1 / 27

Spam / Phishing

Spam / Phishing. Björn Bittins Sebastian Kühnau FHTW-Berlin. Structure. Spam (Sebastian) Definition History Types Counteraction Damage Facts Summary. Phishing (Björn) Definition History Types Counteraction Damage Facts Summary. Spam. Definition of SPAM.

happy
Download Presentation

Spam / Phishing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Spam / Phishing Björn Bittins Sebastian Kühnau FHTW-Berlin

  2. Structure • Spam (Sebastian) • Definition • History • Types • Counteraction • Damage • Facts • Summary • Phishing (Björn) • Definition • History • Types • Counteraction • Damage • Facts • Summary

  3. Spam Björn Bittins Sebastian Kühnau

  4. Definition of SPAM massmail, not personal addressed, unwanted (commercial) content „recipient's personal identity and context are irrelevant because the message is equally applicable to many other potential recipients“www.spamhaus.org Björn Bittins Sebastian Kühnau

  5. History spam: trademark for canned meat (spiced ham) word first used in a Monty Python sketch first spam mail in 1978:Digital Equipment Corp. sent commercial to 400users of ARPANET Björn Bittins Sebastian Kühnau

  6. Types • UBE (unsolicited bulk email) • UCE (unsolicited commercial email) • collateral spam • forum-spam • index spamming, wiki spam, spam over mobile phone (Spom) • phishing mails  own type of spam for every type of communication channel Björn Bittins Sebastian Kühnau

  7. Counteraction • on user site: • using disposable mail adresses • post no mail adresses on public boards  trash-mail.com • on blog/wiki operator site • using „captchas“ for posting messages • on mail server operator site • black-/white-/greylisting • using a secure configuration (no open relay) Björn Bittins Sebastian Kühnau

  8. General counteraction changes in protocols (SMTP) legal basic conditions (laws) use of spam filters (bayes filter) Björn Bittins Sebastian Kühnau

  9. Damage Björn Bittins Sebastian Kühnau financial loss (for provider/receiver) loss of time / productivity slowdown of mail traffic / breakdown of server spam filters are needed

  10. Facts / Statistics www.spam-filter-review.toptenreviews.com/spam-statistics.html www.spamhaus.org/statistics/countries.lasso Björn Bittins Sebastian Kühnau

  11. more Facts / Statistics - 2006 www.computerbase.de Björn Bittins Sebastian Kühnau

  12. Summary Björn Bittins - FHTW Spam / Phishing unwanted mail, without preexisting relationship almost every communication channel has it‘s own type of spam counteraction: on user/operator site causes damage in many areas

  13. Phishing Björn Bittins - FHTW Spam / Phishing

  14. Definition of phishing Björn Bittins - FHTW Spam / Phishing neogolism for password fishing getting confidential personal information from a user by pretending to be a serious provider (e.g. bank, eBay)

  15. History of phishing Björn Bittins - FHTW Spam / Phishing 1990‘s: AOL accounts were stolen to share illegal content (warez) 2001: first known phishing attack against payment service (E-gold) since 2004: phishing is recognized as fully industrialized part of crime scene

  16. Types / Functionality Björn Bittins - FHTW Spam / Phishing • email phishing • sending mails that look trustworthy to user • “man in the middle” – attack • uses trojan horses to intercept personal information

  17. Types / Functionality Bjoern Bittins Sebastian Kuehnau

  18. Types / Functionality Björn Bittins - FHTW Spam / Phishing • email phishing • sending mails that look trustworthy to user • “man in the middle” – attack • uses trojan horses to intercept personal information

  19. Types / Functionality Bjoern Bittins Sebastian Kuehnau

  20. Counteraction / Protection Björn Bittins - FHTW Spam / Phishing • phishing filter • compares website with a black list • senses typical criteria of phishing mails • avoid clicking on links from untrustworthy sources • be sensible in publishingprivate data

  21. Counteraction / Protection Bjoern Bittins Sebastian Kuehnau

  22. Damage Björn Bittins - FHTW Spam / Phishing • wide range of damage possible • denial of access to mail account • identitytheft (used to commit crime) • financial loss • US 04-05: 1.2 mio user suffered loss of $ 929mio • UK losses by bank fraud (mostly phishing) • 2004: £ 12.2mio  2005: £ 23.2mio • Forrester survey (2005) • “trillion dollar problem”

  23. Facts / Statistics Björn Bittins - FHTW Spam / Phishing 2004: one in every 943 mails 2005: one in every 304 mails

  24. Facts / Statistics 2 origin of phishing attacks Björn Bittins - FHTW Spam / Phishing

  25. Summary Björn Bittins - FHTW Spam / Phishing getting confidential personal information email phishing / “man in the middle” – attacks amount of phishing attacks grows phishing filter / user awareness wide range of damage

  26. The End Questions? Björn Bittins - FHTW Spam / Phishing

  27. Sources http://www.forrester.com http://www.bsi.de http://www.spamhaus.org http://www.spampolitik.de http://en.wikipedia.org Björn Bittins - FHTW Spam / Phishing

More Related