 download

Report

TRANSCRIPT

GENERAL SIR JOHN KOTELAWALA DEFENCE UNIVERSITYSUBJECT: INFORMATION SECURITY (MEG 4137)Prepared by : KDU/MEG/03/09 - W.M. Nilantha PiyasiriMBA IN E-GOVERNANCE - Programme IIISubmission Date : 03 April 2016

PhishingAndpharming

The Evil Twins

Identity theft

Is it really happening?

Thanks to advances in technology, the types of transactions we can now complete online are virtually endless.

We use User Names, Passwords, Credit Cards, Debit Cards, PINs, birthdates,mothers maiden name, etc.

Stealing above identities is called

Identity theft

Identity theft is a federal crime. It happens when one persons identification (which can include name, social security number, bank account number, or any other account number) is used or transferred by another person for unlawful activities.

Phishing and Pharming are two of the most organized crimes of the 21st centurey and these are at the forefront of Internet piracy and idetity theft.

The Deadly Duo

The information that steal from these act are used by fraudsters to their evil needs, such as trasfer money from accounts, buy murchandise, etc..

What is Phishing ?

(fishing) (n.) - The act of sending a message to a user falsely claiming to be an established legitimate enterpirse in an attempt to scam the user into surrendering private information that will be used for identity theft.

Did you get it?

Steps of a Phishing Attack

Phisher prepare for the attack.

Phisher will register a domain which may sound simillar when pronounce or look similar to a legitimate website. Domain could be made like www.boc-secure.lk to deceive people who visit www.boc.lk.

Sometimes they make website which says they offer reduce rates for their merchandise if they enter user name and password or PIN of an accounts of reputed eCommerce website, etc.

Step 1Initiation

Steps of a Phishing Attack

Phisher tries to lure victims into trap/bait by using different attack vectors.

The Common method is sending an email to the victim.

The other method is social engineering where the user will be compelled to go to website and login.

Or install a malware (keylogger, etc) when user logs into the website.

Step 2Execution

Steps of a Phishing Attack

Step 3User Action

Y

The victim falls into the trap. He/She will respond either one of the attack vectors.

Victim will enter his/her sensitive and confidential data such as credit card details, user credentials, account balance, etc; to the website without taking any precausionary measure.

Steps of a Phishing Attack

Step 4Completion

Y

The victim falls into the trap. He/She will respond either one of the attack vectors.

Victim will enter his/her sensitive and confidential data such as credit card details, user credentials, account balance, etc; to the website without taking any precausionary measure.


 · Pharming, like Other types Of phishing, aims to gather personal information from the unsuspecting victims; the difference is that pharming does not rely on email solicitation

Agenda Identity – Identity Theft Phishing/Pharming and variants Other Threats Theft Incidents What is the US doing that we should think about Conclusions

Phishing and pharming: a guide to understanding and ... · What are phishing and pharming?.....4 How serious is the threat from phishing and pharming ... Case study: A large

PROTECTION AGAINST PHARMING AND PHISHING ATTACKS

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie

CYBER.CRIME()...phone phishing tabnabbing evil twins History of phishing. originated sometime around the year 1995 1996- the first time that the term phishing was used(on a Usenet

Jen „technická“ochrana nestačí - DCIT · Jen „technická“ochrana nestačí Ing. Jindřich Hlaváč, CISA [email protected] ... Phishing, pharming –obrana ... – Email (jen

protection against pharming and phishing attacks - APWG · PDF filePROTECTION AGAINST PHARMING AND PHISHING ATTACKS ... networks such as Facebook are increasing for which ... A code

FRAUDE EN INTERNET: DEL PHISHING AL PHARMING · 2014-03-06 · Hoy en día el phishing sigue evolucionando y está cada vez más presente en los mensajes que recibimos y también

PROTECTION AGAINST PHARMING AND PHISHING ATTACKS …docs.apwg.org/sponsors_technical_papers/easysol_wp_phishing_p... · PROTECTION AGAINST PHARMING AND PHISHING ATTACKS The intention

International Telecommunication Union - ITU · of Internet security threats: viruses, phishing, pharming, endless permutations of scams, and advance fee fraud.11 Spam is also harming

Phishing and Countermeasures · Case Study: Pharming with Appliances 4.4.1 A Different Phishing Strategy 4.4.2 4.4.3 4.4.4 Countermeasures 4.5.1 Technical Description 4.5.2 Detection

Phishing & Pharming. 2 Oct. 2004 to July 2005 APWG

Phishing, Pharming, and the latest potholes on the Information Highway

Protección ante los nuevos códigos maliciosos y otras …socinfo.info/seminarios/defensa/trendmicro.pdf · • El Spam un problema que no para de crecer, ... • Pharming • Phishing

PHISHING, PHARMING, KEYLOGGERS,.. SU REPERCUSIÓN EN … · 2015-11-05 · PHISHING, PHARMING, KEYLOGGERS,.. SU REPERCUSIÓN EN LA BANCA ONLINE José Manuel COLODRÁS Responsable

Institute of Southern Punjab, Multan - WordPress.com · 2016-04-11 · Dumpster Diving Google, Newsgroups, Web sites Social Engineering Phishing: fake email Pharming: fake web pages

CBRS Threat Model Technical Report - winnf.memberclicks.net · CBRS Threat Model Technical Report ... credentials of valid consumers of SAS (via DNS pharming, phishing, spear-phishing,

© 2006 Consumer Jungle Malware: Spam, Viruses, Spyware, Phishing, Pharming, Trojans, Worms, Backdoors, and Zombie Computers

PROTECTION AGAINST PHARMING AND PHISHING ATTACKS · PROTECTION AGAINST PHARMING AND PHISHING ATTACKS ... The ˜rst point is necessary because it is the essence of the ... phishing_and_pharming_the_evil_twins_1731

Pharming > 50% of all PCs compromised Application Attacks BotArmies/DDOS 2 Organized Cyber-crime Ecosystem Hacktivism Cyber Terrorism Phishing Identity

Phishing - University of Arizonacollberg/Teaching/466-566/2012/Reso… · 4 Pharming 5 Malware 6 Phishing through PDF 7 References. Malware Malware: a piece of software developed

FRAUDE EN INTERNET: DEL PHISHING AL PHARMING

Estafas informáticas a través de Internet: acerca de la … · “phishing” y el “pharming ... que contra una multiplicidad de intereses de naturaleza individual o colectiva,

Comité Interamericano contra el Terrorismo CICTE - … · (conocidos como Phishing y Pharming), redes Fast ‐Flux ... Capacidades Contra el Crimen del gobierno canadiense (ACCBP)

At School & On-Line: Helping Students Avoid Security ......Phishing, Pharming & Email Scams • "Phishing” - elicits secure information through an e-mail message that appears to

Phishing, Pharming und Identitätsdiebstahl – von Postbank ... · Phishing, Pharming und Identitätsdiebstahl – von Postbank bis Paypal Seminararbeit zu Thema Nr. 2 des Seminars

ANEXO III TEMA 33 GLOSARIO DE TERMINOS DE DELITOS ...campusdeseguridad.com/archivos_pdf/20190928_tema... · Lo que diferencia principalmente el phishing del pharming es que este último

Présentation - Phishing & Pharming

Llevamos el banco a donde lo necesites.scotiabankfiles.azureedge.net/.../CONTRATO-SCOTIAWEB-AVANZADO… · El Phishing y el Pharming son mecanismos que simulan situaciones reales

SDN 3.0 Protegiendo la Red Humana - cisco.com · Protege contra las ultimas amenazas ... Pharming Phishing especial – ingeniería social ... Defensa contra el malware multi-capa

XSS Easy Exploitation Kernel - ZenK-Security d... · •Social engineering, phishing ... –Cas particulier : Drive by pharming •Keylogging •Scan de port sur réseau local ou

PROTECTION AGAINST PHARMING AND PHISHING ATTACKS · Phishing attacks have been increasing over the last years. According to a study conducted by the ... Browsing detects this type

Molecular pharming

Phishing & Pharming