internet vulnerabilities & criminal activity
DESCRIPTION
Internet Vulnerabilities & Criminal Activity. Phishing, Nigerian 419’s, & High-Yield Investment Programs (HYIP) 8.2 10/31/2011. Phishing. - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/1.jpg)
Internet Vulnerabilities & Criminal ActivityPhishing, Nigerian 419’s, & High-Yield Investment
Programs (HYIP)
8.2
10/31/2011
![Page 2: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/2.jpg)
Phishing“The criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.”
(Wikipedia.org)
![Page 3: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/3.jpg)
Why ‘ph’ ? Phishing History
Original hackers phone + freaks = phreakers
Term first used 1996Coined by hackers who conned AOL users into divulging their passwords‘Phish’ = hacked account
Phish traded as currency among hackers by 1997
![Page 4: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/4.jpg)
How Phishing WorksVictim receives an official looking e-mail from and ISP, online bank, or government agency
Victim advised he/she must validate or his/her information to prevent dire consequences
Victim clicks on provided link and is taken to a spoofed website
Victim asked to enter personal information to validate/update his/her account
User name, account number, credit card number, password, etc.
![Page 5: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/5.jpg)
Phishing Techniques
Social engineering“Subject: To restore access to your bank account..”
Link manipulationCasual observation leads victim to believe the link in e-mail is to legitimate web page
Filter evasionUse of images rather than text
![Page 6: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/6.jpg)
Phishing Techniques cont.
Website forgeryAddress bar forgeryCross-scriptingMan-in-the-middle attacks
Phone phishingPhone message apparently from bank has victim call phishers using VOIPVishing
Other techniquesPop-up windows over legitimate bank sites
![Page 7: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/7.jpg)
Spear Phishing
An e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data
E-mail appears to come from a trusted source usually within one’s own company
Likely to be conducted by "sophisticated groups out for financial gain, trade secrets or military information.” NY Times
Overcomes normal suspicions
![Page 8: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/8.jpg)
Rock PhishNo one really sure what it is
Wikipedia - phishing tool
Others - one of the most prominent phishing groups in operation
Techno-savvy
Specializes in European and U.S. financial institutions
Responsible for 1/3 to 1/2 of all phishing e-mails sent in any given day
Credit card fraud, money laundering
![Page 9: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/9.jpg)
Rock Phish Demo
http://www.youtube.com/watch?v=6NviimO64qA
![Page 10: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/10.jpg)
Phishing Costs
$2.8 billion in 2006
$3.2 billion in 2007
$350 - $1244 per victim
Most cost born by financial institutions
Costs are dropping - $1.29 billion in 2010
![Page 11: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/11.jpg)
Phishing in 2009
APWG
![Page 12: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/12.jpg)
Phishing Laws
CAN SPAM ActControls conditions under which unsolicited commercial e-mail may be sent
Anti-phishing Act of 2004Did not become law
![Page 13: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/13.jpg)
Problems for Law Enforcement
Phishing web sites quickly move from one ISP to another
7 different servers in 12 days
Average phishing web site active for only 54 hours
Web sites gone long before victim realizes he/she is a victim
Webs sites have global location
![Page 14: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/14.jpg)
Phishing Example
![Page 15: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/15.jpg)
![Page 16: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/16.jpg)
Phishing Example
URL -
http://mail.opmcm.gov.np/locale/ar/LC_MESSAGES/online.lloydstsb.co.uk/customer.ibcWT.ac=hpIBlogon/
202.45.147.69 is from Nepal(NP) in region Southern
and Eastern Asia
![Page 17: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/17.jpg)
![Page 18: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/18.jpg)
![Page 19: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/19.jpg)
![Page 20: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/20.jpg)
![Page 21: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/21.jpg)
![Page 22: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/22.jpg)
Pharming“Redirecting one web sites traffic to another web site.”
![Page 23: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/23.jpg)
Nigerian 419’s“An advance-fee fraud in which the target is persuaded to advance sums of money in the hope of realizing a significantly larger gain.”
(Wikipedia.org)
![Page 24: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/24.jpg)
Nigerian 419 e-mail scams
Advanced Fee Fraud - (AFF)
419 - Nigerian criminal code
Originated in early 1980’s as Nigerian oil profits declined
“One of Nigeria’s most important export industries”
Many variations
![Page 25: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/25.jpg)
419 Elements
Scammers use Internet Cafes / Spoofed web sites
“Official” sounding introduction and correspondence
Uses name of real individual
May use religious theme
![Page 26: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/26.jpg)
419 Elements cont.Knows about a large sum of money that scammer cannot directly access
Victim offered 10% - 40% of money for assisting scammer
Victim asked to send money to assist scammer in accessing large fund
Amount asked for may be large, but not in comparison to promised portion Funds transferred by untraceable wire transfer
![Page 27: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/27.jpg)
419 Elements cont.
If victim is hooked, scammer will continue to ask for funds for various purposes
Once victim has invested in scam, he/she will feel the need to see the deal through
Victim may be scammed a second time by scammer pretending to be law enforcement or government official
![Page 28: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/28.jpg)
Problems for Law Enforcement
Anonymity
Jurisdiction
Untraceable wire transfer
• Prosecutions by Nigerian government have
become opportunities for bribery
![Page 29: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/29.jpg)
Example Recent 419 Scam
![Page 30: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/30.jpg)
High-Yield Investment Programs
“A type of Ponzi scheme, which is an investment scam that promises an unsustainably high return on investment by paying previous investors with the money invested by newcomers.”
(Wikipedia.org)
![Page 31: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/31.jpg)
Ponzi SchemePonzi schemes are a type of illegal pyramid scheme
named for Charles Ponzi, who duped thousands of New England residents into investing in a postage stamp speculation scheme back in the 1920s. Ponzi thought he could take advantage of differences between U.S. and foreign currencies used to buy and sell international mail coupons. Ponzi told investors that he could provide a 40% return in just 90 days compared with 5% for bank savings accounts. Ponzi was deluged with funds from investors, taking in $1 million during one three-hour period and this was 1921! Though a few early investors were paid off to make the scheme look legitimate, an investigation found that Ponzi had only purchased about $30 worth of the international mail coupons.
![Page 32: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/32.jpg)
HYIP Operators
• Set up web site offering investments
• Promised returns of 45% per month, 6% per day
• No details offered on underlying investments
• Incorporate in countries with lax investment laws
• Web sites frequently infect visitors with malware
![Page 33: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/33.jpg)
HYIP Monitor Sites
http://lifehyips.net/
![Page 34: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/34.jpg)
HYIP Web Site
![Page 35: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/35.jpg)
![Page 36: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/36.jpg)
Start Your Own HYIP
![Page 37: Internet Vulnerabilities & Criminal Activity](https://reader036.vdocuments.mx/reader036/viewer/2022062314/56814649550346895db3598a/html5/thumbnails/37.jpg)
HYIP and US Law
• HYIP is a fraud
• Prosecution by the SEC - Security & Exchange Commission
• Problems– Anonymity– Jurisdiction