WEBP-Potential Online Threats

Embed Size (px)

Text of WEBP-Potential Online Threats

  • 8/13/2019 WEBP-Potential Online Threats


    Presented By:Utkarsh Jaiswal

    Abhishek KumarAakriti DhawanAnkita Rastogi

    Akash Tomar

  • 8/13/2019 WEBP-Potential Online Threats


    Threats that uses the World Wide Web to facilitate cybercrime.

    Web threats use multiple types of malware and fraud, all of which

    utilize HTTP or HTTPS protocols, but may also employ other

    protocols and components, such as links in email or IM, or malware

    attachments or on servers that access the Web.

    They benefit cybercriminals by stealing information for subsequent

    sale and help absorb infected PCs into botnets.

    Web threats pose a broad range of risks, such as identity theft, lossof confidential information/data, theft of network resources,

    damaged brand/personal reputation, and erosion of consumer

    confidence in e-commerce and online banking.

  • 8/13/2019 WEBP-Potential Online Threats


    Web threats can be divided into two primary

    categories, based on delivery method

    Push based threats

    Pull Attacks

  • 8/13/2019 WEBP-Potential Online Threats


    Push-based threats are the fraudulent means that lure a user to

    a malicious website which then collects information and/or

    injects malware.

    Push attacks use phishing, DNS poisoning (or pharming), and

    other means to appear to originate from a trusted source.

    Examples of push based threats are-



    DNS Poisoning( Pharming)

  • 8/13/2019 WEBP-Potential Online Threats


    Pull-based web threats are often referred to as drive-by

    threats by since they can affect any website visitor.

    Cybercriminals infect legitimate websites, which unknowingly

    transmit malware to visitors or alter search results to take users

    to malicious websites.

    Upon loading the page, the users browser passively runs a

    malware downloader in a hidden HTML frame (IFRAME)

    without any user interaction.

  • 8/13/2019 WEBP-Potential Online Threats




    Trojans Spyware



    DNS Poisoning (Pharming)

  • 8/13/2019 WEBP-Potential Online Threats


    A computer user can be tricked or forced into downloadingsoftware onto a computer that is of malicious intent. Suchprograms are known as malware and come in many forms,such as Viruses, Trojan horses, spyware, and worms.

    Malicious software is sometimes used to form botnets.

    Malware can be installed without the user ever knowing. Justby visiting a compromised website, opening an email or

    installing a program, it is possible for the Malware author toexploit vulnerabilities in your PC's operating system to enableremote access or software installation.

  • 8/13/2019 WEBP-Potential Online Threats


    Virusesare programs that can replicate their structures or effects

    by infecting other files or structures on a computer.

    The common use of a virus is to take over a computer to steal


    A virus is designed to spread from your computer to other


    One way a virus can spread is by accessing your emails and

    sending a copy of itself to your contacts so it spreads, this iscalled a (worm)

    Wormsare programs that can replicate themselves throughout a

    computer network, performing malicious tasks throughout.

  • 8/13/2019 WEBP-Potential Online Threats


    A program that appears legitimate, but performs someillicit activity when it is run. It may be used to locatepassword information or make the system more

    vulnerable to future entry or simply destroy programsor data on the hard disk.

  • 8/13/2019 WEBP-Potential Online Threats


    Spyware is a type of malware (malicious software)installed on computers that collects information aboutusers without their knowledge. The presence of

    spyware is typically hidden from the user and can bedifficult to detect. Some spyware, such as keyloggers,may be installed by the owner of a shared, corporate,or public computer intentionally in order to monitor


  • 8/13/2019 WEBP-Potential Online Threats


  • 8/13/2019 WEBP-Potential Online Threats



    Phishing is an attempt to steal your personalinformation. They send out e-mails that appear tocome from legitimate websites such as eBay, PayPal, or

    other banking institutions. The e-mails state that yourinformation needs to be updated or validated and askthat you enter your username and password

  • 8/13/2019 WEBP-Potential Online Threats


    Pharming is yet another way hackers attempt tomanipulate users on the Internet. While phishingattempts to capture personal information by getting

    users to visit a fake website, pharming redirects usersto false websites without them even knowing it.

  • 8/13/2019 WEBP-Potential Online Threats


    Legislation can refer or laws or the process by whichthey are enacted in certain countries. Many countrieshave some form of legislation, which is a body

    dedicated primarily to passing and amending laws

  • 8/13/2019 WEBP-Potential Online Threats


    In the computer security context, a hacker is someone who

    seeks and exploits weaknesses in a computer system or computer


    Hackers may be motivated by a multitude of reasons, such as

    profit, protest, or challenge.

    The term hacker is reclaimed by computer programers who argue

    that someone breaking into computers is better called a cracker, not

    making a difference between computer criminals (black hats) and

    computer security experts (white hats ).

    According to (Clifford R.D. 2006) a cracker or cracking is to"gain unauthorized access to a computer in order to commit another

    crime such as destroying information contained in that

    system. These subgroups may also be defined by the legal status of

    their activities.

  • 8/13/2019 WEBP-Potential Online Threats


    White hatA white hat hacker breaks security for non-malicious reasons, perhaps to

    test their own security system or while working for a security companywhich makes security software. The term "white hat" in Internet slang

    refers to an ethical hacker. This classification also includes individuals

    who perform penetration tests and vulnerability assessments within a

    contractual agreement.

    Black hat

    A "black hat" hacker is a hacker who "violates computer security for

    little reason beyond maliciousness or for personal gain" (Moore,

    2005). Black hat hackers form the stereotypical, illegal hacking groups

    often portrayed in popular culture, and are "the epitome of all that thepublic fears in a computer criminal". Black hat hackers break into secure

    networks to destroy data or make the network unusable for those who

    are authorized to use the network.

  • 8/13/2019 WEBP-Potential Online Threats


    Grey hat

    A grey hat hacker is a combination of a black hat and a white hat hacker.

    A grey hat hacker may surf the internet and hack into a computer system

    for the sole purpose of notifying the administrator that their system has a

    security defect, for example. Then they may offer to correct the defect

    for a fee.

    Script kiddie

    A script kiddie (also known as a skid or skiddie) is a non-expert who

    breaks into computer systems by using pre-packaged automated tools

    written by others, usually with little understanding of the underlyingconcepthence the term script (i.e. a prearranged plan or set of

    activities) kiddie (i.e. kid, childan individual lacking knowledge and

    experience, immature).[

  • 8/13/2019 WEBP-Potential Online Threats


    I DENTI TY THEFT that was coined in 1964 is a form of stealing

    someone's identity in which someone pretends to be someone else byassuming that person's identity, typically in order to access resources or

    obtain credit and other benefits in that person's name. Identity theft occurs

    when someone uses another's personally identifying information, like their

    name, identifying number, or credit card number, without their permission,

    to commit fraud or other crimes.

    Identity Theft sub-divide identity theft into five categories:

    Criminal identity theft (posing as another person when apprehended for a


    Financial identity theft (using another's identity to obtain credit, goodsand services)

    Identity cloning (using another's information to assume his or her

    identity in daily life)

    Medical identity theft (using another's identity to obtain medical care ordrugs)

  • 8/13/2019 WEBP-Potential Online Threats


    A BOTNETis a collection of Internet-connected programs communicating with

    other similar programs in order to perform tasks. This can be as mundane askeeping control of an Internet Relay Chat (IRC) channel, or it could be used to

    send spam email or participate in distributed denial-of-service attack attacks.


    The term botnet is widely used when several IRC bots have been linked and may

    possibly set channel modes on other bots and users while keeping IRC channelsfree from unwanted users.


    Botnets sometimes compromise computers whose security defenses have been

    breached and control conceded to a third party. Each such compromised device,

    known as a "bot", is created when a computer is penetrated by software froma malware(malicious software) distribution. The controller of a botnet is able to

    direct the activities of these compromised computers through communication

    channels formed by standards-based network protocols such as IRC

    and Hypertext Transfer Protocol (HTTP).

  • 8/13/2019 WEBP-Potential Online Threats



    SEARCH & DESTROY is a spyware and adwareremoval computer program compatible with Microsoft Windows 95 and

    later. It scans the computer hard disk and/or RAM for malicious software.


    In addition to spyware and adware detection and disinfection, Spybot-S&D

    can repair the registry, winsock LSPs, ActiveX objects, browser

    hijackers and BHOs, PUPS, computer cookies, trackerware, heavy duty,

    homepage hijackers, keyloggers, LSP, tracks, trojans, spybots, revision, and

    other kinds of malware. It can also delete tracking cookies.

    Some programs are supplied with attached spyware or adware and refuse torun when they are not present; newer versions of Spybot replace the

    spyware binaries with inert dummies (designed to fool programs which

    simply check for the presence of the spyware's file).