Phishing: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
Line 21: Line 21:
===“Universal” Man-in-the-middle phishing kit===
===“Universal” Man-in-the-middle phishing kit===


There is only little effort required for the attackers to use this method to attack their victims. The attackers use a kit which is called MITM that includes several PHP files that get installed on the phishing server. This sever then acts as a median between the user and the legitimate website that he/she wants to access. These victims receive emails that includes a link to the
There is only little effort required for the attackers to use this method to attack their victims. The attackers use a kit which is called MITM that includes several PHP files that get installed on the phishing server. This sever then acts as a median between the user and the legitimate website that he/she wants to access. These victims receive emails that includes a link to their know website. Once they click on the link, they’ll be redirected to the phishing server which then will communicate with the original website on behalf of the user.


===Search Engine Phishing===
===Search Engine Phishing===

Revision as of 12:06, 31 July 2008

Study Guide

Background

Phishing Attacks

Keyloggers

These are spywares that can get installed either into a web browser or as a device driver. They record the user’s input to the computer by recording the keyboard keystrokes or mouse click. This information will be then sent to the spyware owner. These spywares can cause severe data leak.

Torpig-family Trojan

These Trojans are using advanced technologies that help them to spread very fast and hide very well. They are designed to hijack sessions. These Trojans are constantly monitoring major banks’ websites throughout the world. They display a fake page when a user tries to log in to these websites, and in this way continue to steal the private information of their victims.

Session Hijackers

These attacks can take place either from the malware that is installed on the victim’s computer or remotely. The attacks are triggered when users is trying to log into they account (usually bank accounts) or when they initiate a transaction. The malware then hijack the session for malicious purposes.

Content-Injection Phishing

This phishing refers to the situations when malicious or fake content get injected into some legitimate websites. These content then can abuse the users of the website by redirecting them to other websites, install malware on their computers, or redirect the input that users is inputting in that website to the phishing server.

“Universal” Man-in-the-middle phishing kit

There is only little effort required for the attackers to use this method to attack their victims. The attackers use a kit which is called MITM that includes several PHP files that get installed on the phishing server. This sever then acts as a median between the user and the legitimate website that he/she wants to access. These victims receive emails that includes a link to their know website. Once they click on the link, they’ll be redirected to the phishing server which then will communicate with the original website on behalf of the user.

Search Engine Phishing

Spear Phishing

Phishing solutions

Phishing blacklist

Bookmarks or history

Two-Way Authentication

VeriSign Identity Protection (VIP)

Early alarm

Bibliography