Upload File

how$vulnerable$are$ wetoscams?$ - black...

  • Home
  • Documents
  • How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here
25
How Vulnerable Are We to Scams? Markus Jakobsson TingFang Yen ZapFraud DataVisor

Upload: others

Post on 24-Jun-2020

0 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

How  Vulnerable  Are    We  to  Scams?  

Markus  Jakobsson      Ting-­‐Fang  Yen            ZapFraud                          DataVisor      

Page 2: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

Breaches  +    

Hacking  

Malware  +  

Phishing  

 Scams  

 

   

Iden7ty    The;  

ATO  +  Creden7al  fraud  

Vic7m    ini7ated  payments  

PII  +    

Creden7als  

Page 3: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

Breaches  +    

Hacking  

Malware  +  

Phishing  

 Scams  

 

   

Iden7ty    The;  

ATO  +  Creden7al  fraud  

Vic7m    ini7ated  payments  

PII  +    

Creden7als  

Page 4: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

Breaches  +    

Hacking  

Malware  +  

Phishing  

 Scams  

 

   

Iden7ty    The;  

ATO  +  Creden7al  fraud  

Vic7m    ini7ated  payments  

PII  +    

Creden7als  

Page 5: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

 Scams  

 

   

Iden7ty    The;  

ATO  +  Creden7al  fraud  

Vic7m    ini7ated  payments  

$4B/year    

Es7mated  fraud  loss  in  US  

3.5%  U.S  adult  popula7on  scammed/year  Average  reported  loss  ~$2300  

Page 6: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

SPAM  

Page 7: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

SPAM  

Block  rates  

Hotmail  66%  Yahoo        70%  Gmail    10-­‐98%  

Page 8: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

SPAM  

Block  rates  

Hotmail  66%  Yahoo        70%  Gmail    10-­‐98%  

“Very  Nigerian”  94%  “Sneaky”                          37%  

Page 9: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

SPAM  

Hotmail   Yahoo   Gmail  

427  

Hotmail   Yahoo   Gmail  

Page 10: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

SPAM  

427  

Hotmail   Yahoo   Gmail   Hotmail   Yahoo   Gmail  

Page 11: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

SPAM  

427  

Yahoo   Hotmail   Yahoo   Gmail  

Thanks!  

Page 12: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

SPAM  

427  

Yahoo   Hotmail   Yahoo   Gmail  

Thanks!  

Page 13: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

SPAM   Hotmail   Yahoo   Gmail  

Block  rate:        66%                    70%  

98%  

10%  

Page 14: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

“Does  this  look  risky  to  you?”  

Page 15: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

“What  type  of  risk  is  this    primarily  associated  with?”  

Page 16: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

You  have  exceeded  your  mailbox  quota.  Your  account  will  be  blocked  8  AM  tomorrow  unless  you  request  more  space.  You  can  request  more  space  by  clicking  here.  

Page 17: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

The  recipient  may  get  a  computer  virus.  The  recipient  may  lose  his  password.  This  may  be  a  scam  aimed  at  stealing  your  money.  There  is  no  risk.  The  recipient  may  get  unwanted  adver7sements.  The  recipient’s  account  may  be  blocked  if  she              does  not  pay  aeen7on.      

Page 18: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

The  recipient  may  get  a  computer  virus.  The  recipient  may  lose  his  password.  This  may  be  a  scam  aimed  at  stealing  your  money.  There  is  no  risk.  The  recipient  may  get  unwanted  adver7sements.  The  recipient’s  account  may  be  blocked  if  she              does  not  pay  aeen7on.      

Correct  answer  

Page 19: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

The  recipient  may  get  a  computer  virus.  The  recipient  may  lose  his  password.  This  may  be  a  scam  aimed  at  stealing  your  money.  There  is  no  risk.  The  recipient  may  get  unwanted  adver7sements.  The  recipient’s  account  may  be  blocked  if  she              does  not  pay  aeen7on.      

Reasonable  answer  

Page 20: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

The  recipient  may  get  a  computer  virus.  The  recipient  may  lose  his  password.  This  may  be  a  scam  aimed  at  stealing  your  money.  There  is  no  risk.  The  recipient  may  get  unwanted  adver7sements.  The  recipient’s  account  may  be  blocked  if  she              does  not  pay  aeen7on.      

Naive  answer  

Page 21: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

Naïve  (31%)  

Page 22: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

Naïve  (6%)  

A  “tradi7onal”  Nigerian  Scam    

Page 23: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

Naïve  (56%)  

Targeted  scam  with  complex  structure  

Page 24: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

“I  know  how  to  spot  online  scams”  

Page 25: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here

Email  security  and  user  awareness  


03-Configure User Mailbox in Exchange Server 2013__AD Exchange Mailbox

E-mail: support@agendax › wp-content › uploads › 2015 › 07 › ... · domain on page 5) you can assign the AgendaX Service Account mailbox “Full mailbox permissions” on

QM Mailbox

The Mailbox

User Guide - att.com · 4/9/2019  · AT&T. Voicemail. SM. Services. User Guide - 4. Setting Up Your Mailbox. You have to complete mailbox setup before you can start using your voice

mailbox february rev1

HP A10 Printing Mailbox · Stopping the Printing Mailbox 13 Using the HP A10 Printing Mailbox Using the HP A10 Printing Mailbox Once you have activated your Presto Service and set

Standard Mailbox Post Installation Instructions · Thank you for selecting Salsbury’s 4850 heavy duty rural mailbox. This instruction sheet is for installing the 4850 mailbox on

Mailbox Money Spanish

Mailbox money

The Mailbox, Birmingham

Mailbox Money eBook

Professional mailbox Setup Guide - Your Website and Emailyourwebsiteandemail.com/guides/professional-mailbox-setup-guide.p… · Customer Support | Professional mailbox Setup Guide

Mailbox December rev3

ADVANCED made simple for you · 2018-05-18 · ADVANCED workflow optimizing the way you work Mailbox Simple The imageRUNNER ADVANCE C3300 series comes with an in-built Mailbox Simple

SI52 Mailbox Book

Getting Wordy-Finland TEACHER - The Adventurous Mailbox€¦ · FINLAND:!An!Adventurous!Workbook!!!!!Getting’Wordy! 3! ! Thank you for bringing THE ADVENTUROUS MAILBOX into your

Mencegah Mailbox Penuh

Nutanix 24,000-Mailbox Virtualized Exchange Server 2013 Mailbox

mail.chinasofti.com mailbox... · Web viewYou can still use icss.com.cn mailbox, but if you join the company after Nov. 2017, you will only have chinasofti.com, and you will no longer

willetts.zendesk.com · Web viewiPhone IMAP Mailbox Setup Instructions The following screenshots will assist you with setting up your mailbox with your iPhone using IMAP. 1. Select

Mailbox Assemblies With V-Loc Breakaway Anchors… · Mailbox Assembly Stylish, yet rugged, this premium mailbox assembly features the cast aluminum Decra Mailbox with newspaper holder

Dept. Mailbox · University of Miami Information Technology Sending From Another Mailbox Page 13 Outlook for Mobile You will need to first add the additional mailbox(es) to Outlook

Entry Voice Mail for HiPath Systems - Rainbow ... the assigned operator has not yet configured a mailbox for you, a mailbox will be automatically assigned to you the first time you

MongoDB at Mailbox

Coming Soon to a Mailbox Near You! · Coming Soon to a Mailbox Near You! We™re going to evaluate the Natural Hazards Observer. We™re dead serious about our little newsletter and

Exchange Mailbox Backup

MAILBOX IQ

Sun ZFS Storage 7120 Appliance 5,000 Mailbox Resiliency ... · Sun ZFS Storage 7120 Appliance 5,000 Mailbox Resiliency Exchange 2010 Storage Solution 6 For example, you can increase

Mailbox Archiver - NETsec...Mailbox Export Archive / Export Mailbox In the Mailbox tab, you can select if the mailbox archive and the mailbox should be synchronized. Resolve Groups

VOICE MAIL USER GUIDE - Mitel Edocsedocs.mitel.com/UG/EN/NP_VM_UG_R10UR_EN.pdf · Setting Up Your Mailbox 3 Setting Up Your Mailbox When you access your mailbox for the first time,

Voice Mailbox Information Welcome to your new …...types of greetings: This is the last step in setting up your mailbox; once you have fi nished, you are transferred to the Main

Exchange Online Archiving - Illinois · If Exchange Online Archiving has been enabled for your mailbox you will see an additional entry under the Exchange mailbox in Outlook (left)

Mailbox Creations

The Mailbox Magazine