Freud and Phishing: The Psychology Behind Internet Scams JC Lamkin, CNA, PMP Gypsy Lane Technologies Philadelphia, PA  191...
What is Phishing?
Making Money with Phish <ul><li>2,000,000  emails are sent </li></ul><ul><li>5%  get to the end user –  100,000   (APWG) <...
How Much Information? <ul><li>4.1 million  –   The number of credit card numbers discovered in ONE phishing blind drop a 4...
Phish and Spam are Different Lose company, financial, or personal information Might actually get the product offered What ...
Psychology: Phish  ≠  Spam <ul><li>People treat spam and phish differently </li></ul><ul><li>Take a Phishing Email and pla...
The Tricks of the Trade
Fear – You’re Being Naughty  “… payments or donations for obscene or certain sexually oriented goods or services.” “… your...
Fear – Account Takeover “… someone had used your account to make fake bids…” “ You must verify …” “… no choice but to susp...
Fear – Service Deactivation # 1 “… service(s)…will be deactivated…”
Fear – Service Deactivation # 2 “… service(s)…will be deactivated…”
Fear – Service Deactivation # 3  “… service(s)…will be deactivated…”
Fun – eBay Lottery
Fun – eBay Conference
Fun – eBay Anniversary LEGIT
Fun – Take a Survey
Fun – Take a Survey LEGIT
Confusion – Account Change
Confusion – Did I Buy This?
Assistance – My Refund?
Assistance – We’re Here to Help
Assistance –Fraud Detection
Assistance – Buy Safely  LEGIT
Poll-time Possibilities  LEGIT?? ...Only for Poll Workers
Compassion – No Scruples
Other Email Tricks <ul><li>Multi-Stage Attacks </li></ul><ul><ul><li>Email 1 – “We’ll be updating all our accounts this we...
The Domain Name Game <ul><li>citibank-validate.info </li></ul><ul><li>earthlink-reactivation.net </li></ul><ul><li>service...
Web Site Tricks We arrive at the website.  Is something phishy?
Web Site Tricks There is no address bar!
Web Site Tricks Now there’s two!
More Web Site Tricks <ul><li>Search Engine Listings </li></ul><ul><li>Common URL misspellings </li></ul><ul><ul><li>www.ma...
Tips on Protecting Yourself from Phishing
Protect Yourself <ul><li>Know your senders </li></ul><ul><ul><li>Is this someone I do business with? </li></ul></ul><ul><u...
Protect Yourself <ul><li>Stay on guard </li></ul><ul><ul><li>Look for clues – improve your PhishingIQ </li></ul></ul><ul><...
Not Just a Consumer Issue <ul><li>Operations  </li></ul><ul><ul><li>Microsoft Updates, RSA SecurID  </li></ul></ul><ul><li...
Protect Your Brand <ul><li>Cut-and-Paste links, minimize links </li></ul><ul><li>Use personal information where possible <...
Phishing - Don’t Take the Bait <ul><li>Preemptive </li></ul><ul><ul><li>Phishing is different than spam – think Virus </li...
JC Lamkin, CNA, PMP Gypsy Lane Technologies Philadelphia, PA  19144 (215) 843-1039 [email_address] http://www.gltMYpc.com ...
Upcoming SlideShare
Loading in …5
×

Internet Safety Presentation

560 views
513 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
560
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
14
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Internet Safety Presentation

  1. 1. Freud and Phishing: The Psychology Behind Internet Scams JC Lamkin, CNA, PMP Gypsy Lane Technologies Philadelphia, PA 19144 (215) 843-1039 [email_address] http://www.gltMYpc.com Twitter.com/TechCrusader
  2. 2. What is Phishing?
  3. 3. Making Money with Phish <ul><li>2,000,000 emails are sent </li></ul><ul><li>5% get to the end user – 100,000 (APWG) </li></ul><ul><li>5% click on the phishing link – 5,000 (APWG) </li></ul><ul><li>2% enter data into the phishing site – 100 (Gartner) </li></ul><ul><li>$1,200 from each person who enters data (FTC) </li></ul><ul><li>Our potential reward: $120,000 </li></ul>
  4. 4. How Much Information? <ul><li>4.1 million – The number of credit card numbers discovered in ONE phishing blind drop a 4 month period </li></ul><ul><li>A typical day </li></ul><ul><ul><li>Information for 13,677 accounts </li></ul></ul><ul><ul><li>3,356 credit cards </li></ul></ul><ul><ul><li>255 PayPal account logins </li></ul></ul><ul><ul><li>1,038 eBay account logins </li></ul></ul><ul><ul><li>93 Bank of America online banking account logins </li></ul></ul><ul><ul><li>2,609 Hotmail email account logins </li></ul></ul>Source: Washingtonpost.com (Security Fix: Brian Krebs)
  5. 5. Phish and Spam are Different Lose company, financial, or personal information Might actually get the product offered What happens if a user acts on the email offer? Stealing Selling What’s the real purpose? Brand credibility Product credibility What’s the most important attribute of the email? Establishing credibility with the receiver What the receiver desires The effectiveness of the email is based on? Information that you should receive Something you didn’t ask for, but still might want What does the email appear to be delivering? Front door – must look like something users want Back door – needs a disguise to get past filters How does the email enter your inbox? Phishing Spam Email Characteristics
  6. 6. Psychology: Phish ≠ Spam <ul><li>People treat spam and phish differently </li></ul><ul><li>Take a Phishing Email and place it in an end users “spam” folder. </li></ul><ul><ul><li>10% of the time the user removes the phishing email from the spam folder and places it in their inbox. </li></ul></ul><ul><li>Take a Phishing Email and place it in an end-users “phish” folder </li></ul><ul><ul><li>The user removes the phishing email from the phish folder less than 0.5% of the time. </li></ul></ul>
  7. 7. The Tricks of the Trade
  8. 8. Fear – You’re Being Naughty “… payments or donations for obscene or certain sexually oriented goods or services.” “… your account…limited for: xxxcambabes.com cam shows.”
  9. 9. Fear – Account Takeover “… someone had used your account to make fake bids…” “ You must verify …” “… no choice but to suspend your account.”
  10. 10. Fear – Service Deactivation # 1 “… service(s)…will be deactivated…”
  11. 11. Fear – Service Deactivation # 2 “… service(s)…will be deactivated…”
  12. 12. Fear – Service Deactivation # 3 “… service(s)…will be deactivated…”
  13. 13. Fun – eBay Lottery
  14. 14. Fun – eBay Conference
  15. 15. Fun – eBay Anniversary LEGIT
  16. 16. Fun – Take a Survey
  17. 17. Fun – Take a Survey LEGIT
  18. 18. Confusion – Account Change
  19. 19. Confusion – Did I Buy This?
  20. 20. Assistance – My Refund?
  21. 21. Assistance – We’re Here to Help
  22. 22. Assistance –Fraud Detection
  23. 23. Assistance – Buy Safely LEGIT
  24. 24. Poll-time Possibilities LEGIT?? ...Only for Poll Workers
  25. 25. Compassion – No Scruples
  26. 26. Other Email Tricks <ul><li>Multi-Stage Attacks </li></ul><ul><ul><li>Email 1 – “We’ll be updating all our accounts this weekend” </li></ul></ul><ul><ul><li>Email 2 – “We discovered a problem with your account” </li></ul></ul><ul><li>Multi-channel Attacks </li></ul><ul><ul><li>Email contains both </li></ul></ul><ul><ul><ul><li>Phishing URL </li></ul></ul></ul><ul><ul><ul><li>Phishing phone number (typically VOIP based) </li></ul></ul></ul>
  27. 27. The Domain Name Game <ul><li>citibank-validate.info </li></ul><ul><li>earthlink-reactivation.net </li></ul><ul><li>services-bankofamerica.com </li></ul><ul><li>sales-aol.net </li></ul><ul><li>secure-ebay.com </li></ul><ul><li>msn-reactivation.net </li></ul><ul><li>secure-usbank.info </li></ul><ul><li>service-visa.net </li></ul><ul><li>verification-e-gold.com </li></ul><ul><li>customer-verification.com </li></ul><ul><li>banking-account-renewal.com </li></ul><ul><li>Phishers SSL Certificate </li></ul><ul><li>>> citibanhk.de << </li></ul><ul><li>Duplicated Registrar Info </li></ul><ul><li>>> credltlyonaisse.com << </li></ul><ul><li>Registering a Cyrillic “a” </li></ul><ul><li>>> paypal.com << </li></ul>Hall of Fame
  28. 28. Web Site Tricks We arrive at the website. Is something phishy?
  29. 29. Web Site Tricks There is no address bar!
  30. 30. Web Site Tricks Now there’s two!
  31. 31. More Web Site Tricks <ul><li>Search Engine Listings </li></ul><ul><li>Common URL misspellings </li></ul><ul><ul><li>www.mailfrontier.com </li></ul></ul><ul><ul><li>www.mailfront ei r.com </li></ul></ul><ul><ul><li>www. male frontier.com </li></ul></ul>
  32. 32. Tips on Protecting Yourself from Phishing
  33. 33. Protect Yourself <ul><li>Know your senders </li></ul><ul><ul><li>Is this someone I do business with? </li></ul></ul><ul><ul><li>Is this something I was told I’d receive? </li></ul></ul><ul><ul><li>Look for other ways to respond </li></ul></ul>
  34. 34. Protect Yourself <ul><li>Stay on guard </li></ul><ul><ul><li>Look for clues – improve your PhishingIQ </li></ul></ul><ul><ul><li>Don’t be afraid to ask </li></ul></ul><ul><ul><li>Know how your system is updated </li></ul></ul><ul><ul><li>Protect your system </li></ul></ul><ul><ul><li>Check your records </li></ul></ul><ul><ul><li>Check your sources, snopes.com </li></ul></ul>
  35. 35. Not Just a Consumer Issue <ul><li>Operations </li></ul><ul><ul><li>Microsoft Updates, RSA SecurID </li></ul></ul><ul><li>Corporate credit cards </li></ul><ul><ul><li>American Express, Visa, MasterCard </li></ul></ul><ul><li>Purchasing and Payments </li></ul><ul><ul><li>Ebay, PayPal </li></ul></ul><ul><li>Network Services </li></ul><ul><ul><li>Verizon, Earthlink </li></ul></ul><ul><li>Web Services </li></ul><ul><ul><li>DNS Name Registration, Hosting Companies </li></ul></ul>
  36. 36. Protect Your Brand <ul><li>Cut-and-Paste links, minimize links </li></ul><ul><li>Use personal information where possible </li></ul><ul><li>Provide non-email ways to verify </li></ul><ul><li>Use standard company domain names </li></ul><ul><li>Identify your partners </li></ul><ul><li>Set and follow standard communication practices </li></ul>
  37. 37. Phishing - Don’t Take the Bait <ul><li>Preemptive </li></ul><ul><ul><li>Phishing is different than spam – think Virus </li></ul></ul><ul><li>Technology </li></ul><ul><ul><li>Its more than a consumer issue </li></ul></ul><ul><ul><li>Multi-faceted solution – No silver bullet </li></ul></ul><ul><li>Psychology </li></ul><ul><ul><li>Educate your customers/employees/yourself </li></ul></ul><ul><ul><li>Improve their PhishingIQ </li></ul></ul><ul><ul><li>Email is still Good! Really it is! </li></ul></ul>
  38. 38. JC Lamkin, CNA, PMP Gypsy Lane Technologies Philadelphia, PA 19144 (215) 843-1039 [email_address] http://www.gltMYpc.com Twitter.com/TechCrusader Special thanks to infosecurity.com Freud and Phishing: The Psychology Behind Internet Scams

×