+ All Categories
Home > Documents > Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

Date post: 26-Dec-2015
Category:

Documents
Upload: horatio-charles
View: 215 times
Download: 0 times
Download Report this document
Share this document with a friend
Popular Tags:
spam mail
annual spam
spam cost
wiki spam
spam email4
spam email8
spam email28
phishing history spam
27
Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin
Transcript
Page 1: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

Spam / Phishing

Björn Bittins

Sebastian Kühnau

FHTW-Berlin

Page 2: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

Structure

Spam (Sebastian) Definition History Types Counteraction Damage Facts Summary

Phishing (Björn) Definition History Types Counteraction Damage Facts Summary

Page 3: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Spam

Björn BittinsSebastian Kühnau

Page 4: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Definition of SPAM

massmail, not personal addressed, unwanted (commercial) content

„recipient's personal identity and context are irrelevant because the message is equally applicable to many other potential recipients“

www.spamhaus.org

Björn Bittins Sebastian Kühnau

Page 5: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

History

spam: trademark for canned meat (spiced ham)

word first used in a Monty Python sketch

first spam mail in 1978:Digital Equipment Corp. sent commercial to 400users of ARPANET

Björn Bittins Sebastian Kühnau

Page 6: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Types

UBE (unsolicited bulk email)

UCE (unsolicited commercial email)

collateral spam

forum-spam

index spamming, wiki spam, spam over mobile phone (Spom)

phishing mails

own type of spam for every type of communication channel

Björn Bittins Sebastian Kühnau

Page 7: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Counteraction

on user site: using disposable mail adresses post no mail adresses on public boards

trash-mail.com

on blog/wiki operator site using „captchas“ for

posting messages

on mail server operator site black-/white-/greylisting using a secure configuration (no open relay)

Björn Bittins Sebastian Kühnau

Page 8: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

General counteraction

changes in protocols (SMTP)

legal basic conditions (laws)

use of spam filters (bayes filter)

Björn Bittins Sebastian Kühnau

Page 9: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Damage

Björn Bittins Sebastian Kühnau

financial loss (for provider/receiver)

loss of time / productivity

slowdown of mail traffic / breakdown of server

spam filters are needed

Page 10: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Facts / Statistics

Spam Statistics – (2003)Email considered Spam 40% of all

email

Daily Spam emails sent 12,4 billion

Annual Spam recieved per person 2.200

Spam cost to all non corp users $255 million

Spam cost to all U.S. Corporations in 2002

$8,9 billion

States with Anti-Spam Laws 26

Email address changes due to spam 16%

Estimated Spam increase by 2007 63%

Annual Spam in 1.000 employee company

2.1 million

Users who reply to Spam email 28%

Users who purchased from Spam email 8%

Corporate email that is considered Spam

15-20%

Wasted corporate time per Spam email 4-5 secounds

10 worst Spam origin Countries – (2003)Rank Country Number of current

known spam issues

1 United States 1993

2 China 448

3 Russia 258

4 United Kingdom 213

5 South Korea 185

6 Germany 177

7 Japan 171

8 Canada 149

9 France 145

10 Italy 134

www.spam-filter-review.toptenreviews.com/spam-statistics.html www.spamhaus.org/statistics/countries.lasso

Björn Bittins Sebastian Kühnau

Page 11: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

more Facts / Statistics

Björn BittinsSebastian Kühnau

www.computerbase.de

- 2006

Page 12: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Summary

Björn Bittins - FHTWSpam / Phishing

unwanted mail, without preexisting relationship

almost every communication channel has it‘s own type of spam

counteraction: on user/operator site

causes damage in many areas

Page 13: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Phishing

Björn Bittins - FHTWSpam / Phishing

Page 14: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Definition of phishing

Björn Bittins - FHTWSpam / Phishing

neogolism for password fishing

getting confidential personal information from a user by pretending to be a serious provider (e.g. bank, eBay)

Page 15: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

History of phishing

Björn Bittins - FHTWSpam / Phishing

1990‘s: AOL accounts were stolen to share illegal content (warez)

2001: first known phishing attack against payment service (E-gold)

since 2004: phishing is recognized as fully industrialized part of crime scene

Page 16: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Types / Functionality

Björn Bittins - FHTWSpam / Phishing

email phishing sending mails that look

trustworthy to user

“man in the middle” – attack uses trojan horses to

intercept personal information

Page 17: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Types / Functionality

Bjoern BittinsSebastian Kuehnau

Page 18: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Types / Functionality

Björn Bittins - FHTWSpam / Phishing

email phishing sending mails that look

trustworthy to user

“man in the middle” – attack uses trojan horses to

intercept personal information

Page 19: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Types / Functionality

Bjoern BittinsSebastian Kuehnau

Page 20: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Counteraction / Protection

Björn Bittins - FHTWSpam / Phishing

phishing filtercompares website with a black listsenses typical criteria of phishing mails

avoid clicking on links from untrustworthy sources

be sensible in publishingprivate data

Page 21: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Counteraction / Protection

Bjoern BittinsSebastian Kuehnau

Page 22: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Damage

Björn Bittins - FHTWSpam / Phishing

wide range of damage possible denial of access to mail account identitytheft (used to commit crime) financial loss

US 04-05: 1.2 mio user suffered loss of $ 929mio UK losses by bank fraud (mostly phishing)

2004: £ 12.2mio 2005: £ 23.2mio

Forrester survey (2005) “trillion dollar problem”

Page 23: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Facts / Statistics

Björn Bittins - FHTWSpam / Phishing

2004: one in every 943 mails

2005: one in every 304 mails

Page 24: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Facts / Statistics 2

Björn Bittins - FHTWSpam / Phishing

origin of phishing attacks

Page 25: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Summary

Björn Bittins - FHTWSpam / Phishing

getting confidential personal information

email phishing / “man in the middle” – attacks

amount of phishing attacks grows

phishing filter / user awareness

wide range of damage

Page 26: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

The End

Questions?

Björn Bittins - FHTWSpam / Phishing

Page 27: Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin.

FHTW-BerlinGermany

Spam and Phishing

Sources

http://www.forrester.com

http://www.bsi.de

http://www.spamhaus.org

http://www.spampolitik.de

http://en.wikipedia.org

Björn Bittins - FHTWSpam / Phishing


Recommended
Phishing - Fred 151 · 2020-03-21 · di Phishing. 2 Identificare Come riconoscere il Phishing. Cosa fare se siamo vittime di Phishing 3 Esempi Esempi di email di Phishing. 4 Test

Phishing - Fred 151 · 2020-03-21 · di Phishing. 2 Identificare Come riconoscere il Phishing. Cosa fare se siamo vittime di Phishing 3 Esempi Esempi di email di Phishing. 4 Test

Documents

Session 20 Björn Wendle

Session 20 Björn Wendle

Documents

Phishing and Anti-phishing techniques

Phishing and Anti-phishing techniques

Documents

Björn Borg

Björn Borg

Documents

COMBATTING MODERN EMAIL PHISHING ATTACKS · 2016-11-07 · Combatting modern email phishing attacks More effective than traditional phishing scams, spear-phishing attacks are carefully

COMBATTING MODERN EMAIL PHISHING ATTACKS · 2016-11-07 · Combatting modern email phishing attacks More effective than traditional phishing scams, spear-phishing attacks are carefully

Documents

What is Phishing | How to Spot a Phishing email or Website 2020 | Antivirus for Phishing Attack

What is Phishing | How to Spot a Phishing email or Website 2020 | Antivirus for Phishing Attack

Services

Social Commerce Björn Alberts 2011

Social Commerce Björn Alberts 2011

Business

Shoulder Fracture Arthroplasty Björn Salomonsson 2009 Björn Salomonsson 2009.

Shoulder Fracture Arthroplasty Björn Salomonsson 2009 Björn Salomonsson 2009.

Documents

1/34, Sieck Content Production and Evaluation mLearning - Content Production and Evaluation Prof. Dr. Jürgen Sieck FHTW Berlin /Germany ( J.Sieck@fhtw-berlin.de.

1/34, Sieck Content Production and Evaluation mLearning - Content Production and Evaluation Prof. Dr. Jürgen Sieck FHTW Berlin /Germany ( [email protected].

Documents

Phishing Awareness - Valdosta State University€¦ · Types of Phishing Attacks Spear phishing - Phishing attempts directed at specific individuals or companies have been termed

Phishing Awareness - Valdosta State University€¦ · Types of Phishing Attacks Spear phishing - Phishing attempts directed at specific individuals or companies have been termed

Documents

Anti-Phishing Technology - APWG › reports › phishing-sfectf-report.pdf · 1/19/2005 Anti-Phishing Technology 2 The frequency of phishing attacks has increased dramatically in

Anti-Phishing Technology - APWG › reports › phishing-sfectf-report.pdf · 1/19/2005 Anti-Phishing Technology 2 The frequency of phishing attacks has increased dramatically in

Documents

Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks

Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks

Internet

Björn Brembs Universität Regensburg

Björn Brembs Universität Regensburg

Documents

Björn Sandström

Björn Sandström

Documents

Phishing and Trust. Agenda Questions? Questions? Phishing Phishing Project feedback Project feedback Trust Trust.

Phishing and Trust. Agenda Questions? Questions? Phishing Phishing Project feedback Project feedback Trust Trust.

Documents

Björn Moen Final Seminar Ver

Björn Moen Final Seminar Ver

Documents

Lilla Björn Crochet - Scheepjeswol

Lilla Björn Crochet - Scheepjeswol

Documents

AWARENESS OF PHISHING SCENARIO - CYBERWISER.eu · 2020. 11. 19. · Phishing attack exercise •Identify phishing indicators in an email. •Distinguish phishing from legitimate emails.

AWARENESS OF PHISHING SCENARIO - CYBERWISER.eu · 2020. 11. 19. · Phishing attack exercise •Identify phishing indicators in an email. •Distinguish phishing from legitimate emails.

Documents