Call trans opt: receveid. 9-18-99 14:32:31 REC:log>
WARNING: carrier anomaly
Trace program: running
> Welcome
38.107.191.95
16.03.2010 - 16:13 (15:13 GMT)
5orry, you have... NO MAIL.
Phishing: The Complete Documentation
- This category contains 4 Papers
- The last paper was added on 2007-03-26 (YYYY-MM-DD)
Phishing and Pharming - The Evil Twins
Published on 2007-01-29, by Tushar Vishesh Srivastava, ©SANS Institute.
Phishing and Pharming are two of the most organized crimes of the 21st century requiring very little skill on the part of the fraudster. These result in identity theft and financial fraud when the fraudster tricks the online users into giving their confidential information like Passwords, Social Security Numbers, Credit Card Numbers, CVV Numbers, and personal information such as birthdates and mothers’ maiden names etc. This information is then either used by fraudsters for their own needs such as impersonate the victim to transfer funds from the victim’s account, purchase merchandise etc., or is sold in a variety of online brokering forums and chat channels for a profit.
File infos:
- L0T3K ID: docs-1978
- status: online
- source: www.sans.org
Phishing Guide (The) - Understanding and Preventing Phishing Attacks
Published on 2004, by Gunter Ollmann, ©Next Generation Security Software Ltd..
Phishing is the new 21st century crime. The global media runs stories on an almost daily basis covering the latest organisation to have their customers targeted and how many victims succumbed to the attack. While the Phishers develop evermore sophisticated attack vectors, businesses flounder to protect their customers' personal data and look to external experts for improving email security. Customers too have become wary of "official" email, and organisations struggle to install confidence in their communications.
File infos:
- L0T3K ID: docs-1207
- status: online
- source: www.nextgenss.com
Phishing: An Analysis of a Growing Problem
Published on 2007-02-21, by Anthony Elledge, ©SANS Institute.
E-mail has become an invaluable communication tool, both for business and personal use. Among the many security issues that affect computer users, there is a rapidly growing threat known as "phishing". Criminals use phishing attacks to lure the unsuspecting into visiting a fraudulent web site, calling a fraudulent phone number, or downloading malicious software, expressly to steal sensitive information such as credit card numbers, account credentials, social security numbers, PINS, or passwords.
This paper gives an in-depth analysis of phishing: what it is, the technologies and security weaknesses it takes advantage of, the dangers it poses to end users, and insights into what can be done to curb the effects of this crime.
File infos:
- L0T3K ID: docs-1982
- status: online
- source: www.sans.org
Prevent Phishing with Mutual Authentication
Published on 2007, by Nick Owen, ©HowtoForge.
Phishing is essentially a man-in-the-middle attack. The user is mis-directed, for example by social engineering or DNS-cache poisoning, to a fraudulent site. Because the user doesn’t understand how to validate SSL certificates (and who does?), the trick works far too often. Efforts such as Extended Validation certificates are bound to fail in many cases because they rely on inconsistent visual aids and not strong cryptography. One-time passwords alone have also proven to be vulnerable to real-time MITM attacks. To prevent phishing consistently requires strong mutual authentication - validating the host to the user and the user to the host.
File infos:
- L0T3K ID: docs-1981
- status: online
- source: www.howtoforge.com
Created: 2010-03-15 21:56 | Modified: 2009-01-10 02:17 | Size: 12844 octets