Phishing, Spyware & Other Internet Threats
May 2005
Jodi Ito Information Security Officer Information Technology Services
On-line Threats
Phishing & Pharming Spyware Viruses & Worms Peer-to-Peer filesharing (P2P)
1 On-line Dangers
Identity theft Financial fraud
Personal safety Compromised computer Loss of information & productivity
At a minimum, these things are a nuisance At the other end of the scale… ???
Delivery Mechanisms
Email containing: Infected attachments Links to compromised websites Infected Web Sites Instant Messaging PDAs Cell phones
2 Definition of “Phishing”
From http://www.wordspy.com/words/phishing.asp:
phishing (FISH.ing) pp. Creating a replica of an existing Web page to fool a user into submitting personal, financial, or password data. -adj.
Phishing
Basic format: Looks legitimate! From a respected organization Asks you to verify personal information through a link Name Address Account number Password Threatens account suspension or non-completion of transaction
3 Anatomy of a “Phish”
Bank of the West http://www.bankofthewest.com
How can you tell if it’s “phishing”?
4 “Bank of the West” Phishing Email
Full Headers of the Message
5 How to view full headers
UH Webmail: Click on the triangle in the header area All other mail programs (Eudora, Outlook, Netscape, etc.): http://www.spamcop.net/fom-serve/cache/19.html
Where does the link go?
6 Deceptive Links
http://www.hawaii.edu Bank of Hawaii
Prevent being “phished”
Be suspicious! Don’t click on links in unsolicited email Don’t give out personal information in response to any unsolicited inquiry Call the organization - but don’t use the phone number given in the email. Check: http://www.antiphishing.org/phishing_archive.html Type in the web address yourself (???)
7 Be Vigilant!
Review banking statements in a timely manner Check your credit reports annually: http://www.annualcreditreport.com Be informed: https://www.paypal.com/security https://www.paypal.com/securitytips http://www.ifccfbi.gov/strategy/fraudtips.asp
What if You’re a Victim?
Contact a credit bureau to report fraud: Equifax: (800) 525-6285 Experian: (888) 397-3742 TransUnion: (800) 680-7289 Close the compromised account File a police report File a complaint with the FTC For more information: http://www.consumer.gov/idtheft/ http://www.idtheftcenter.org
8 Pharming
Like “phishing” BUT instead of hiding the bogus links within the email… Domain Name System (DNS) is compromised (a.k.a. DNS poisoning, DNS hijacking) Doesn’t matter if you type in the URL yourself, you’ll still be directed to the bogus website
Spyware!
Another category of malicious software Installed and runs on your computer Comes in via: Email Pop ads, web sites Peer-to-peer software Games Usually runs without you knowing about it
9 What Does Spyware Do?
Track which websites you visit Send you pop-up ads
Take over your browser Monitor your keystrokes Disable your security software Turn your computer into a “zombie” (bot) Part of DDOS, spam generator For more information on BotNets: http://www.cscic.state.ny.us/msisac/webcasts/05_05/index.htm
How do you know if you’re infected with Spyware?
Your browser opens to a different startup page or goes to a different URL Pop-up ads appearing without you doing anything Computer runs slower New/unfamiliar toolbars Computer exhibits strange behavior with random errors
10 Cleaning Up
Not a simple task Takes time: expect a minimum 4 hours… more depending on severity of infection Back up your data first! Multiple tools Running them multiple times Severe cases require complete re-installation Backup user data Reformat hard drive Reinstall your operating system and applications Update your OS & applications (especially anti-virus software)
Tools
Microsoft Anti-Spyware (beta) http://www.microsoft.com/security/default.mspx (click on “Windows Antispyware” link) Spybot Search & Destroy http://www.safer-networking.org/en/download/ Ad-Aware SE Personal (Lavasoft) http://www.lavasoft.com/ (click on “Download”) Spy Sweeper (Webroot) http://www.webroot.com/downloads/ (free trial) Note: be careful where you download from! Some “anti-spyware” websites actually download spyware.
11 Helpful Hints
Unknown programs found by anti-spyware: Do a web search (google, yahoo, etc.) for more information Be persistent 1. Run a tool 2. Reboot 3. Run another tool 4. Reboot 5. Go to step 1.
Seek professional help
Online Resources
www.firewallguide.com/spyware.htm http://www.microsoft.com/athome/security/ spyware/default.mspx http://www.ftc.gov/bcp/conline/pubs/alerts/ spywarealrt.htm
12 Viruses, Worms, Trojans
ENDLESS!!! New variations of old viruses Library: http://vil.nai.com/vil/ McAfee’s Stinger tool to clean off viruses: http://vil.nai.com/vil/stinger/ Install and update anti-virus software!!! http://www.hawaii.edu/antivirus/
I’m Infected!
Backup your data Update your system Update anti-virus software Clean off the virus Note: update first, then clean. Unpatched systems can get re- infected within minutes.
Contact the ITS Help Desk: [email protected] Oahu: 956-8883 Neighbor Islands: (800) 558-2669
13 Peer-to-Peer Filesharing
Software that allows filesharing among computers without a central file server Popular software: Kazaa, Grokster, eDonkey, iMesh, Bearshare, BitTorrent, LimeWire Sharing more than you know: http://www.cbsnews.com/stories/2005/05/03/e veningnews/main692765.shtml
P2P Problems
Spyware installed w/ P2P software You don’t know what directories are being shared Trading copyrighted information (songs, movies, software) is ILLEGAL http://www.ftc.gov/bcp/conline/pubs/alerts/sharealrt.htm
14 Protecting Your Computer
Update your operating systems!!! Turn on automatic updates Install and update anti-virus software Turn on automatic updates Make sure your accounts are password protected Use “strong” passwords: http://www.hawaii.edu/help/security/ (click on “Password Guidelines”)
Safe Computing Habits
Always update your computer (especially operating system and antivirus) Password protect your computer with strong passwords Never respond to unsolicted requests (by email, instant messages, chat rooms) with your personal information Don’t open unexpected email/attachments especially from strangers
15 More Tips
Download software from reputable sources Don’t click on pop-up ads & be careful of which websites you visit
Use one credit card w/ a low limit for online transactions Use one checking account for online payments Don’t use public computers for personal, financial transactions
Good Privacy Practices
Shred all documents w/ personal information including new credit card offers Monitor your financial statements Watch your mailbox and know when your financial statements are arriving Review your credit report annually
16 Questions?
Jodi Ito [email protected] (808) 956-2400
17