joe klemencic 2006. spyware is a type of program that watches what users do with their computer and...
TRANSCRIPT
Joe Klemencic
2006
Spyware is a type of program that watches what users do with their computer and then sends that information
over the internet
80%+Number of machines
on the Internet infected with Spyware
Source: CA.com
Source: CA.com
Adware Hijackers Trojan
Toolbar Spyware Downloaders
93 Items
Number of Spyware items on average
* source: www.staysafeonline.info
=
if INSTALL_BUTTON is clicked{
install malware.exe
}
if NOTHANKS_BUTTON is clicked {
install malware.exe anyway // Bwhahaa!!!
}
If this is a REAL Windows dialog box, use the ‘X’ to close –OR- use
your browsers BACK button.
In this case, the entire dialog box is really a Graphic image. No matter where you click, it will install malware.
if MOUSECLICK {
install malware.exe
}
Read Everything!!
Phishing
Source: AntiPhishing.org
*Source: USA Today 01-14-2005
Identity Theft:
Not limited to relatives or physical theft of personal information (drivers license, credit cards). Most Identity Theft occurs NOT from your on-line transactions, but rather from locally installed software watching your computer OR from compromised machines at the various merchants and banks.
Just because a web site uses SSL or states it is a ‘Secure Server’ does NOT guarantee your data is safe. All it means is that the communications between your machine and the web site is encrypted (or at least is supposed to be).
Many banks will NOT honor their fraud policies if the ID theft was due to Phishing.
PHARMING(Hijacking Hosts/DNS)
c:\windows\system32\drivers\etc\hosts or /etc/hosts
206.65.183.18 www.microsoft.com206.65.183.18 www.google.com206.65.183.18 www.paypal.com206.65.183.18 www.ebay.com206.65.183.18 home.msn.com206.65.183.18 www.yahoo.com206.65.183.18 mail.yahoo.com206.65.183.18 www.cnn.com206.65.183.18 www.bankone.com206.65.183.18 www.citibank.com
Cleanup and Prevention
Don’t click on everything that pops up in front of you and READ the messages!!!
If unsure, visit a different site.
Hijack your own windows\system32\drivers\etc\hosts file:127.0.0.1 www.doubleclick.net127.0.0.1 ad.doubleclick.net127.0.0.1 ad.preferences.com127.0.0.1 ads.doubleclick.com127.0.0.1 ads.infospace.com127.0.0.1 ads.msn.com
Make your hosts file Read Only:
Spyware and Phishing Resources
Current Phishing Scams:http://www.antiphishing.org/
Spyware Discussions:http://www.spywaremanagement.org/
E-mail Hoax:http://hoaxbusters.ciac.org/
CA.com Resources: http://www3.ca.com/securityadvisor/pest/
Identity Theft Resource Center http://www.idtheftcenter.org
t h e e n d