Search| Browse| Contribute
Library| Blogs| Jobs| Podcasts| Wikis| Feeds
Page Location:
Home > Browse > Cybersecurity > Network Security and Applications > Phishing (3 records)
Alternate ViewsRSS

Phishing

Recent blog entries tagged with Phishing.

FTC SPAM Summit Explores Next Generation of Threats and Solutions
Created by Rodney J. Petersen (EDUCAUSE) on July 24, 2007

The Federal Trade Commission recently hosted a Spam Summit that focused on the next generation of threats and solutions.   The workshop brought together experts from the business, government, and technology sectors, consumer advocates, and academics to explore consumer protection issues surrounding spam, phishing, and malware. 

“This new generation of malicious spam goes beyond mere annoyance – it can result in significant harm to consumers and undermine the stability of the Internet and email in particular,” remarked FTC Chair Deborah Platt Majoras in her opening comments.  “Botnets – networks of hijacked personal computers that spammers use to conceal their identities – have become the preferred method for sending spam,” she observed.  She continued, “Even more troubling, spam reaching consumers’ inboxes is more often being used to launch phishing attacks and to deliver malicious code or ‘malware’ to consumers’ computers.” 

| | | | | | |
Rodney's blog  Login to post comments  Read more  Send to Friend  4746 reads

EDUCAUSE Security Professionals Conference 2006. Summary: Winning the Battle against Cyber Criminals
Created by Lida L. Larsen (EDUCAUSE) on April 25, 2006

Winning the Battle against Cyber Criminals

Dan Larkin Unit Chief, Internet Crime Complaint Center , Federal Bureau of Investigation

This opening keynote presentation covered the work of the federal government’s Internet Crime Complaint Center , generally referred to as the IC3, and their industry and academic partners.  The IC3 is a joint initiative between the FBI and the National White Collar Crime Center (NW3C)

 

| | | | | | |
llarsen's blog  Login to post comments  Read more  Send to Friend  4797 reads

EDUCAUSE Security Professionals Conference 2006. Summary: The Phishing Ecosystem: Analyzing the Dynamics for Maximum Defense
Created by Lida L. Larsen (EDUCAUSE) on April 25, 2006
The Phishing Ecosystem: Analyzing the Dynamics for Maximum Defense
Cathy Hubbs, IT Security Coordinator, George Mason University
Darlene Quackenbush,  Information Security Officer, James Madison University
Andrew Klein, E-mail Threat Research Manager, Sonicwall
 
This corporate presentation was essentially an overview of the Phishing ecosystem with representatives from two institutions.
 
Phishers need the following to create and implement an attack.
-      Email list
-      Develop the attack
-      Locate sites to send phishing email from (compromised machines - botnets)
-      Locate sites to host the phishing site – usually 5-10-20 sites
-      Launch the coordinated attack
-      Collect info
-      Transform into cash
 
Typical attack goes out to 2million email addresses
5% get to end user (100.000)
5% click on the link
2% enter data
Good for $100K
 
In reality, phishing kits are available and there are a number of phishing gangs
 
9715 phishing sites in Jan 06 
34% are US 
31% on “real” web servers that were hacked -
Only need to run the phish for 8 hours.
 
Eighty-two percent of incoming mail is still spam, virus, etc.  These spurious emails need to be caught and quarantined.  Most institutions look for some technical help to block the phish emails.  However, technology can not stop the problem.
| | |
llarsen's blog  Login to post comments  Read more  Send to Friend  3827 reads