7/31/2019 Anti Phising

1/13

Anti-Phishing

How To Protect Yourself

7/31/2019 Anti Phising

2/13

Recognize Phishing Scams and Fraudulent E-mails

Phishing is a type of deception designed to stealyour valuable personal data, such as credit cardnumbers, passwords, account data, or otherinformation.

Con artists might send millions of fraudulent e-mailmessages that appear to come from Web sites youtrust, like your bank or credit card company, andrequest that you provide personal information.

7/31/2019 Anti Phising

3/13

Phreaking + Fishing = Phishing- Phreaking= making phone calls for free back in 70s- Fishing = Use bait to lure the target

Phishing in 1995Target: AOL usersPurpose: getting account passwords for free timeThreat level: lowTechniques: Similar names ( www.ao1.com for www.aol.com ), social

engineering

Phishing in 2001Target: Ebayers and major banksPurpose: getting credit card numbers, accountsThreat level: medium

Techniques: Same in 1995, keylogger

Phishing in 2007

Target: Paypal, banks, ebay

Purpose: bank accounts

Threat level: high

Techniques: browser vulnerabilities, link obfuscation

History of Phishing

http://www.ao1.com/http://www.aol.com/http://www.aol.com/http://www.ao1.com/

7/31/2019 Anti Phising

4/13

What Does a Phishing Scam Look Like?

As scam artists become more sophisticated, sodo their phishing e-mail messages and pop-upwindows.

They often include official-looking logos from realorganizations and other identifying informationtaken directly from legitimate Web sites.

7/31/2019 Anti Phising

5/13

Employ visual elements from target site DNS Tricks:

www.ebay.com.krwww.ebay.com@192.168.0.5

www.gooogle.comUnicode attacks

JavaScript AttacksSpoofed SSL lock

CertificatesPhishers can acquire certificates for domainsthey ownCertificate authorities make mistakes

Current Phishing Techniques

7/31/2019 Anti Phising

6/13

Socially aware attacksMine social relationships from public data

Phishing email appears to arrive from someone known to the victim

Use spoofed identity of trusted organization to gain trust Urge victims to update or validate their account

Threaten to terminate the account if the victims not reply Use gift or bonus as a bait

Security promises

Context-aware attacksYour bid on eBay has won!The books on your Amazon wish list are on sale!

Spear-Phishing: Improved Target Selection

7/31/2019 Anti Phising

7/13

Example.

WHO IS 210.104.211.21:Location: Korea, Republic Of

Images from Anti-Phishing Working Groups Phishing Archive

7/31/2019 Anti Phising

8/13

Here are a few phrases to look for if you think an e-mail message is aphishing scam.

"Verify your account."Businesses should not ask you to sendpasswords, login names, Social Security numbers, or other personalinformation through e-mail. If you receive an e-mail from anyone asking

you to update your credit card information, do not respond: this is aphishing scam.

"If you don't respond within 48 hours, your account will be

closed."These messages convey a sense of urgency so that you'llrespond immediately without thinking. Phishing e-mail might even claim

that your response is required because your account might have beencompromised.

How To Tell If An E-mail Message is Fraudulent

7/31/2019 Anti Phising

9/13

How To Tell If An E-mail Message is Fraudulent (contd)

"Dear Valued Customer."Phishing e-mail messages are usually sentout in bulk and often do not contain your first or last name. "Click the link below to gain access to your account."HTML-formatted messages can contain links or forms that you can fill out just as

you'd fill out a form on a Web site.The links that you are urged to clickmay contain all or part of a real company's name and are usually"masked," meaning that the link you see does not take you to that

address but somewhere different, usually a phony Web site. Notice in the following example that resting the mouse pointer on thelink reveals the real Web address, as shown in the box with the yellowbackground. The string of cryptic numbers looks nothing like thecompany's Web address, which is a suspicious sign.

Example of masked

URL addres

7/31/2019 Anti Phising

10/13

Con artists also use Uniform Resource Locators (URLs)that resemble the name of a well-known company but areslightly altered by adding, omitting, or transposing letters.

For example, the URL "www.microsoft.com" could appear

instead as:www.micosoft.comwww.mircosoft.comwww.verify-microsoft.com

How To Tell If An E-mail Message is Fraudulent (contd)

7/31/2019 Anti Phising

11/13

Never respond to an email asking for personal information

Always check the site to see if it is secure. Call the phonenumber if necessary

Never click on the link on the email. Retype the address in anew window

Keep your browser updated

Keep antivirus definitions updated Use a firewall

7/31/2019 Anti Phising

12/13

Phishing Filter

(http://www.microsoft.com/athome/security/online/phishing_filter.mspx) helps protect you from Web fraud and the risks ofpersonal data theft by warning or blocking you from reported

phishing Web sites. Install up-to-date antivirus and antispyware software.Some phishing e-mail contains malicious or unwanted software(like key loggers) that can track your activities or simply slowyour computer.

Numerous antivirus programs exist as well as comprehensivecomputer maintenance services like Norton Utilities. To helpprevent spyware or other unwanted software, downloadWindows Defender.

Install the Microsoft Phishing Filter Using

Internet Explorer 7 or Windows Live Toolbar

7/31/2019 Anti Phising

13/13

Thank You