phishing
play

Phishing Junxiao Shi, Sara Saleem University of Arizona Apr 23, - PowerPoint PPT Presentation

Mar 15, 2023 •243 likes •640 views

Phishing Junxiao Shi, Sara Saleem University of Arizona Apr 23, 2012 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References What is Phishing a form of social engineering to fraudulently retrieve

  1. Phishing Junxiao Shi, Sara Saleem University of Arizona Apr 23, 2012

  2. 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References

  3. What is Phishing a form of social engineering to fraudulently retrieve legitimate users’ confidential or sensitive credentials by mimicking electronic communications from a trustworthy or public organization in an automated fashion

  4. Phisher Labor specialization of phishers: Mailers send out a large number of fraudulent emails (usually through bot-nets), which direct users to fraudulent websites Collectors set up fraudulent websites (usually hosted on compromised machines), which actively prompt users to provide confidential information Cashers use the confidential information to achieve a pay-out

  5. Information Flow phisher phisher (mailer) (casher) 1 7 $$ 6 5 2 3 Financial Institution User (victim) 4 phisher (collector) Information flow in a phishing attack

  6. 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References

  7. Email Spoofing Definition: sending an email that claims to be originating from one source, when it was actually sent from another. DiscoverCard members are more likely to believe in an email from support@discover.com than from an unrelated domain. When you believe in an email, you may take actions according to its instructions, such as: reply to the email with your credit card number click on the link labelled as “view my statement”, and enter your password when the website prompts for it open an attached PDF form, and enter confidential information into the form

  8. Email Spoofing Read the report for: Why email spoofing is so easy? How to send a spoofed email with one line of command? What are the countermeasures?

  9. 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References

  10. Web Spoofing 1 Set up a forged website 2 Attract traffic to the forged website 3 Collect confidential information entered by users

  11. Creating a forged website 1 Save the Facebook login page as an HTML file, along with images and scripts. 2 Write a PHP script that stores the submitted fields into a file or database, then redirect to the real Facebook. 3 Open the HTML file with a text editor, find the login form, and change the submission URL to that PHP script. 4 Upload these files to a PHP-enabled web server. -or- 1 Configure a “reverse proxy” using squid or Fiddler2 . 2 Write a plug-in that automatically collects information entered by users.

  12. Attracting traffic to forged website Send spoofed emails with a link to the forged website. Register a domain that is a common typo, such as facebok.com . (Facebook registered this domain before you) Register the same domain name in a different TLD. For example, register facebook.com.cn , and translate the forged website to Chinese. Use pharming.

  13. Legitimate website VS forged website https://www.phish-no-phish.com/ How to tell whether a website is legitimate or forged? content domain name usage of https certificate

  14. Browser Security Indicator: https padlock HTTPS, the combination of Hypertext Transfer Protocol and Transport Layer Security, provides encryption and identification through public key infrastructure. Modern web browsers display a padlock icon when visiting an https website. http scheme, no padlock https scheme, padlock in address bar

  15. Browser Security Indicator: https padlock If the certificate is invalid or does not match the domain name, modern browsers will show a prominent warning. if the user chooses to continue, address a warning page is shown on bar turns red detecting an untrusted certificate

  16. Browser Security Indicator: EV Extended Validation (EV) Certificates are only issued after extensive verification on the requesting entity: physical presence, domain control, legal documents. Modern browsers “turn green” to indicate higher level of trust.

  17. Browser Security Indicator: domain name highlighting Phishers tend to use misleading addresses, such as http://www.paypal.com.cgi-bin.webcr.example.com/ , to deceive users. With domain name highlighting, users can easily interpret the address and identify the current website at a glance.

  18. Simulated Browser Attack https? Yes. Padlock? Yes. Green address bar? Yes. Trusted? public terminal in Student Union Memorial Center Food Court

  19. Simulated Browser Attack but, is this a real Internet Explorer? Probably not. 1 A web page or Flash movie simulates the user interface and behavior of Internet Explorer. 2 Address bar, padlock icon, status bar are all fake. 3 Open in a chromeless window or enter full screen mode. Everything you enter goes to the phisher; web pages you see may be modified by the phisher. That’s why you shouldn’t use online banking on public computers.

  20. 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References

  21. Pharming Pharming: a type of attack intended to redirect traffic to a fake Internet host. Read the report for: DNS cache poisoning, and its countermeasures Domain hijacking, the pharming method with global effects Long term, unnoticeable pharming in local computer or a home network

  22. 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References

  23. Malware Malware: a piece of software developed either for the purpose of harming a computing device or for deriving benefits from it to the detriment of its user. In phishing, malware can be used to collect confidential information directly, and send them to phishers. Keystrokes, screenshots, clipboard contents, and program activities can be collected Malware can display a fake user interface to actively collect information. Collected information can be automatically sent to phishers by email, ftp server, or IRC channel.

  24. Keylogger REFOG Free Keylogger configuration

  25. Keylogger Sign in to Windows Live Messenger

  26. Keylogger Windows Live ID and password collected by keylogger

  27. Read from text input control Malware can read password from a text input control, even if it’s displayed as asterisks. Asterisk Password Recovery reads a password from SkyDrive login page

  28. Malware Malware can also aid other phishing techniques: for web spoofing install phisher’s CA certificate as a trusted root CA, so browser will not show the warning page when visiting a spoofed https website for pharming change the hosts file or DNS settings run ARP spoofing on local Ethernet enlist into botnets send spoofed emails serve forged websites

  29. Countermeasure: client security products Client security products are widely deployed Anti-virus products Malicious Software Removal Tool (monthly from Microsoft Update) They are not always effective It’s easy to modify malware so that it doesn’t contain any known signature There are techniques to bypass certain behavior-based detection

  30. Countermeasure from China Merchants Bank + USB token online banking client secure the text input control, so that (most) keyloggers cannot intercept keystrokes or read its content encrypt confidential information in memory and over network provide mutual authentication by client and server certificates

  31. 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References

  32. Why is this possible PDF: Most popular & trusted document description format. PDF programming language: Strong execution features which can be exploited.

  33. Illustration fake tax return form received in a spoofed email

  34. How does it work? SubmitForm action Upon invocation of a SubmitForm action, names and values of selected interactive form fields are transmitted to the specified URL / email. Recipient URL or email address is set at the time the form is created.

  35. 1 Introduction 2 Email Spoofing 3 Web Spoofing 4 Pharming 5 Malware 6 Phishing through PDF 7 References

  36. References: Books Jakobsson, M., & Myers, S. (2007). Phishing and countermeasures: Understanding the increasing problem of electronic identity theft. Hoboken, N.J: Wiley-Interscience. James, L. (2005). Phishing exposed. Rockland, MA: Syngress. ISO 32000-1:2008 Document management – Portable document format – Part 1: PDF 1.7

  37. References: Online Resources VeriSign https://www.verisign.com https://www.phish-no-phish.com Windows Live SkyDrive https://skydrive.live.com

  38. References: Software Windows 8 Developer Preview http: //msdn.microsoft.com/en-us/windows/apps/br229516 Windows Live Essentials http://windows.microsoft.com/ en-US/windows-live/essentials-home REFOG Free Keylogger http: //www.refog.com/free-keylogger/key-logger.html Asterisk Password Recovery http://www.top-password. com/asterisk-password-recovery.html China Merchants Bank personal banking client http://www.cmbchina.com/cmbpb/v36/pb.htm Adobe Reader http://get.adobe.com/reader/

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing

The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing

The Art of Phishing : What you should know Arvind Vishwakarma 05/24/2019 Agenda 1. Phishing In a Nutshell 2. Phishing Types & Techniques 3. Phishing Stats & Modern Trends 4. Case-Study 5. Stay Safe 2 Speaker ABOUT ME

478 views • 24 slides
Phishing Fishing or Phishing? Definition Phishing: an attempt to trick victims into sharing

Phishing Fishing or Phishing? Definition Phishing: an attempt to trick victims into sharing

Phishing Fishing or Phishing? Definition Phishing: an attempt to trick victims into sharing sensitive information such as passwords, usernames, and credit card details for malicious reasons. Phishing can be in the form of emails, social

530 views • 20 slides
Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the

Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the

School of Fin ine Arts Retreat IT Presentation Rick OToole Phishing Awareness What is Phishing? Phishing is the attempt to obtain personal information such as passwords and logins for malicious purposes. By appearing to be legitimate the

255 views • 13 slides
VECTOR Table of Content Bio What phishing is? Types of Phishing Anatomy of

VECTOR Table of Content Bio What phishing is? Types of Phishing Anatomy of

THE STATE OF PHISHING ATTACK VECTOR Table of Content Bio What phishing is? Types of Phishing Anatomy of Phishing Counter Measures Reports on Phishing Isaac K. Acheampong Facilities Manager BSc IT, Dip. IT, Sec+ STATE OF

711 views • 34 slides
Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing?

Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing?

Tech Briefing Email Security (Phishing) VPN File Storage Phishing Awareness What is Phishing? Phishing email messages, websites, and phone calls are designed to steal money or sensitive information. Cybercriminals can do this by installing

264 views • 24 slides
PHISHING IN DEPTH (ATTACKS & MITIGATIONS) Table of Content 1.0 Introduction 2.0 Phishing

PHISHING IN DEPTH (ATTACKS & MITIGATIONS) Table of Content 1.0 Introduction 2.0 Phishing

PHISHING IN DEPTH (ATTACKS & MITIGATIONS) Table of Content 1.0 Introduction 2.0 Phishing 3.0 Phishing kit 4.0 Types of Phishing 5.0 Avoidance Techniques 6.0 Effect of Phishing on Businesses 7.0 Demos & Practical INTRODUCTION

565 views • 27 slides
Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring:

Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring:

Training employees to recognise and avoid phishing threats Agenda Today, we will be exploring: What is phishing? How phishing can damage a business What are the difgerent types of phishing? How to spot a phishing email What to do if

159 views • 12 slides
of Sandboxed Phishing Kits Summary Motivation Sandboxed phishing kits Implementation Results

of Sandboxed Phishing Kits Summary Motivation Sandboxed phishing kits Implementation Results

PhishEye: Xiao Han Nizar Kheir Live Monitoring Davide Balzarotti of Sandboxed Phishing Kits Summary Motivation Sandboxed phishing kits Implementation Results [APWG Phishing Activity Trends Report 2 nd Quarter 2016] All time high record

921 views • 59 slides
Anti-Phishing Security Strategy Angelo P. E. Rosiello Agenda 1. Brief introduction to phishing

Anti-Phishing Security Strategy Angelo P. E. Rosiello Agenda 1. Brief introduction to phishing

Anti-Phishing Security Strategy Angelo P. E. Rosiello Agenda 1. Brief introduction to phishing 2. Strategic defense techniques 3. A new client based solution: DOMAntiPhish 4. Conclusions Nature of Phishing Statistics from the Anti

536 views • 31 slides
Ne Needle in a Haystack: : Tracking Do Down Elite Ph Phishing g Dom Domains in the Wild Ke

Ne Needle in a Haystack: : Tracking Do Down Elite Ph Phishing g Dom Domains in the Wild Ke

Ne Needle in a Haystack: : Tracking Do Down Elite Ph Phishing g Dom Domains in the Wild Ke Tian, Steve T.K. Jan , Hang Hu, Danfeng Yao, Gang Wang Computer Science, Virginia Tech Phishing is a Big Th Threat Phishing: fraudulent attempt

411 views • 30 slides
Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able

Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able

Dont Take The Bait: How To Stay Safe From Phishing Goals After this section, youll be able to: Define phishing Identify signs of a potential phishing email Know where to report phishing emails to and how to report them

168 views • 15 slides
Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why

Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why

Phishing By: Joanna Georgiou Dhamija, R., Tygar, J. D., & Hearst, M. (2006, April 22). Why Phishing Works. Gelernter, N., Kalma, S., Magnezi, B., & Porcilan, H. (2017). The Password Reset MitM Attack. What is Phishing? Dhamija, R.,

528 views • 50 slides
Federal Information Systems Security Education Association Spear Phishing Agenda Definition

Federal Information Systems Security Education Association Spear Phishing Agenda Definition

Federal Information Systems Security Education Association Spear Phishing Agenda Definition of spear phishing Why is spear phishing so valuable to attackers Spear phishing defenses / countermeasures Training concepts and delivery

434 views • 8 slides
Social Engineering Phishing & More Phishing Fake Email Accounts Real Email Accounts

Social Engineering Phishing & More Phishing Fake Email Accounts Real Email Accounts

Social Engineering Phishing & More Phishing Fake Email Accounts Real Email Accounts DrLaneA@mail.com b.miller@tcu.edu Bursar-SecureServices@me.com jbickford@necc.mass.edu No proof of identity Could already be compromised

343 views • 7 slides
Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing

Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing

Id Identify fy a Phishing Attack CWU Information Security Services Id Identify fy a Phishing Attack An email address that tries to disguise itself as legitimate Outlook Team <msOutlook@outlook.com> Confirm Acount Details Hello

108 views • 7 slides
Analyzing the Effectiveness of Phishing at Network Level Sagar Mehta, Nitya Sundareswaran, Kevin

Analyzing the Effectiveness of Phishing at Network Level Sagar Mehta, Nitya Sundareswaran, Kevin

Analyzing the Effectiveness of Phishing at Network Level Sagar Mehta, Nitya Sundareswaran, Kevin D. Fairbanks, Nick Feamster Motivation Source - Phishing Activity Trends Report July, 2006 , Anti-Phishing workgroup Our work done from Jan

395 views • 24 slides
TRUSTED FRIEND ATTACK: GUARDIAN ANGELS STRIKE A talk by Ashar Javed @ DeepSec (21-22 November

TRUSTED FRIEND ATTACK: GUARDIAN ANGELS STRIKE A talk by Ashar Javed @ DeepSec (21-22 November

TRUSTED FRIEND ATTACK: GUARDIAN ANGELS STRIKE A talk by Ashar Javed @ DeepSec (21-22 November 2013), Vienna Austria WHAT Survey of " Fallback Authentication Methods " of fifty (50) popular social networking websites GRAPH IS BIG

1.77k views • 172 slides
GDPR FOR AUTHORS EVERYTHING YOU NEED TO KNOW YOURE IN THE RIGHT PLACE IF Youre an

GDPR FOR AUTHORS EVERYTHING YOU NEED TO KNOW YOURE IN THE RIGHT PLACE IF Youre an

GDPR FOR AUTHORS EVERYTHING YOU NEED TO KNOW YOURE IN THE RIGHT PLACE IF Youre an author, or aspiring author Youre marketing online to people in the EU You want to understand how data privacy laws affect what youre

605 views • 23 slides
Contact Information The Write Way: How HR Professionals Can Get Results Presented by

Contact Information The Write Way: How HR Professionals Can Get Results Presented by

Contact Information The Write Way: How HR Professionals Can Get Results Presented by Latonia Page Federal HR Institute Center for Leadership Development Developing Visionary Leaders to Transform Government LEADERSHIP.OPM.GOV |

609 views • 41 slides
THE POWER OF READING 10 FACTS EVERY TEACHER & PARENT MUST KNOW EMAIL:

THE POWER OF READING 10 FACTS EVERY TEACHER & PARENT MUST KNOW EMAIL:

THE POWER OF READING 10 FACTS EVERY TEACHER & PARENT MUST KNOW EMAIL: jimmckenzie@trsonline.org We are raising the most distracted Our politics, religion, news, generation in the history of the athletics, education and commerce

385 views • 14 slides
Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 25, 2016

Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 25, 2016

Security for Cloud & Big Data CS 161: Computer Security Prof. David Wagner April 25, 2016 Awesome Project 2 Solutions Honorable mention: Vincent Wang and John Choi super-efficient updates (6-9x better than our target!) using a log of

955 views • 28 slides
!"#$%&'()*+!,-,#")-".+/-%0("1+2.$3+4##"11+-$+

!"#$%&'()*+!,-,#")-".+/-%0("1+2.$3+4##"11+-$+

!"#$%&'()*+!,-,#")-".+/-%0("1+2.$3+4##"11+-$+ 5,.*"6/#,'"+4&&'(#,7$)18++ 4+9$0"'()*+4&&.$,#:+2$.+/-$.,*"+;$.<'$,01+ !!"#$%&'()*+,*-&. /0 &1233&&

472 views • 30 slides
Be an Email Creative Top Chef Lisa Harmon Director, Creati tive Services Smith

Be an Email Creative Top Chef Lisa Harmon Director, Creati tive Services Smith

Be an Email Creative Top Chef Lisa Harmon Director, Creati tive Services Smith th-Harmon, rmon, A Responsys Company Shannon Dorton Marketing Manager Orbitz Shinn Chen Marketing Manager Salesforce.com January 21, 2010 Janua uary

389 views • 27 slides
Beginning slide (use landing page image) Play! Answering Polls There will be a series of

Beginning slide (use landing page image) Play! Answering Polls There will be a series of

Beginning slide (use landing page image) Play! Answering Polls There will be a series of questions throughout the webinar. Brandify will share any interesting results post-webinar! Let's go! Webinar Agenda Industry Insights: 2017 Local

821 views • 48 slides

More recommend