Presentation is loading. Please wait.

Presentation is loading. Please wait.

Detecting Phishing Attacks: Theory, Cues, and Practice CSU PDI Steve Lovaas January 8, 2010.

Published byErick Harvey Modified over 9 years ago

Similar presentations

Presentation on theme: "Detecting Phishing Attacks: Theory, Cues, and Practice CSU PDI Steve Lovaas January 8, 2010."— Presentation transcript:

1 Detecting Phishing Attacks: Theory, Cues, and Practice CSU PDI Steve Lovaas January 8, 2010

2 Overview What is phishing Overview of the problem Evolution of the attacks How to tackle the problem Awareness & Attitude Clues Practice

3 What is “Phishing”? From: Directeur de la recherche technique, Université de la Sorbonne (Allez478345@gmail.de)Allez478345@gmail.de To: Steve Lovas (steven.lovaas@colostate.edu)steven.lovaas@colostate.edu Subject: Pressant! Veuillez taper votre mot de passe:

4 Official Definitions Social engineering: the act of manipulating people into performing actions or divulging confidential information. Phishing: social engineering in the form of fraudulent/deceptive email, typically requesting personal/financial information or access credentials

5 Practical Definitions Trying to trick you into doing something Exploiting established trust or trusting nature Hoping you won’t pay adequate attention “Please send me your username, password, bank account number, credit card number, and SSN…”

6 Phishing Factors Deceptive email, usually broadly distributed Addresses, subject, attachments, and message text can all utilized to deceive… – “Spoof” of a familiar source – “Reply-to” that is different than “From” – Emotional appeals – Current social issues, breaking news – Appeal to entertainment, profit, etc. – Money for nothing (too good to be true) – DIRE CONSEQUENCES IN ALL CAPS – Spelling errors – Bad grammar Technical cues Contextual cues Linguistic (syntactical) cues

7 Recent Evolution of Tactics Spearphishing – From a carefully chosen source you should know – Targeted specifically at members of an organization – Graphics, style, tone carefully chosen to look right – Becoming more common More, better graphics – More visual content = more likely to trust – Media-rich content plays to our habits, tendencies – Eventual inclusion of audio, video?

8 So What’s Going On? SenderMessageChannel Encoding Decoding by many different receivers Smells like phish Tendency to trust Empathy Technical understanding Culture Social norms Previous experience with sender

9 How to Tackle the Problem? Technical defenses Technical/social environment Social norms User education/awareness User attitude

10 Protection Points SenderMessageChannel Encoding Decoding by many different receivers Smells like phish Tendency to trust Empathy Technical understanding Culture Social norms Previous experience with sender Anti-virus, Anti-spam Digital signatures Individual education Building organizational norms Highlighting Current Attacks

11 Focus on Awareness & Attitude Awareness (our focus here today) – Knowledge of the problem – Knowledge of the tactics – Ability to recognize attacks (cues) Attitude (WHY you’re here today) – Inclination to act – Tendencies to trust or be suspicious – Default behaviors Of course our ultimate goal is behavior (don’t fall victim)… but we can hope to achieve that by working on:

12 Clues/Cues in the Message What are some features of messages that can clue you in to a phishing attack? Things that make you go “hmm…”

13 Some Practice @ulster.ac.uk “mailbox capacity Account” (?) Impersonal greeting Grammar! NEVER do this! Bates?? We don’t have anything called “Webmail Helpdesk” Expires in 4 days? @live.com

14 From: webmaster@ecsi.net [mailto:webmaster@ecsi.net] Sent: Thursday, December 11, 2008 10:00 AM To: Samaniego,Rosalie Subject: Electronic Tax Document Signup For Colorado State University This email has been sent by Colorado State University / ECSI asking for your consent to receive notification of your 1098-T tax form electronically. If you would like to receive notification electronically please give your consent by following the link below, logging in, and following the instructions. If you would like to receive a paper copy of your 1098-T form, do nothing. The benefits to receiving electronic notification are: * Online delivery provides access to the form 1098-T earlier than the traditional mailing process. * Online delivery eliminates the chance that the 1098-T will get lost, misdirected or delayed during delivery, or misplaced once the student receives it. * Signing up for online delivery is easy and secure. * Students can receive their 1098-T form even while traveling or on assignment away from their home address. To give consent to receive your notification electronically, log in to the SECURE website below using the given information: Step 1: Website: https://www.ecsi.net/myacct School Code: JW Account : (your Social Security Number or Student ID) Password : 76954 Step 2: Under Account Tools: Click "Signup for Electronic Tax Documents" Step 3: Read information, check the consent box, verify your email address, and click the submit button. Thank you for your response. ECSI's 1098-T Project Manager, Mike Trombetta webmaster@ecsi.net ECSI: Service Never Rests 181 Montour Run Road | Coraopolis, PA 15108 v 866.428.1098 | f 866.291.5384 | www.ecsi.net More Practice Who is ecsi.net? Request for financial transaction Sent to a real user, but no personalized greeting, generic message Apparently wants my SSN?? Use a password in the email? No mention of anyone from CSU

15 Summary NEVER send your username/password in email – or your CC#, SSN, etc. Avoid clicking URLs directly from an email If it claims to be from ACNS, look for a digital signature If an email looks suspicious, ask your IT person Listen to the little voice in your head!

Download ppt "Detecting Phishing Attacks: Theory, Cues, and Practice CSU PDI Steve Lovaas January 8, 2010."

Similar presentations

How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
1 Online Self-Defense: Avoiding Email Scams Chau Mai December 5, 2013.

1 Online Self-Defense: Avoiding Scams Chau Mai December 5, 2013.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
National Service Trust Automation Project Training Materials: Members and Alumni Corporation for National & Community Service (CNCS) National Service Trust.

National Service Trust Automation Project Training Materials: Members and Alumni Corporation for National & Community Service (CNCS) National Service Trust.
What is identity theft, and how can you protect yourself from it?

What is identity theft, and how can you protect yourself from it?
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”

Social Engineering PA Turnpike Commission. “Social Engineering is the practice of obtaining confidential information by manipulation of legitimate users”
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
{ Email Etiquette Handbook. Feature Creating an email Font, colour and sizes etc Sending an email Sending using Cc Sending using Bcc Creating a signature.

{ Etiquette Handbook. Feature Creating an Font, colour and sizes etc Sending an Sending using Cc Sending using Bcc Creating a signature.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Email Evidence By Jordan Shurety. This I where you write who you are going to send the email to. Cc in an email means carbon copy or courtesy copy. You.

Evidence By Jordan Shurety. This I where you write who you are going to send the to. Cc in an means carbon copy or courtesy copy. You.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.

Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
1 Begin the E Signature Process Here. 2 OPTION 1: Send a secure email to the Insured to E-Sign and Pay Online This is a copy of the e-mail your Insured.

1 Begin the E Signature Process Here. 2 OPTION 1: Send a secure to the Insured to E-Sign and Pay Online This is a copy of the your Insured.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.

Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.

Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
9/8/20151 Voice Mail Training for State Employees Presented by: Stacy Knickerbocker Telecommunications Specialist DOA/ITSD/NTSB 444-4127

9/8/20151 Voice Mail Training for State Employees Presented by: Stacy Knickerbocker Telecommunications Specialist DOA/ITSD/NTSB
This presentation will be all about emails, email etiquette and email software. I will be going through each one of these individually and thoroughly step.

This presentation will be all about s, etiquette and software. I will be going through each one of these individually and thoroughly step.
Reliability & Desirability of Data

Reliability & Desirability of Data

Similar presentations

Ads by Google