Upload
florence-marcus
View
25
Download
0
Embed Size (px)
DESCRIPTION
Phishing Emails. Obviously Illegitimate. http://rusprory.mass.hc.ru/old_site/update/index.php. Look-alike Characters. International Character Sets. What does this URL refer to? www.bank.com/accounts/login.php?q=me.badguy.cn This is a host name only!. - PowerPoint PPT Presentation
Citation preview
Slide 1
Phishing Emails
CS 142 Lecture Notes: Security Attacks: Phishing
CS 142 Lecture Notes: Security Attacks: Phishing Slide 2
Obviously Illegitimate
http://rusprory.mass.hc.ru/old_site/update/index.php
CS 142 Lecture Notes: Security Attacks: Phishing Slide 3
Look-alike Characters
CS 142 Lecture Notes: Security Attacks: Phishing Slide 4
International Character Sets
● What does this URL refer to?
www.bank.com/accounts/login.php?q=me.badguy.cn
● This is a host name only!
Chinese characters that look like "/", "?", and "="
CS 142 Lecture Notes: Security Attacks: Phishing Slide 5
Picture in picture
CS 142 Lecture Notes: Security Attacks: Phishing Slide 6
Legitimate Partners Can Look Fishy
???
???
CS 142 Lecture Notes: Security Attacks: Phishing Slide 7
HTTPS Indicators
HTTP HTTPS
Firefox 10
IE 8
Chrome 17
CS 142 Lecture Notes: Security Attacks: Phishing Slide 8
Extended Validation Certificates
CS 142 Lecture Notes: Security Attacks: Phishing Slide 9
Extended Validation Certificates
Extended Normal HTTPS
Firefox 10
IE 8
Chrome 17
Certificate Authority
CS 142 Lecture Notes: Security Attacks: Phishing Slide 10