Phishing Problem

Kristián KučerákMilan Just

Abstract

In this age of broadband, wireless, and network interconnectivity, we enjoy the unprecedented power of information exchange and commerce at our fingertips.

Networks and systems are continuously evolving to become more robust, thereby maximizing our convenience and

productivity – 24 hours a day, seven days a week. Over the last few years, online banking, including online bill paying, has

become very popular as more financial institutions begin to offer free online services.With the increase in online fraud and

identity theft, financial crimes have changed from direct attacks to indirect attacks—in other words, rather than

robbing a bank at gunpoint, the criminals target the bank's customers. This type of indirect attack significantly impacts

the financial institutions themselves because their inability to adequately protect their customer assets tarnishes their

reputations and overall trust.

Spam Classification Spam organization1. Bulk-mailing tool identification. Identification of unique mailing

attributes found in the e-mail header.2. Feature subsets Items such as hash busters, (format and location),

content attributes (spelling errors, grammar), and unique feature subsets from the bulk-mailing tool.

3. Sending methods

Classification techniques1. Unsolicited commercial e-mail (UCE)2. Nonresponsive commercial e-mail (NCE)3. List makers4. Scams (Phishing)

Cyber Crime Evolution

What is Phishing ?

Gather private information (credit card information, bank account passwords

First Phishing reported against financial institution in July 2003

It introduced a new class of attack vektor – overlooked human element

Phishing Statistics Phishers are refining their e-mail techniques Phishers of 2005 build their own PHP bulk-

mailing Phishers are becoming more technically

savvy Phishers are taking advantage of Cross-Site

Scripting (XSS) vulnerabilities Phishers are refining their key-logging

malware

Go Phish!

Most popular phishing methods :

Impersonating Attack Forwarding Attack Pop-up Attack

Impersonating Attack

Forwarding Attack

Popup Attack

Harvesting e-mail Addresses

86 percent of the e-mail addresses posted to Web pages receive spam (@ sign)

the majority of spammers and phishers use bots or crawlers (www.bestextractor.com)

Extract Link, Whois Extractor, List Monitor, Email Verifier

Sending Spam/PhishTwo competing popular bulk

mailers:

Send-Safe ( “real anonymous mailer”, was authored by Ruslan Ibragimov – author of Sobig Virus )

Dark-Mailer ( easy of use, forging headers, sending roughly 500,000 e-mails per hour, supports HTTP and SOCKS proxies )

Conclusion Significant and growing problem A lot of antiphishing vendors – be

careful “secure by marketing” – campaing

just to get sales Good idea product

evaluated by a professional security team

Thank you for your attention

Any questions ???