DOCSLIB.ORG

Spear Phishing

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Spear Phishing 9 SearchSecurity g spear phishing Posted by Margaret Rouse WhatIs.com c s o n Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source... (Continued) Email and LOOKING FOR SOMET HING ELSE? messaging T e chnique s f or gat he ring re quire me nt s in Agile scrum threats 0 SOA t re nds: From microse rvice s t o appde v, what t o e xpe ct in 2015 se condary st orage RELAT ED T OPICS Email Security Guidelines… e T ECHNOLOGIES Phishing + Show More 1 Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking 2 unauthorized access to confidential data. Spear phishing attempts are not typically initiated by "random hackers" but are more likely to be conducted by perpetrators out for financial gain, trade f secrets or military information. As with the e-mail messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source of the e-mail is likely to be an individual within the recipient's own company and generally someone in a position of authority. Visiting West Point teacher and National Security Agency expert Aaron Ferguson calls it the "colonel effect." To illustrate his point, Ferguson sent out a message to 500 cadets asking them to click a link to verify grades. Ferguson's message appeared to come from a Colonel Robert Melville of West Point. Over 80% of recipients clicked the link in the message. In response, they received a notification that they'd been duped and warning that their behavior could have resulted in downloads of spyware, Trojan horse s and/or other malware. Most people have learned to be suspicious of unexpected requests for confidential information and will not divulge personal data in response to e-mail messages or click on links in messages unless they are positive about the source. The success of spear phishing depends upon three things: The apparent source must appear to be a known and trusted individual, there is information within the message that supports its validity, and the request the individual makes seems to have a logical basis. Pro+ E-Handbook Features 7 The transformation of wireless network security E-Zine x 2014 Security 7 Award Winners Enjoy the benef its of Pro+ E-Zine membership, learn more and x Security Readers' Choice Awards 2014 join. Here's one version of a spear phishing attack: The perpetrator finds a web page for their target organization that supplies contact information for the company. Using available details to make the message seem authentic, the perpetrator drafts an e-mail to an employee on the contact page that appears to come from an individual who might reasonably request confidential information, such as a network administrator. The email asks the employee to log into a bogus page that requests the employee's user name and password or click on a link that will download spyware or other malicious programming. If a single employee falls for the spear phisher's ploy, the attacker can masquerade as that individual and use social engineering techniques to gain further access to sensitive data. This was first publishe d in March 2011 m Continue Reading About spear phishing A Wall Street Journal article explains more about spear phishing. ∙ SearchOpenSource.com offers advice on how to combat spear phishing. ∙ Microsoft.com compares spear phishing with ordinary phishing expeditions. The New York Times describes a case of spear phishing. RSA SecurID breach began with spear phishing attack ∙ qGlossary 'spear phishing' is part of the: Email and messaging Glossary Internet applications Glossary Malware Glossary Network security Glossary Security management Glossary View All Definitions Related Terms Operation Phish Phry Operation Phish Phry is a cybercrime investigation carried out by the United States Federal Bureau of Investigation (FBI), the ... See complete definitionq Rock Phish Rock Phish is both a phishing toolkit and the entity that publishes the kit, either a hacker, or, more likely, a sophisticated ... See complete definitionq whaling Whaling is a type of fraud that targets high-profile end users such as C-level corporate executives, politicians and celebrities. See complete definitionq m Dig deeper on Email and Messaging Threats (spam, phishing, instant messaging) ALL N E W S GE T ST AR T E D E V ALU AT E MAN AGE PR OBLE M SOLV E 3 Spear phishing attack led to ICANN Targeted Cyber Attacks 2compromise 2 Copy of Security Readers' Choice Security Readers' Choice Awards 2Awards 2014: Email security 22014: Email security products products Load More z 0 comments Oldest 5 Share your comment Register or Login E-Mail [email protected] Username / Password Username Password By submitting you agre e to re ce ive e mail from Te chTarge t and its partne rs. If Comment you re side outside of the Unite d State s, you conse nt to having your pe rsonal data transfe rre d to and proce sse d in the Unite d State s. Privacy -ADS BY GOOGLE Best Load Balancing & SSL arraynetworks.com/ Not affected by Heartbleed, lowest SSL TPS cost & Robust Feature Set. Latest TechTarget resources SearchCloudSecurity CLOUD SECURITY CSA to closely monitor enterprise A2cloud data privacy issues in 2015 NETWORKING CIO CONSUMERIZATION The Cloud Security Alliance says cloud data privacy has ENTERPRISE DESKTOP emerged as a top issue for industry amid Microsoft's battle with the U.S.... CLOUD COMPUTING COMPUTER WEEKLY An introduction to Docker and its 2effect on enterprise cloud security Docker provides improvements for application virtualization, but what does it mean for security? Expert Ed Moyle offers an intro ... About Us Advertisers Reprints Contact Us Business Partners Archive Privacy Policy Media Kit Site Map Videos Corporate Site Events Photo Stories Experts E-Products Guides Shon Harris CISSP training All Rights Re se rve d, copyright 2000 - 2015, Te chTarge t .
Load more

Recommended publications
  • The Economics of Online Crime
    Journal of Economic Perspectives—Volume 23, Number 3—Summer 2009—Pages 3–20 The Economics of Online Crime Tyler Moore, Richard Clayton, and Ross Anderson he economics of information security has recently become a thriving and fast-moving discipline. This field was kick-started in 2001 by the observa- T tion that poorly aligned incentives explain the failure of security systems at least as often as technical factors (Anderson, 2001). As distributed computing systems are assembled from machines controlled by principals with divergent interests, microeconomic analysis and game-theoretic analysis become just as im- portant for dependability as protocol analysis or cryptanalysis. The economic approach not only provides a more effective way of analyzing straightforward information-security problems such as privacy, spam, and phishing, but also gives insights to scholars of system dependability, conflict, and crime. An annual Work- shop on the Economics of Information Security (WEIS) was established in 2002. The field now involves over 100 active researchers; the subject has drawn together security engineers, economists, and even lawyers and psychologists. For a survey of security economics in general, see Anderson and Moore (2006). This paper will focus on the subject of online crime, which has taken off as a serious industry since about 2004. Until then, much of the online nuisance came from amateur hackers who defaced websites and wrote malicious software in pursuit of bragging rights. In the old days, electronic fraud was largely a cottage y Tyler Moore is a Postdoctoral Fellow, Center for Research on Computation and Society (CRCS), Harvard University, Cambridge, Massachusetts. Richard Clayton is an Industrial Research Fellow and Ross Anderson is Professor of Security Engineering, both at the Computer Laboratory, University of Cambridge, Cambridge, England.
    [Show full text]
  • Fraud: Everything Old Is New Again Tough Times Bring out Tried & True Tricks from Fraudsters
    Fraud: Everything Old is New Again Tough Times Bring out Tried & True Tricks from Fraudsters I once heard a line on – of all places – sports talk radio, and it’s stuck with me through the years, especially during the past one. “Tough times don’t build character, they reveal it.” Well, there’s no question the past year has brought tough times to all Tom Field of us, and as for some of the fraudulent characters they’ve revealed? Editorial Director Whew! It seems like every tried-and-true fraud scheme is back these days with a vengeance, as criminals renew their efforts to deprive us of our financial and informational assets. The only difference: In- stead of focusing on only one fraud channel, criminals today tend to be attempting multiple entry points simultaneously. Everything old is new again, and it’s coming at you all at once! I trust you’ll enjoy the articles, interviews and opinion pieces we’ve collected here, and I welcome hearing from you after you’ve soaked in some of this information. What are the fraud schemes you’re seeing most this year? How are you educating your customers to avoid them? Where have you had success thwarting the fraudsters? The tough times will get better. Fraud, alas, won’t go away. We just have to make sure that we – like the criminals – get smarter, organized and educated. It’s going to be a long fight, but we can win it. Best, Tom Field Editorial Director, Information Security Media Group [email protected] Volume 1, Issue 5 IN THIS ISSUE..
    [Show full text]
  • Financial Fraud: a Literature Review
    A Service of Leibniz-Informationszentrum econstor Wirtschaft Leibniz Information Centre Make Your Publications Visible. zbw for Economics Reurink, Arjan Working Paper Financial fraud: A literature review MPIfG Discussion Paper, No. 16/5 Provided in Cooperation with: Max Planck Institute for the Study of Societies (MPIfG), Cologne Suggested Citation: Reurink, Arjan (2016) : Financial fraud: A literature review, MPIfG Discussion Paper, No. 16/5, Max Planck Institute for the Study of Societies, Cologne This Version is available at: http://hdl.handle.net/10419/141282 Standard-Nutzungsbedingungen: Terms of use: Die Dokumente auf EconStor dürfen zu eigenen wissenschaftlichen Documents in EconStor may be saved and copied for your Zwecken und zum Privatgebrauch gespeichert und kopiert werden. personal and scholarly purposes. Sie dürfen die Dokumente nicht für öffentliche oder kommerzielle You are not to copy documents for public or commercial Zwecke vervielfältigen, öffentlich ausstellen, öffentlich zugänglich purposes, to exhibit the documents publicly, to make them machen, vertreiben oder anderweitig nutzen. publicly available on the internet, or to distribute or otherwise use the documents in public. Sofern die Verfasser die Dokumente unter Open-Content-Lizenzen (insbesondere CC-Lizenzen) zur Verfügung gestellt haben sollten, If the documents have been made available under an Open gelten abweichend von diesen Nutzungsbedingungen die in der dort Content Licence (especially Creative Commons Licences), you genannten Lizenz gewährten Nutzungsrechte.
    [Show full text]
  • Computer Viruses and Other Malicious Software
    _it E d e it s io w n o Computer Viruses and Other Malicious r yl Software B n O O e D A THREAT TO THE INTERNET ECONOMY da l C u The Internet has become a powerful tool for enhancing innovation and productivity. E e e Nevertheless, the increasing dependence on the Internet and other communication O R s networks means the Internet has also become a popular and efficient way to spread n e computer viruses and other types of malicious software (malware). A r tu Malware attacks are increasing in both frequency and sophistication, thus posing a L e c serious threat to the Internet economy and to national security. Concurrently, efforts to fight malware are not up to the task of addressing this growing global threat; malware Software Malicious Other and Viruses Computer Computer Viruses and response and mitigation efforts are essentially fragmented, local and mainly reactive. A wide range of communities and actors – from policy makers to Internet Service Other Malicious Software Providers to end users – all play a role in combating malware. But there is still limited knowledge, understanding, organisation and delineation of the roles and responsibilities A THREAT TO THE INTERNET of each of these actors. Improvements can be made in many areas, and international ECONOMY co-operation would benefit greatly in areas such as: proactive prevention (education, guidelines and standards, research and development); improved legal frameworks; E-COMMERCER THIRD FOURTH FIFTH FIRST SECOND THIRD FOURTH FIFTH FIRST SECOND THIRD FOURTH FIFTH FIRST stronger law enforcement; improved tech industry practices; and better alignment of CYBERCRIME SECURITY E-COMMERCE THIRD SECOND FIRST FIFTH FOURTH THIRD SECOND FIRST FIFTH FOURTH THRID SECOND FIRST FIFTH FOURTH economic incentives with societal benefits.
    [Show full text]
  • Taking Down Websites to Prevent Crime
    Taking Down Websites to Prevent Crime Alice Hutchings, Richard Clayton and Ross Anderson Computer Laboratory University of Cambridge Cambridge CB3 0FD Email: fi[email protected] Abstract—Website takedown has been used to disrupt criminal affected [35], [36]. Moore and Clayton [33] examined the activities for well over a decade. Yet little is known about its effects of website takedown on phishing, and found that it overall effectiveness, particularly as many websites can be re- is helpful, but it cannot completely mitigate phishing attacks placed rapidly and at little cost. We conducted lengthy interviews with a range of people actively engaged in website takedown, as it will never be instantaneous. including commercial companies that offer specialist services, organisations targeted by criminals, UK law enforcement and II. RESEARCH QUESTIONS service providers who respond to takedown requests. We found We interviewed key players who are actively engaged in that law enforcement agencies are far less effective at takedown than commercial firms, who get an awful lot more practice. the website takedown process to explore the issues with it in We conclude that the police must either raise their game, or depth. The questions we tackle in this research are: subcontract the process. 1) How do websites differ according to their criminal purpose? I. INTRODUCTION 2) What organisations are involved in website takedown? Website takedown is a key tool used by financial institutions 3) How are websites taken down? to defend against ‘phishing’ – the use of fraudulent websites 4) What are the challenges with website takedown? to steal customer credentials [33].
    [Show full text]
  • Financial Fraud a Literature Review Arjan Reurink
    MPIfG Discussion Paper 16/5 Financial Fraud A Literature Review Arjan Reurink MPIfG Discussion Paper MPIfG Discussion Paper Arjan Reurink Financial Fraud: A Literature Review MPIfG Discussion Paper 16/5 Max-Planck-Institut für Gesellschaftsforschung, Köln Max Planck Institute for the Study of Societies, Cologne May 2016 MPIfG Discussion Paper ISSN 0944-2073 (Print) ISSN 1864-4325 (Internet) © 2016 by the author About the author Arjan Reurink is a doctoral researcher at the Max Planck Institute for the Study of Societies, Cologne. Email: [email protected] Downloads www.mpifg.de Go to Publications / Discussion Papers Max-Planck-Institut für Gesellschaftsforschung Max Planck Institute for the Study of Societies Paulstr. 3 | 50676 Cologne | Germany Tel. +49 221 2767-0 Fax +49 221 2767-555 www.mpifg.de [email protected] Reurink: Financial Fraud: A Literature Review iii Abstract This paper describes the empirical universe of financial fraud as it has been documented in the academic literature. More specifically, it describes the different forms of fraudulent behavior in the context of financial market activities, the prevalence and consequences of such behavior as identified by previous research, and the economic and market structures that scholars believe facilitate it. To structure the discussion, a conceptual distinction is made between three types of financial fraud: financial statement fraud, financial scams, and fraudulent financial mis-selling. What emerges is a picture of financial fraud as a complex phenomenon that can take very different
    [Show full text]
  • Improving Phishing Countermeasures: an Analysis of Expert Interviews
    > FOR CONFERENCE-RELATED PAPERS, REPLACE THIS LINE WITH YOUR SESSION NUMBER, E.G., AB-02 (DOUBLE-CLICK HERE) < 1 Improving Phishing Countermeasures: An Analysis of Expert Interviews Steve Sheng,1 Ponnurangam Kumaraguru,2 Alessandro Acquisti,3 Lorrie Cranor,1, 2 and Jason Hong2 1Department of Engineering and Public Policy, Carnegie Mellon University, Pittsburgh PA 15213 USA 2School of Computer Science, Carnegie Mellon University, Pittsburgh PA 15213 USA 3Heinz School of Public Policy, Carnegie Mellon University, Pittsburgh PA 15213 USA In this paper, we present data from 31 semi-structured interviews with anti-phishing experts from academia, law enforcement, and industry. Our analysis led to eight key findings and 18 recommendations to improve phishing countermeasures. Our findings describe the evolving phishing threat, stakeholder incentives to devote resources to anti-phishing efforts, what stakeholders should do to most effectively address the problem, and the role of education and law enforcement. Index Terms—anti-phishing, expert interview, electronic crime. countermeasures that should be implemented to fight phishing I. INTRODUCTION more effectively, and incentives that various stakeholders have HISHING is a widespread problem that is impacting both in their fight against phishing. business and consumers. In November 2007, MessageLabs The experts we interviewed agreed that phishing is evolving Pestimated that 0.41% of the 3.3 billion emails going into a more organized effort. It is becoming part of a larger through their system each day were phishing emails [1]. crime eco-system, where it is increasingly blended with Microsoft Research recently estimated that 0.4% of email malware and used as a gateway for other attacks.
    [Show full text]
  • Priority Development Assistance Fund Scam
    Priority Development Assistance Fund scam From Wikipedia, the free encyclopedia The Priority Development Assistance Fund scam, also called the PDAF scam or the pork barrel scam, is a political scandal involving the alleged misuse by several members of the Congress of the Philippines of their Priority Development Assistance Fund (PDAF, popularly called "pork barrel"), a lump-sum discretionary fund granted to each member of Congress for spending on priority development projects of the Philippine government, mostly on the local level. The scam was first exposed in the Philippine Daily Inquirer on July 12, 2013,[1] with the six-part exposé of the Inquireron the scam pointing to businesswoman Janet Lim-Napoles as the scam's mastermind after Benhur K. Luy, her second cousin and former personal assistant, was rescued by agents of theNational Bureau of Investigation on March 22, 2013, four months after he was detained by Napoles at her unit at the Pacific Plaza Towers in Fort Bonifacio.[2] Initially centering on Napoles' involvement in the 2004 Fertilizer Fund scam, the government investigation on Luy's testimony has since expanded to cover Napoles' involvement in a wider scam involving the misuse of PDAF funds from 2003 to 2013. It is estimated that the Philippine government was defrauded of some ₱10 billion in the course of the scam,[1] having been diverted to Napoles, participating members of Congress and other government officials. Aside from the PDAF and the fertilizer fund maintained by the Department of Agriculture, around ₱900 million
    [Show full text]
  • Cybercrimes in the Former Soviet Union and Central and Eastern Europe: Current Status and Key Drivers
    Cybercrimes in the Former Soviet Union and Central and Eastern Europe: Current Status and Key Drivers By: Nir Kshetri Kshetri, Nir (2013). “Cybercrimes in the Former Soviet Union and Central and Eastern Europe: Current Status and Key Drivers,” Crime, Law and Social Change, 60(1), pp 39-65. The final publication is available at http://link.springer.com/article/10.1007%2Fs10611- 013-9431-4. ***Reprinted with permission. No further reproduction is authorized without written permission from Springer Verlag. This version of the document is not the version of record. Figures and/or pictures may be missing from this format of the document. *** Abstract: Some economies in the Former Soviet Union and Central and Eastern Europe (FSU&CEE) are known as cybercrime hotspots. FSU&CEE economies have shown complex and varied responses to cybercrimes due partly to the differential incentives and pressures they face. This study builds upon literatures on white-collar crime, institutional theory and international relations (IR)/international political economy (IPE) perspectives to examine the low rates of prosecution and conviction of suspected cybercriminals in some economies in the FSU&CEE and variation in such rates across these economies. The findings indicate that cybercrime cases are more likely to be prosecuted and sanctions are imposed in economies that are characterized by a higher degree of cooperation and integration with the West. Cybercriminals are less likely to be jurisdictionally shielded in such economies. Our findings also suggest that a high degree of cooperation and integration with the West would lead to access to resources to enhance system capacity and law enforcement performance to fight cybercrimes.
    [Show full text]
  • Leveraging the Multi-Disciplinary Approach to Countering Organised Crime
    Leveraging The Multi-Disciplinary Approach to Countering Organised Crime Anna Cevidalli Technical Report RHUL{MA{2010{06 31st March 2010 Department of Mathematics Royal Holloway, University of London Egham, Surrey TW20 0EX, England http://www.rhul.ac.uk/mathematics/techreports ROYAL HOLLOWAY MSc PROJECT Anna Cevidalli Student Number: 100630541 Supervisor: John Austen Leveraging The Multi-Disciplinary Approach to Countering Organised Crime An Evaluation for Information Security and Business Professionals SEPTEMBER 2009 Submitted as part of the requirements for the award of the MSc in Information Security at Royal Holloway, University of London. I declare that this assignment is all my own work and that I have acknowledged all quotations from the published or unpublished works of other people. I declare that I have also read the statements on plagiarism in Section 1 of the Regulations Governing Examination and Assessment Offences and in accordance with it I submit this project report as my own work. Signature Date ACKNOWLEDGEMENTS I would like to thank the staff at Royal Holloway and especially John Austen, my Project Supervisor, for their invaluable support and assistance in completing this project. ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- Anna Cevidalli RHUL MSc Project – September 2009 (Main Document) TABLE OF CONTENTS 1 INTRODUCTION.....................................................................................................................1
    [Show full text]
  • Kochheim, Cybercrime Und Cyberwar
    Dieter Kochheim Cybercrime und Cyberwar Dieter Kochheim Cybercrime und Cyberwar 1941... 43 D, GB, USA Z3, ENIAC, Colossus 1957 USA Phreaking 1963 USA Telefonanlagen-Hacking ~ 1966 „akademisches“ Hacking 1969 USA ARPANET 1976 Dokumentation des Hacker-Jargons 1978 USA 1. Spam 1981 D Chaos Computer Club 1982 Virus für Apple 1984 D CCC: Onlinebanking-Manipulation (Demo) USA Hackermagazin „2600-Magazine“ USA Cult of the Dead Cow 1985 D KGB-Hack Gotcha: Trojaner löscht Festplatte 1986 Bootvirus für DOS 1987 Lehigh: speicherresidenter Virus 2 von 24 © Dieter Kochheim, 17.11.10 Dieter Kochheim Cybercrime und Cyberwar Mitnick: Kunst des Einbruchs (2005) Stoll: Kuckucksei (1989) Telefondienste, Spielautomaten, Zwischen 1985 und 1989 drang die modernes Hacking hannoversche Hackergruppe um Karl Koch und Markus Hess im ders.: Kunst der Täuschung (2003) Auftrag des KGB auf der Suche nach nützlichen Informationen soziale Techniken, weltweit in verschiedene Social Engineering Computersysteme des Militärs, von Hochschulen und Unternehmen ein. 3 von 24 © Dieter Kochheim, 17.11.10 Dieter Kochheim Cybercrime und Cyberwar 1989 Rus Virenepidemie 1990 polymorpher Virus Bulgarien Hacker-Fabriken 1995 D SoftRAM USA 2600-Magazine, bösartige Codes: WM/Cap, W32/Donut, W2K/Stream, W64/Rugrat, SymbOS/Cabir China Webseite: Voice of the Dragon 1996 USA Cult of the Dead Cow ... 2002 USA Gambino-Familie: Pornographie im Internet D Phishing 1997 China Goodwell gründet die Green Army (3.000 Mitgl.) D Dialer 1998 Rus Virus-Fabriken D Grabbing Napster. Filesharing 4 von 24 © Dieter Kochheim, 17.11.10 Dieter Kochheim Cybercrime und Cyberwar Paget: Paget: Mehrere Mitglieder der Gambino- In Russland begann der Hacking- Familie gestanden 2005, von 1996 Boom 1998 infolge der Finanzkrise.
    [Show full text]
  • Improving Phishing Countermeasures: an Analysis Ofexpert Interviews
    Improving Phishing Countermeasures: An Analysis ofExpert Interviews 2 2 Steve Sheng,' Ponnurangam Kumaraguru.i Alessandro Acquisti;' Lorrie Cranor, 1, and Jason Hong 'Department ofEngineering and Public Policy, Carnegie Mellon University, Pittsburgh PA 15213 USA 2School ofComputer Science, Carnegie Mellon University, Pittsburgh PA 15213 USA 3Heinz School ofPublic Policy, Carnegie Mellon University, Pittsburgh PA 15213 USA In this paper, we present data from 31 semi-structured interviews with anti-phishing experts from academia, law enforcement, and industry. Our analysis led to eight key findings and 18 recommendations to improve phishing countermeasures. Our findings describe the evolving phishing threat, stakeholder incentives to devote resources to anti-phishing efforts, what stakeholders should do to most effectively address the problem, and the role of education and law enforcement. Index Terms-anti-phishing, expert interview, electronic crime. more effectively, and incentives that various stakeholders have I. INTRODUCTION in their fight against phishing. PHISHING is a widespread problem that is impacting both The experts we interviewed agreed that phishing is evolving business and consumers. In November 2007, MessageLabs into a more organized effort. It is becoming part of a larger estimated that 0.41% of the 3.3 billion emails going through crime eco-system, where it is increasingly blended with their system each day were phishing emails [1]. Microsoft malware and used as a gateway for other attacks. Some of the Research recently estimated that 0.4% of email recipients are experts suggested that incentives for fighting phishing may be victimized by phishing attacks [2]. The annual cost to misaligned, in the sense that the stakeholders who are in a consumers and businesses due to phishing in the US alone is position to have the largest impact do not have much incentive estimated to be between $350 million and $2 billion [3].
    [Show full text]