Post on 17-Dec-2015
Outline
• Phishing– Defined– How Phishing Works– Phishing Damage– What Phishing Looks Like– Prevention
• Pharming– How Pharming Works– Prevention
Phishing Defined
“Phishing is a form of criminal activity using social engineering techniques, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an email or an instant message.”
-Wikipedia
How Phishing Works
• “Legitimate” emails seem to originate from trusted sources – banks or online retailers
• Social engineering tactics convince the reader that their information is needed– Fear is the #1 tactic– Solicitation of help
• Links and email look very real– Account Update– http://www.ebay.com/myaccount/update.asp
How Phishing Works
• Techniques– Mispelled URLs (
http://www.welllsfargo.com/account)– Spoofing URLs (
http://www.google.com@members.tripod.com)
– Javascript– Cross Site Scripting– International Domain Names
How Phishing Works
• The Stolen Results– Voluntary! Remember you gave it to them.– Login
• Username• Password
– Update Information• Social Security Number• Address• Bank Account Number• Credit Card Number
Phishing Damage
• Monetary– May 2004 and May 2005, roughly 1.2
million U.S. computer users suffered phishing losses valued at $929 million
– U.S. companies lose more than $2 billion annually as their clients fall victim
• Identity– New Credit Cards, loans, apartments, bank
accounts, etc.
Phishing Targets
• Users lack computer knowledge– Elderly
• Users lack security knowledge– Elderly– Teens– New Computer Users– Infrequent Computer Users
What Phishing Looks Like
#1: The link that appears legitimate
#2: The actual destination when you click on the link
Phishing Test
• For the complete test go to: http://survey.mailfrontier.com/survey/quiztest.html
• A similar test was conducted by Rachna Dhamija, J.D. Tygar, and Marti Hearst with 20 websites and emails- 12 were fraudulent- 8 were legitimate
How to Detect Phishing
• Software– Specialized “Anti-
Phishing” Software– Spam filters– Challenge
Questions– Firefox– Opera– IE 7
Prevention
• Education, education, education
• Look out for:– Misspelled words– “Dear Valued Customer”– Beware of the @ sign– Unusual company behavior
• Go to websites directly
from browser
How to Detect Phishing
• Other Resources:– McAfee’s Whitepaper: “Anti-Phishing: Best
Practices for Institutions and Consumers”– Why Phishing Works – study by Dhamija,
Tygar, and Hearst– The FTC “How Not to Get Hooked by a ‘
Phishing’ Scam“ website
Phishing’s Evil Cousin
• People are educating themselves and foiling many phishers– Leading many to develop more malicious
tools• Pharming• Spam• Viruses• Password Stealing Software
– Same end result, different method
How Pharming Works
• Email Viruses– Alters the computer’s host file
• DNS Poisoning– Nothing on your computer changes– The company’s website is “hijacked”– Google and Panix.com recent examples
• Detection is very difficult
Prevention
• Burden lies on businesses– Server-side scripts– Digital Certificates
• Browsers can help identify originating location– US customers would be wary of bank IP
address from Russia