Presentation is loading. Please wait.

Presentation is loading. Please wait.

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

Published byLiliana Baldwin Modified over 8 years ago

Similar presentations

Presentation on theme: "Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain."— Presentation transcript:

1 Spoofing The False Digital Identity

2 What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain unauthorized access to a user's private information.

3 IP Spoofing  IP Spoofing  IP spoofing is the act of manipulated the headers in a transmitted message to mask a hackers true identity so that the message could appear as though it is from a trusted source.  Source: http://www.securityfocus.com/info cus/1674 http://www.securityfocus.com/info cus/1674 http://www.securityfocus.com/info cus/1674

4 Attacks  Man-in-the-Middle attack  In a Man-in-the-Middle attack, the message sent to a recipient is intercepted by a third- party which manipulates the packets and resends it own message.  Denial of Service (DoS) Attack  A DoS attack is when a attacker floods a system with more packets than its resources can handle.

5 Solutions  Monitoring packets using network monitoring software.  Installing a filtering router

6 URL Spoofing  URL spoofing occurs when one website poses as another. The URL address displayed appears to be legitimate but is not the actual URL of the site.  For example the URL www.chase.com may be displayed in the website however information is sent to an entirely different location. www.chase.com

7 Attacks  Phishing  Using a Fraudulent site to obtain sensitive information

8 Solutions  Browser security patches

9 Email Spoofing  Altering the header of an email so that the email appears to be sent from someone else

10 Really?

11

12  Usage:  Cause confusion or discredit a person  Social engineering (phishing)  Hide the identity of the sender (spamming)  Relay replies of your own messages to a different mailbox

13  How can you find out if an email is spoofed?  Check the content of the email:  Is the content weird in some way, or really unexpected from the sender?  Does it contain a form?  Does it request to either confirm or update login or any kind of information?  Check the header of the email Detection

14  What if someone pretends to be me?  You can’t really do anything  How do you prevent it?  Do not post your email address on boards, forums or chats  Do not use your email address as a username to login to a site  Have separate addresses for different online activities

15  What makes email spoofing possible?  It is easy to spoof email because SMTP (Simple Mail Transfer Protocol) lacks authentication. If a site has configured the mail server to allow connections to the SMTP port, anyone can connect to the SMTP port of a site and (in accordance with that protocol) issue commands that will send email that appears to be from the address of the individual's choice; this can be a valid email address or a fictitious address that is correctly formatted. www.cert.org

16  Yahoo! – DomainKeys – “Internet standard from Yahoo! that lets us confirm whether emails are really from their claimed domain “ Prevention

17  CertifiedMail  CertifiedMail's Secure Email System for in- house use enhances your existing email system by providing secure, trackable delivery of e-mail messages to any Internet recipient. Prevention

18 -Mail Server Authentication -Digitally Signed Email with Desktop Verification -Digitally Signed Email with Gateway Verification -Mail Server IP Verification www.antiphishing.org Prevention

Download ppt "Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain."

Similar presentations

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.

Cross-Site Scripting Issues and Defenses Ed Skoudis Predictive Systems © 2002, Predictive Systems.
ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.

ITIS 1210 Introduction to Web-Based Information Systems Chapter 44 How Firewalls Work How Firewalls Work.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.

How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing emails are designed.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.
Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.

Intrusion Detection and Hackers Exploits IP Spoofing Attack Yousef Yahya & Ahmed Alkhamaisa Prepared for Arab Academy for Banking and Financial Sciences.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Hacking Presented By :KUMAR ANAND SINGH 04-243,ETC/2008.

Hacking Presented By :KUMAR ANAND SINGH ,ETC/2008.
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.

Security Awareness: Applying Practical Security in Your World, Second Edition Chapter 5 Network Security.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.

 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 

11 SECURING INTERNET MESSAGING Chapter 9. Chapter 9: SECURING INTERNET MESSAGING2 CHAPTER OBJECTIVES  Explain basic concepts of Internet messaging. 
© 2007 Convio, Inc. Implementation of Yahoo DomainKeys Bill Pease, Chief Scientist Convio.

© 2007 Convio, Inc. Implementation of Yahoo DomainKeys Bill Pease, Chief Scientist Convio.
Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Networks and Security. Types of Attacks/Security Issues  Malware  Viruses  Worms  Trojan Horse  Rootkit  Phishing  Spyware  Denial of Service.

Similar presentations

Ads by Google