close

Вход

Забыли?

вход по аккаунту

?

Online scams slides

код для вставкиСкачать
A Brief History of Semantic
Attacks
or
How Not to Get Screwed Online
Serge Egelman
CMU Usable Privacy and Security
Laboratory
http://cups.cs.cmu.edu/
Background
пЃ®
Disinformation
пЃ®
Social Engineering
• Human, *not* technical
problem
пЃ®
Physical World
Variants
QuickTimeв„ў and a
TIFF ( Uncompressed) decompr essor
are needed to see this pictur e.
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Types of Scams
пЃ®
Phishing
пЃ®
419 Scam (“Nigerian Scam”)
пЃ®
Check Fraud
пЃ®
Overpayment Scam
пЃ®
Pump-and-Dump
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing
пЃ®
Stealing personal information
• Authentication information
• Social Security Numbers
• Account numbers
пЃ®
Perpetrated via email
• “Account update”
• “Verify your information”
пЃ®
Fake websites
пЃ®
Pharming
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing Statistics
пЃ®
Countries of Origin
• United States - 32.07%
• Republic of Korea - 15.39%
• France - 6.55%
• China - 6.40%
• United Kingdom - 4.06%
• Germany - 3.85%
• Spain - 3.81%
• Japan - 3.05%
• Italy - 2.48%
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing Countermeasures
пЃ®
Manual
• Check URLs
• Examine certificates
• Never click
пЃ®
Automated
• Spam filters
• Challenge/response
• Browser plugins
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing Toolbars
пЃ®
Clear Search
• Scans email using heuristics
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing Toolbars
пЃ®
Cloudmark
• Community ratings
QuickTimeв„ў and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing Toolbars
пЃ®
eBay Toolbar
• Community ratings
QuickTimeв„ў and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing Toolbars
пЃ®
SpoofGuard
• URL analysis
• Password analysis
• Image analysis
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing Toolbars
пЃ®
Trustbar (Mozilla)
• Analyzes known sites
• Analyzes certificate information
QuickTimeв„ў and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Phishing Toolbars
пЃ®
Trustwatch
• Site ratings
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
But Do They Work?
пЃ®
No
• 25 Sites tested
• Cloudmark: 10 (40%) identified
• Netcraft: 19 (76%) identified
• Spoofguard: 10 (40%) identified
• Trustwatch: 9 (36%) identified
пЃ®
Hardware Solutions
• Too costly
• Inconvenient
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Trust Research
пЃ®
User Studies
пЃ®
Phishing Feeds
пЃ®
User Training
• Embedded training
• Games
пЃ®
Detection
• Email
• WWW
• IM
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
419 Scam (“Nigerian Scam”)
пЃ®
Businessman needs to launder money
пЃ®
Make you rich
пЃ®
Requires upfront fees
пЃ®
Sometimes more than money is lost
пЃ®
Often perpetrated from Nigeria
• Though now all over the world
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Check Fraud
пЃ®
Victim is selling something online
пЃ®
Anxious buyer needs item immediately
• Sends money order
• Buyer must ship item after receiving check
пЃ®
Check is a forgery
• But item is already sent
пЃ®
Example
• P-P-P-Powerbook!
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Overpayment Scam
пЃ®
Check fraud variant
пЃ®
Money order is far larger than sale price
• “Oversight” by buyer
пЃ®
Buyer needs check for the difference
пЃ®
Original money order is forged
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Pump-and-Dump
пЃ®
Scammer invests in penny stock
пЃ®
Sends messages hyping the stock
пЃ®
People invest
• Value goes up
• Scammer “dumps” the stock
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Questions?
• CMU Usable Privacy and Security Laboratory • http://cups.cs.cmu.edu/ •
Документ
Категория
Презентации
Просмотров
2
Размер файла
1 766 Кб
Теги
1/--страниц
Пожаловаться на содержимое документа