Published on

Published in: Technology, News & Politics
  • Be the first to comment

  • Be the first to like this


  1. 2. <ul><li>Agenda (this one!) – check! </li></ul><ul><li>WW Phishing in the next (6, maybe 12) months </li></ul><ul><li>Phishing in Romania (2007-2009) </li></ul><ul><li>Why 2 & 3 ? </li></ul><ul><li>The current BitDefender approach </li></ul><ul><li>Other important aspects </li></ul><ul><li>This paper will have no conclusions slide so please pay attention! (yes, I’m talking to the guys in the back… where the power plugs are :p ) </li></ul>Agenda
  2. 3. WW Phishing in the next (6 - 12) months <ul><li>APWG on 2 nd ½ of 2008 </li></ul><ul><ul><li>Unique phishing reports submitted to APWG  recorded a yearly high of 34,758 in October  </li></ul></ul><ul><ul><li>Unique phishing websites detected by APWG during the second half of 2008 saw a constant increase from July  and in October reached a maximum of 27,739  </li></ul></ul><ul><ul><li>IT WILL RISE!!, </li></ul></ul><ul><ul><li>or in Malcom Gladwell’s words: “This is going to tip” – (we trust him because he looks Einsteinian! </li></ul></ul>
  3. 4. Phishing in Romania (2007-2009) <ul><li>2007 – 7 attacks </li></ul><ul><li>2008 – 26 attacks (50% targeting the same institution) </li></ul><ul><li>2009 – 187 attacks already (98% targeting the same institution) </li></ul><ul><li>2009 – 1’st ½ … anyone want to make a prediction? </li></ul><ul><li>Don’t be fooled by randomness! </li></ul>
  4. 5. Now… why would anyone start phishing? <ul><ul><li>With the current market turmoil, what's the easiest way to make a small fortune? </li></ul></ul><ul><ul><li>Start off with a large one! </li></ul></ul><ul><li>Quote of the day (from a trader): &quot;This is worse than a divorce. I've lost half my net worth and I still have a wife </li></ul><ul><li>This market stinks so bad…that even Chuck Norris can’t make any money. </li></ul>
  5. 6. Well… I bet not anybody can phish!
  6. 7. Really… is must be more than this!!! <ul><li>Open the yellow pages and pick someone </li></ul><ul><li>Search his name using a social media search-engine </li></ul><ul><li>If any SN profile found </li></ul><ul><ul><li>Download images, posts, comments, friend </li></ul></ul><ul><ul><li>Create a phishing attack customized for this exact person. </li></ul></ul><ul><ul><li>Continue with his friends </li></ul></ul><ul><li>4. Complicated? Too much work? Dial 1-800 BOTNET for an army of computers to do this for you </li></ul><ul><li>PS: (success comes when the victim has profiles on more than one social network) </li></ul>
  7. 8. Current BitDefender Approach <ul><li>Technologies: </li></ul><ul><ul><li>RBL </li></ul></ul><ul><ul><li>Website Forgery Detector </li></ul></ul><ul><ul><li>Signature Filter </li></ul></ul><ul><ul><li>Minutiae Analysis </li></ul></ul><ul><ul><li>Image Filter </li></ul></ul><ul><ul><li>AntiPharming Module </li></ul></ul><ul><li>We protect: Spain, Germany, France, Italy, Romania and US (banks, SN accounts and webmail)…. For now…. </li></ul>
  8. 9. The Matrix <ul><li>We want to believe that this is proactive! </li></ul>  ebay paypal citybank whatever account 2 1 1 2 card 0 1 1 0 user 1 1 1 1 password 2 2 2 2 phishing 1 1 1 1 ebay 1 0 0 0 and so on 2 1 2 1
  9. 10. Ignorance is bliss <ul><li>Showing the actual domain on which the page is hosted </li></ul><ul><li>Showing the real page that is being forged </li></ul><ul><li>Displaying information about the registrar, the geographic location where the page is hosted and so on. </li></ul><ul><li>Requiring user confirmation before continuing loading the page </li></ul><ul><li>Certificates challenge. </li></ul><ul><li>We suggest all that AND, if possible, actually redirecting the user to the desired institution </li></ul>