110 likes | 298 Views
Phishing & Pharming Methods and Safeguards Baber Aslam and Lei Wu. Outline. Threats to Identity Theft Phishing Definition Methods Pharming Definition Methods Safeguards Project aims. Identify Theft. Two major Identity theft threats Aim at stealing personal sensitive data
E N D
Phishing & Pharming Methods and SafeguardsBaber Aslam and Lei Wu
Outline • Threats to Identity Theft • Phishing • Definition • Methods • Pharming • Definition • Methods • Safeguards • Project aims
Identify Theft • Two major Identity theft threats • Aim at stealing personal sensitive data • ID & password • Passport information • SSN • Bank account numbers • Credit card numbers • etc
Statistical Highlights for 2nd Half, 2008 Phishing Activity Trends Report, 2nd Half 2008
Statistical Highlights for 2nd Half, 2008 Phishing Activity Trends Report, 2nd Half 2008
Methods / Techniques • Misspelled URLs • (http://www.eccs.ucf.edu/account) • Spoofing URLs (http://www.google.com@members.hacker.com) • Javascript • International Domain Names
Methods / Techniques • Email Viruses • Alters the computer’s host file • DNS Poisoning • Nothing on computer changes • The company’s website is “hijacked” • Web Cache Poisoning • Drive-by pharming
Safeguards • Specialized “Anti-Phishing” Software • Spam filters • Multifactor authentication • Challenge Questions • Secure connections • DNS protection
Proposal The project aims at studying the methods of Phishing and Pharming, and analyzing the effectiveness of the safeguards against these methods.