7 New Tricks to Getting More Clicks: The Secrets Behind Better PPC Ads
Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying...
Transcript of Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying...
![Page 2: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/2.jpg)
Levine CANTO Aug 2014 2
Spam
● Fake drugs
● Porn
● One Million Dollars
● ...
![Page 3: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/3.jpg)
Levine CANTO Aug 2014 3
Spam Web
● Click on this link for ...
● Fake drugs
● Phishing
● Porn
● ...
![Page 4: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/4.jpg)
Levine CANTO Aug 2014 4
Spam Web Malware
● Malicious or hacked site
● Installs malware
![Page 5: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/5.jpg)
Levine CANTO Aug 2014 5
Phishing
![Page 6: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/6.jpg)
Levine CANTO Aug 2014 6
Attacking your users
● Adware: shows annoying ads
● May replace legit ads
● Clickware: fake clicks
● “Man in Browser” clicks on ads
● Credential theft: online accounts
● Steal mail and web logins
● Send spam as your user
![Page 7: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/7.jpg)
Levine CANTO Aug 2014 7
Attacking your users
● Credential theft: financial accounts
● Steal banking credentials
● Insert fake transactions with real ones
![Page 8: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/8.jpg)
Levine CANTO Aug 2014 8
Botnets
![Page 9: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/9.jpg)
Levine CANTO Aug 2014 9
Botnets
● Hijack computer to send spam
● Provokes complains
● Wastes your bandwidth
● Gets your network blocked
● Hijack computer for Denial of Service
● Wastes a lot of bandwidth
● May get you blocked
![Page 10: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/10.jpg)
Levine CANTO Aug 2014 10
Botnets
● Hijack computer as malware host
● Temporary or proxy web server
● Wastes your bandwidth
● Considered antisocial
● Hijack computer for other purposes
● This month's special: Bitcoin mining
![Page 11: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/11.jpg)
Levine CANTO Aug 2014 11
Countermeasures
● Stop outgoing spam
● Cooperate to detect and stop abuse
● Share data
● Build capacity
![Page 12: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/12.jpg)
Levine CANTO Aug 2014 12
Filtering
Authentication
Outgoing spam
![Page 13: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/13.jpg)
Levine CANTO Aug 2014 13
Best Current Practices
Feedback loops
Data providers
Ad-hoc groups
Trade associations
Cooperation
![Page 14: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/14.jpg)
Levine CANTO Aug 2014 14
Port management
Botnet mitigation
Acceptable User Policies (AUP)
Best current practices (BCP)
![Page 15: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/15.jpg)
Levine CANTO Aug 2014 15
Tell senders about their spam
User reports
Spam traps
Feedback loops
![Page 16: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/16.jpg)
Levine CANTO Aug 2014 16
Spamhaus
–Shares with trusted providers
Specialists
–Team Cymru
–Return Path
–Etc.
Data providers
![Page 17: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/17.jpg)
Levine CANTO Aug 2014 17
Fight specific issues
Trust-based Communities
–Conficker Working Group
–Torpig Working Group
–Mariposa Working Group
–DNS Changer Working Group
Ad-hoc groups
![Page 18: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/18.jpg)
Levine CANTO Aug 2014 18
Public/Private initiatives
● Convened by FCC in the United States
● Mostly private members
● Recommendations not binding but persuasive
![Page 19: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/19.jpg)
Levine CANTO Aug 2014 19
Intergovernmental groups
● London Action Plan
● ICPEN
● Interpol
![Page 20: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/20.jpg)
Levine CANTO Aug 2014 20
CERTs
● Computer Emergency Response Team
● Generally national or regional
● Some public, some private
● Tend to have interesting meetings
![Page 21: Spam, Malware and Cybercrime...Levine CANTO Aug 2014 6 Attacking your users Adware: shows annoying ads May replace legit ads Clickware: fake clicks “Man in Browser” clicks on ads](https://reader033.fdocuments.net/reader033/viewer/2022051922/60104ef3116e323bfb37664a/html5/thumbnails/21.jpg)
Levine CANTO Aug 2014 21
Spam, Malware and Cybercrime
John R. Levine
CAUCE North America
CANTO August 2014