Security threats ecom

315 views
220 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
315
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • An armed bank robber is an example of a threat. A bank teller is an example of a valuable resource that may be vulnerable during a bank robbery. Bullet-proof glass between the robber and the teller denies the robber the opportunity to shoot the teller. The threat remains present, but one of its harmful effects (a gun shot) has been mitigated by a protection mechanism
  • Backdoors may be created with malicious intent, to gain access to confidential company or customer information. But they can also be created by a programmer who wants quick access to an application for troubleshooting purposes. They can even be created inadvertently through programming errors.
  • Phishing attacks can target the audience through mass mailing millions of email addresses around the world
  • TypesApplication FraudApplication takeover
  • Phishing attacks can target the audience through mass mailing millions of email addresses around the worldUse netcraft
  • Phishing attacks can target the audience through mass mailing millions of email addresses around the world
  • Phishing attacks can target the audience through mass mailing millions of email addresses around the world
  • Phishing attacks can target the audience through mass mailing millions of email addresses around the world
  • Phishing attacks can target the audience through mass mailing millions of email addresses around the world
  • Security threats ecom

    1. 1. OBJECTIVE Introduction Types & Prevent
    2. 2. α An action or event that might compromise security. A threat is a potential violation of security. α A threat is an object, person, or other entity that represents a constant danger to an asset. α A potential cause of an incident, that may result in harm of systems and organization. α It is Noun.
    3. 3. α Vulnerability could be defined as ‚a flaw or weakness in hardware, software or process that exposes a system to compromise‛. α It is Adjective α A vulnerability is that quality of a resource or its environment that allows the threat to be realized.
    4. 4. NOW Introduction Types & Prevent
    5. 5. 0x1. Malicious Code 0x2. Phishing and identity theft 0x3. Credit card fraud/theft 0x4. DOS / Ddos Attacks 0x5. Unwanted Programs 0x6. Hacking & Cyber Vandalism 0x7. Spoofing and spam websites
    6. 6. α Malicious code is the term used to describe any code in any part of a software system or script that is intended to cause undesired effects, security breaches or damage to a system. α It describes a broad category of system security terms that includes attack scripts, viruses, worms, Trojan horses, backdoors, and malicious active content.
    7. 7. α Malicious Code can take the form of: 1. Java Applets 2. ActiveX Controls 3. Scripting languages 4. Browser plug-ins 5. Pushed content α Malicious Code can give a user remote access to a computer. α This is known as an application backdoor.
    8. 8. α Phishing is an internet scam where the user is convinced to give valuable information. α Phishing will redirect the user to a different website through emails, instant messages, spywares etc. α Phisher offer illegitimate websites to the user to fill personal information. α The main purpose of phishing is to get access to the customer's bank accounts, passwords and other security information
    9. 9. α Identity theft is a form of stealing someone's identity in which someone pretends to be someone else by assuming that person's identity, usually as a method to gain access to resources or obtain credit and other benefits in that person's name.
    10. 10. α scammers may use spyware or some other scam to obtain your credit card details. α A scammer might steal or trick you into telling them your security code (the three or four digit code on your card) and then make purchases over the internet or the telephone. α The purpose may be to obtain goods without paying, or to obtain unauthorized funds from an account.
    11. 11. α If they know your PIN, they could get cash advances from an ATM using a ‘cloned’ credit card α Between Nov. 27, 2013 and Dec. 15, 2013 a breach of systems at Target Corporation exposed data from about 40 million credit cards. The information stolen included names, account number, expiry date and Card security code.
    12. 12. α Denial of service Attack (Dos) α It is an attack through which a person can render a system unusable, or significantly slow it down for legitimate users, by overloading its resources.
    13. 13. α Distributed Denial of service Attack (DDos) α On the Internet, a distributed denial-of- service attack is one in which a multitude of compromised systems attack a single target, thereby causing denial of service for users of the targeted system
    14. 14. α It is an attempt to make a machine or network resource unavailable to its intended users. α Perpetrators of DoS attacks typically target sites or services hosted on high- profile web servers such as banks, credit card payment gateways, and even root name servers.
    15. 15. α It is a program that may be unwanted, despite the possibility that users consented to download it. α UPs include spyware, adware, and dialers, and are often downloaded in conjunction with a program that the user wants.
    16. 16. α vandalism is the act of editing the project in a malicious manner that is intentionally disruptive. Vandalism includes the addition, removal, or other modification of the text or other material that is either humorous, nonsensical, a hoax, or that is of an offensive, humiliating, or otherwise degrading nature.
    17. 17. α Spoofing is when an attacker pretends to be someone else in order gain access to restricted resources or steal information. This type of attack can take a variety of different forms; for instance, an attacker can impersonate the Internet Protocol (IP) address of a legitimate user in order to get into their accounts advantage. α IP spoofing, Email Spoofing
    18. 18. α ‚Website spam or webspam is the term for web pages that are designed by webmasters to trick search engine robots and direct traffic to their websites.
    19. 19. facebook.com/groups/sviet.mca vjy.softworx@gmail.com

    ×