SLAC Computer Security Annual Safety and Security Briefing 2006 Presenters Teresa Downey Spear Phishing & Web Security Markers Heather Larrieu Everything Else… Spear Phishing No dangerous pointy objects involved… but they ARE hunting YOU! Spear Phishing – Step by Step
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
Annual Safety and Security Briefing 2006
No dangerous pointy objects involved…
but they ARE hunting YOU!
You cannot see true URL in HTML email
True URL is normally displayed in plain text email
Not a SLAC website!
Security markers are missing…
where is https ?
where is lock in border?
Just a useless picture of a lock to trick you
Faking web sites is very easy!
Well, okay at least…
perils of ordering pizza
Adware and Spyware
Spam usually touting counterfeit goods
Scams, Fraud, Identity Theft
Nigerian 419 scams
Steal some Personally Identifiable Information
Credit card, Bank, Loan fraud
Phone or Utilities fraud
Applying for Government documents or benefits
Magazine subscription (~0.2 % each year!)
Scope of the problem – FTC data (2003-2005)
10 million victims of identity theft in U.S.
Victims spend an average of $1,500 and 175 hours to recover
Not including losses by vendors, merchants, or financial institutionsPersonally Identifiable Information
PII is essentially data that can be used to facilitate identity theft
from Wikipedia on Botnets
POST http://www.XXXXXXXXXXXX.com:80/Software/ShoppingCart/CheckOut.asp?CatID=01&CatName=XXXXXXXX%20XXXXXX%20XX%20XXX%20XXXX&VisitorID=1 HTTP/1.1
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:220.127.116.11) Gecko/20060728 Firefox/18.104.22.168
Cookie: ASPSESSIONIDSCQDDCRC=IIBBDKKBCAOBKBIGABPBHNAI; ASPSESSIONIDCSDTABCC=KCGNNPKBABOIEJKIPBHEJHAH; ASPSESSIONIDSCTDADRC=OAOJABLBFFJKLGIDHPLLMDGM