Agenda (this one!) - PowerPoint PPT Presentation

About This Presentation
Title:

Agenda (this one!)

Description:

This paper will have no conclusions so please pay attention! ( yes, I'm talking to the guys in the back... where the power plugs are :p ) Agenda ... – PowerPoint PPT presentation

Number of Views:135
Avg rating:3.0/5.0
Slides: 12
Provided by: projects7
Category:
Tags: agenda | one | powerplugs

less

Transcript and Presenter's Notes

Title: Agenda (this one!)


1
(No Transcript)
2
Agenda
  1. Agenda (this one!) check!
  2. WW Phishing in the next (6, maybe 12) months
  3. Phishing in Romania (2007-2009)
  4. Why 2 3 ?
  5. The current BitDefender approach
  6. Other important aspects
  7. This paper will have no conclusions slide so
    please pay attention! (yes, Im talking to the
    guys in the back where the power plugs are p )

3
WW Phishing in the next (6 - 12) months
  • APWG on 2nd ½ of 2008
  • Unique phishing reports submitted to APWG 
    recorded a yearly high of 34,758 in October 
  • Unique phishing websites detected by APWG during t
    he second half of 2008 saw a constant increase fro
    m July  and in October reached a maximum
    of 27,739 
  • IT WILL RISE!!,
  • or in Malcom Gladwells words This is going to
    tip (we trust him because he looks Einsteinian!

4
Phishing in Romania (2007-2009)
  • 2007 7 attacks
  • 2008 26 attacks (50 targeting the same
    institution)
  • 2009 187 attacks already (98 targeting the
    same institution)
  • 2009 1st ½ anyone want to make a prediction?
  • Dont be fooled by randomness!

5
Now why would anyone start phishing?
  • With the current market turmoil, what's the
    easiest way to make a small fortune?
  • Start off with a large one!
  • Quote of the day (from a trader) "This is worse
    than a divorce. I've lost half my net worth and I
    still have a wife
  • This market stinks so badthat even Chuck Norris
    cant make any money.

6
Well I bet not anybody can phish!
7
Really is must be more than this!!!
  • Open the yellow pages and pick someone
  • Search his name using a social media
    search-engine
  • If any SN profile found
  • Download images, posts, comments, friend
  • Create a phishing attack customized for this
    exact person.
  • Continue with his friends
  • 4. Complicated? Too much work? Dial 1-800 BOTNET
    for an army of computers to do this for you
  • PS (success comes when the victim has profiles
    on more than one social network)

8
Current BitDefender Approach
  • Technologies
  • RBL
  • Website Forgery Detector
  • Signature Filter
  • Minutiae Analysis
  • Image Filter
  • AntiPharming Module
  • We protect Spain, Germany, France, Italy,
    Romania and US (banks, SN accounts and webmail).
    For now.

9
The Matrix
  ebay paypal citybank whatever
account 2 1 1 2
card 0 1 1 0
user 1 1 1 1
password 2 2 2 2
phishing 1 1 1 1
ebay 1 0 0 0
and so on 2 1 2 1
  • We want to believe that this is proactive!

10
Ignorance is bliss
  • Showing the actual domain on which the page is
    hosted
  • Showing the real page that is being forged
  • Displaying information about the registrar, the
    geographic location where the page is hosted and
    so on.
  • Requiring user confirmation before continuing
    loading the page
  • Certificates challenge.
  • We suggest all that AND, if possible, actually
    redirecting the user to the desired institution

11
  • Are you going to ask me something or
  • I will have to phish for questions???
Write a Comment
User Comments (0)
About PowerShow.com