SlideShare a Scribd company logo

cybercrime survival guide

G
Gary Gray, MCSE

Cybercrime poses serious risks to both individuals and businesses. Nearly 400 million people fall victim to cybercrime each year through websites that have been hacked or compromised. Criminals use techniques like botnets, malware, and phishing scams to infiltrate legitimate websites and steal users' personal and financial information without their knowledge. This poses financial and reputational risks to businesses. Website owners need to take proactive steps to secure their sites, such as conducting regular vulnerability assessments and using security programs and certificates to protect users and maintain trust.

1 of 10
Download to read offline
CYBERCRIME SURVIVAL GUIDE Arm yourself with knowledge
400,000,000 Almost400millionpeople1 fall victimtocybercrimeeveryyear. Acommonwayforcriminals to attackpeople is viawebsites,unfortunatelythisincludeslegitimate sitesthathavebeenhackedorcompromisedin some way. This puts your visitors and your reputation on the line, so every website owner needs to understand the risks posed by cybercrime and how to prevent it. This essential survival guidewillhelp you navigate thewilds and come outoftheothersidesafe,soundandprotected. 1 2013NortonReport.Slide10.http://uk.norton.com/cybercrimereport
Attack I 3 61%One in 500 websites are infected with malware. These sites are often legitimate websites (worryingly 61% of websites serving malware are legitimate sites) that have been infiltrated byonline criminals. Criminals can buy off the shelf software toolkits to attack websites, or more accurately the servers that run them, in the same way that computer viruses attack people’s homeandbusinessPCsmeaningthattoday almostanyone can access the tools required to hack a website. These attack kits can scan thousands of sites a minute overthe internet and spot known weaknesses and vulnerabilities, which are then used to insert malicious softwareontovulnerablewebsites. Thereareotherwaystobreakintoa websiteservertoo. Hackerscanuse socialengineering,phishingattacks orspywaretostealtheusername andpassword ofan administrator andsimplygivethemselvesaccess tothesystem–sodon’tgivethem a chance! 2 ISTR 18 http://www.symantec.com/security_response/publications/threatreport.jsp 3 ISTR 18 http://www.symantec.com/security_response/publications/threatreport.jsp
Attack I 4 How identity theft and phishing work Identity theft is one of the most insidious forms of online crime. It takes different forms from the theft of a credit card number to a complete takeover of someone’s online identity. This is what happened to journalist Mat Honan4 in 2012 when hackers progressively broke into his email and other online accounts and then remotely wiped his computer and smart phone. In the process, he lost ‘a year’s worth of photos, covering the entire lifespan of his daughter’ as well as documents and emails. Regaining access to all his accounts and reclaiming his digital life took a huge amount of time and effort5 . Honan was the victim of a clever series of social engineeringattacks designedto get accessto one system after another but many more people are tricked into givingawaytheirusernamesandpasswordsonincreasingly convincing sophisticated phishing sites. With phishing, a victim gets an email or social media message or clicks on a link from a seemingly legitimate website. They then arrive at a fake website that looks exactly like the real thing – a bank, a social media site or whatever – and they enter in their login details. Except that now it’s the criminals who have those details. Some security suites include tests that scan for fake sitesandforward-thinkingwebsiteownersuse advanced security technology such as extended validation SSL certificates to prove that they are a real site and not an imposter; but without this help it is often very difficult to spot the difference between a real site and a phishing replica. Withphishing,avictimgetsanemailor social media message or clicks on a link from a seemingly legitimate website. 4 http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/ 5 http://www.wired.com/gadgetlab/2012/08/mat-honan-data-recovery/
Attack I 5 How botnetswork Because of the waymovies portrayinternet hackers, it’s easyto imagine a lone genius sitting in a darkened basement room trying to hack into your website. In practice,that’sextremelyunlikely.Instead,criminalgangsusebotnets onalarge scaletoprobemillionsofPCsandwebsitesautomatically. A botnetisa collectionof computersthathavebeentaken overbymalware,oftenwithout theusers’knowledge, so that they can run software for the botnet operator. One common method of recruitment is drive-by attacks whenusers visit infected websites. Individual botnets can include thousands or tens of thousands of individual machines. Botnet operators can usethemto: • Send spam on a vast scale. • Hostphishingwebsites. • ProbePCsand legitimatewebsitesusingattacktoolkits. • ‘Click’onadverts generatingfraudulentrevenue. • Launch denial of service attacks that stop people usingonline services. Botnets give internet criminals processing power and internet connectivity on a huge scale. This is how they are able to send out millions of spam emails or infect millions of PCs an hour.
Infection I 6 Once criminals have infiltrated a website, theycan use it to make money and quite often in many cases a lot of money. For example, they can install spyware on visitors’ computers that steal personal information like credit card details. The installation software hides on regular web pages so often it’s impossible to spot without the right security software. Alternatively, they can stealthily redirect visitors to other sites or change the contents of a site. Stealth works in the criminals’ favor. If people know they’re a victim, they are likely to try to do something about it but most site owners don’t know that their site has been infected and most visitors don’t know they’ve been attacked. The consequences for visitors are potentially serious but the risks for a business with a corrupted website is equally grave: • Loss of customer trust and goodwill. • Redirection of site visitors away to other sites. • Interceptionofprivateinformationenteredon thesite. • Blacklistingbysearchengines(Forexample, Google blocks 10,000 infected sites a day6 ). Stealth works in the criminals’ favor. If people know they’re a victim, they are likelytotrytodosomethingaboutit 6 http://mobile.businessweek.com/articles/2012-05-07/protect-your-companys-website-from-malware
Infection I 7 83BILLION 2 MILLION Thesizeofthecybercrime problem Cybercrime is a serious issue for website owners. It’s also a problem for the economy as a whole. It represents a sort of criminal tax on internet commerce of up to €83 billion annually, according to the 2013 Norton Cybercrime Report7 . There are more than a million victims every dayand the average cost per victim is €220. CRIMINAL INTERNET COMMERCE TAX VICTIMS OF CYBERCRIME PER DAY What does this mean on a practical level? Four in ten people who used the internet have fallen victim to attacks suchas malware, viruses, hacking, scams, fraud and theft. And this means: • Spendinghourstryingtorepairtheircomputer, forexample removing a virus(24percent of respondents). • Losingmoneytofraudsterswholockaninfected computerusingRansomwareanddemandpayment to release it. • Losing their identityto criminals who clone credit cards, apply for loans and destroy credit records, leaving victims with months of work trying to sort out the damage. • HavingtheircomputerturnedintostealthyslavePCs in a criminal’s ‘botnet’ (see ‘What is a botnet’ for moreonthis). On a broader scale, it means a loss of confidence and trust in the internet, which reduces people’s freedom of choice and action. 7 go.symantec.com/norton-report-2013
Infection I 8 Whois mostatrisk ofcybercrime? According to the 2013 Norton Cybercrime Report which surveyed 13,022 online adults around the world: • Men are more likely to be victims than women. • People who use mobile devices, social networks and public or unsecured Wi-Fi are also more at risk. • Parents of children 8-17 are more vulnerable! When it comes to websites, botnets and attack toolkits don’t differentiate between big companies or small ones,famous namesoranonymousfamily businesses, profitable companies or charities. They probe as many websitesas theycanfind.Bytheirverynature,nowebsite is invincible and consequently every site is a target. Howwebsitemalwareworks Homeandbusinessusersshouldregularlyupdatetheircomputerswith recommended patches and updates for programs, operating systems etc... This isbecausesoftwarecompaniesandsecurityresearchersfindnewglitchesand weaknessesthathackerscanexploitandsosendpatchesoutforthem.Hackers know about these vulnerabilities too and they can use them to take control of unpatched computers: installing viruses or accessing private information, for example. It’sthe same with the servers that run websites. They have anoperating system, like you have Windows or MacOSona regularcomputer.Thereis alsoapplication software that serves up web pages to site visitors. Increasingly,websitesalsousecontentmanagement systems to allow non-technical users to create and edit web pages. Each of these layers of software could contain vulnerabilities that might allow criminals to changethe contentsof a website. Once they have control, they can use the site as a springboard to attack visitors. Internet criminals take different forms. Some look for software vulnerabilities, some write ‘attack toolkits’ that use vulnerabilities to attack websites and others specialize in using these toolkits to attack sites. There are online black markets where different specialists can meet and trade tips and tricks and buy these toolkits. Attack toolkits are like any other kind of commercial software;theyareupdatedregularly,comewith warranties and include technical support. One particularly popular toolkit, known as ‘Blackhole’ accounted for 41 percent of all web-based attacks in 2012.
Protection I 9 Individuals, whetherthey are homeusers oryour employeesandcolleagues,canprotectthemselves by using a bit of online common sense: • Deletesuspiciousemailsandsocialmedia messages without clicking on links. • Install up-to-date antivirus security software • Keep your computer up-to-date withthelatest softwarepatchesandupdates. • Backup yourPC to an external driveorcloudbased backup service. • Besecurity-consciousonsocialmediasites:logout when you’re done and don’t connect to people you don’tknow. • Regularly change and use strong passwords and don’tshare them with anyone. • Be careful about what you share online – don’t give away more personal information than you need to on social media sites and be careful about what you upload to online file stores. • Look for trustmarks likethe Norton™Secured Seal and Extended Validation SSL certificates when you visit a site – don’t entrust your confidential information to a site you don’t trust. How to tell if your site is vulnerable The growing risk of website corruption from internet criminals using attack toolkits means that website owners, even if they are not technically inclined, need to take steps to protect their sites, their visitors and their reputation NearlyaquarterofITmanagers don’t know how secure their websiteisandmorethanhalfhave neverconductedavulnerability assessment on their website9 You can sign up for Google’s free Webmaster Tools. This will warn you if Google has blocked your site because of malware but that’s a bit like spotting that the stable door is open after the horse has bolted. AmoreproactivealternativeistochooseSymantecExtendedValidationorProSSLCertificatesforyoursite,whichincludes Symantec’s Web Site Malware Scanning service. This checks your site daily and warns you if there is a problem. In addition, these certificates also include a weekly Vulnerability Assessment to highlight critical problems that may leave your site vulnerable to attack. These services allow you to be proactive rather than reactive. 9 http://www.symantec.com/connect/blogs/website-vulnerabilities-which-countries-websites-are-most-vulnerable-malware
Protection I 10 Whatcan you do toprotect your website? Havingreadthis guide, youalreadyunderstandtherisksandthe needtoscan your website for malware and vulnerabilities. However, you can do more to keep your site and visitors safe, including: • Use the Norton™ Secured Seal, which shows visitors that we scan your site regularly for malware and vulnerabilities. It is the most recognized trust mark on the Internet12 and 94% of consumers are likely to continue an online purchase when they see it13 . • Choose Extended Validation SSL Certificates to show your visitors that they are on a real site, not a fake phishing site and to confirm the identity of the company behind the site. Online shoppers are more likely to enter their credit card and/or other confidential financial information into a website with the EV green bar14 . • Keep your server software up-to-date. Ifyouhost or control your own web servers, keep them up to date with patches and updates. If you use a content managementsystem suchasWordPress, keepthat up to date too, including any third party plugins. Symantec research suggests that toolkits mainly tend to target well-known existing vulnerabilities for which thereare already fixes. • Controlaccesstowebservers.Usestrong passwordsforcontentmanagementsystemsand web servers. Don’t allow users to share passwords and ensure that admin-level passwords are limited to users with a strict need to know. • Consider an always-on approach to SSL. Well-known sites like Facebook and Twitter use SSL onevery page, not just onforms and checkout pages. This encrypts and protects all the information given by a user on the site and makes it less vulnerable to so-called ‘man in the middle attacks’. • Understandingthecybercrimethreattoyour website is not just good for security, it’s good for business. Put simply: if customers feel safe, they will buy more. Symantec is your partner in protecting your site and its range of Website Security Solutions make it easier to stay ahead of the criminals and increase trust for your customers. 12 InternationalOnlineConsumerResearch:U.S.,Germany, U.K.July2012 13 SymantecU.S.Online ConsumerStudy, February2011 14 SymantecOnlineConsumerStudy(UK, France,Germany, Benelux, USandAustralia) conducted in January 20

Recommended

A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.com
Business.com
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
CA.Kolluru Narayanarao
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
Kolluru N Rao
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013
EMC
 
The Whys and Wherefores of Web Security – by United Security Providers
The Whys and Wherefores of Web Security – by United Security ProvidersThe Whys and Wherefores of Web Security – by United Security Providers
The Whys and Wherefores of Web Security – by United Security Providers
United Security Providers AG
 
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersWhat Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For Hackers
Jaime Manteiga
 
Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacks
ArrayShield Technologies Private Limited
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 

Recommended

A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.com
Business.com
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
CA.Kolluru Narayanarao
 
Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Lesson iv on fraud awareness (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
Kolluru N Rao
 
RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013RSA Monthly Online Fraud Report -- August 2013
RSA Monthly Online Fraud Report -- August 2013
EMC
 
The Whys and Wherefores of Web Security – by United Security Providers
The Whys and Wherefores of Web Security – by United Security ProvidersThe Whys and Wherefores of Web Security – by United Security Providers
The Whys and Wherefores of Web Security – by United Security Providers
United Security Providers AG
 
What Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For HackersWhat Makes Web Applications Desirable For Hackers
What Makes Web Applications Desirable For Hackers
Jaime Manteiga
 
Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacks
ArrayShield Technologies Private Limited
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
Name parul
Name parulName parul
Name parul
Parul231
 
Ransomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacksRansomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacks
Δρ. Γιώργος K. Κασάπης
 
Jon handout 2
Jon handout 2Jon handout 2
Jon handout 2
Cheryl White
 
Jon handout 3
Jon handout 3Jon handout 3
Jon handout 3
Cheryl White
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
elakkiya poongunran
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
IRJET Journal
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
Security Primer
Security PrimerSecurity Primer
Security Primer
Alison Gianotto
 
Cybercrime
CybercrimeCybercrime
Cybercrime
Yash Kothari
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
IRJET Journal
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internet
Alexander Decker
 
Cyber crime liability report
Cyber crime liability reportCyber crime liability report
Cyber crime liability report
Sayali Sawant
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
vineetkathan
 
Phishing
PhishingPhishing
Phishing
Jayaseelan Vejayon
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
FCA - Future Chartered Accountants
 
Anatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing AttackAnatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing Attack
Mark Mair
 
Cybe Crime & Its Type
Cybe Crime & Its TypeCybe Crime & Its Type
Cybe Crime & Its Type
Deepak Kumar (D3)
 
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesPhishing attack types and mitigation strategies
Phishing attack types and mitigation strategies
Sarim Khawaja
 
Phishing
PhishingPhishing
Phishing
Deepak Kumar (D3)
 
Phishing
PhishingPhishing
Phishing
oitaoming
 
Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptx
GARDENGAMERZE77Fancl
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
MrunalBakshi
 

More Related Content

What's hot

Name parul
Name parulName parul
Name parul
Parul231
 
Ransomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacksRansomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacks
Δρ. Γιώργος K. Κασάπης
 
Jon handout 2
Jon handout 2Jon handout 2
Jon handout 2
Cheryl White
 
Jon handout 3
Jon handout 3Jon handout 3
Jon handout 3
Cheryl White
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
elakkiya poongunran
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
IRJET Journal
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
Security Primer
Security PrimerSecurity Primer
Security Primer
Alison Gianotto
 
Cybercrime
CybercrimeCybercrime
Cybercrime
Yash Kothari
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
IRJET Journal
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internet
Alexander Decker
 
Cyber crime liability report
Cyber crime liability reportCyber crime liability report
Cyber crime liability report
Sayali Sawant
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
vineetkathan
 
Phishing
PhishingPhishing
Phishing
Jayaseelan Vejayon
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
FCA - Future Chartered Accountants
 
Anatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing AttackAnatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing Attack
Mark Mair
 
Cybe Crime & Its Type
Cybe Crime & Its TypeCybe Crime & Its Type
Cybe Crime & Its Type
Deepak Kumar (D3)
 
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesPhishing attack types and mitigation strategies
Phishing attack types and mitigation strategies
Sarim Khawaja
 
Phishing
PhishingPhishing
Phishing
Deepak Kumar (D3)
 
Phishing
PhishingPhishing
Phishing
oitaoming
 

What's hot (20)

Name parul
Name parulName parul
Name parul
 
Ransomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacksRansomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacks
 
Jon handout 2
Jon handout 2Jon handout 2
Jon handout 2
 
Jon handout 3
Jon handout 3Jon handout 3
Jon handout 3
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
 
secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger secure from Phishing Hacking and Keylogger
secure from Phishing Hacking and Keylogger
 
Security Primer
Security PrimerSecurity Primer
Security Primer
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
IRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing SitesIRJET-Content based approach for Detection of Phishing Sites
IRJET-Content based approach for Detection of Phishing Sites
 
An overview study on cyber crimes in internet
An overview study on cyber crimes in internetAn overview study on cyber crimes in internet
An overview study on cyber crimes in internet
 
Cyber crime liability report
Cyber crime liability reportCyber crime liability report
Cyber crime liability report
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
 
Phishing
PhishingPhishing
Phishing
 
Cyber crime and fraud
Cyber crime and fraudCyber crime and fraud
Cyber crime and fraud
 
Anatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing AttackAnatomy of a Spear Phishing Attack
Anatomy of a Spear Phishing Attack
 
Cybe Crime & Its Type
Cybe Crime & Its TypeCybe Crime & Its Type
Cybe Crime & Its Type
 
Phishing attack types and mitigation strategies
Phishing attack types and mitigation strategiesPhishing attack types and mitigation strategies
Phishing attack types and mitigation strategies
 
Phishing
PhishingPhishing
Phishing
 
Phishing
PhishingPhishing
Phishing
 

Similar to cybercrime survival guide

Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptx
GARDENGAMERZE77Fancl
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
MrunalBakshi
 
Cloning Attack-Unveiling the Stealthy Threat.pdf
Cloning Attack-Unveiling the Stealthy Threat.pdfCloning Attack-Unveiling the Stealthy Threat.pdf
Cloning Attack-Unveiling the Stealthy Threat.pdf
Time Speed Magazine
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
Elsayed Muhammad
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
sweetpeace1
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
YellowSlice1
 
Malware Infections
Malware InfectionsMalware Infections
Malware Infections
Jessica Howard
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
WindstoneHealth
 
12 c business i environment i society mba 2016
12 c business i environment i society mba 201612 c business i environment i society mba 2016
12 c business i environment i society mba 2016
Rajesh Satpathy, Regional College of Management (RCM), Bhubaneswar
 
What are cybercrimes? How cybercrime works?
What are cybercrimes? How cybercrime works?What are cybercrimes? How cybercrime works?
What are cybercrimes? How cybercrime works?
FarjanaMitu3
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
Diego Souza
 
cybersecurity and cyber crime
cybersecurity and cyber crimecybersecurity and cyber crime
cybersecurity and cyber crime
Darshan Aswani
 
W verb68
W verb68W verb68
W verb68
James1280
 
Cybercrime
CybercrimeCybercrime
Cybercrime
Vansh Verma
 
Unmasking Scam Websites: Ways to Safe Surfing
Unmasking Scam Websites: Ways to Safe SurfingUnmasking Scam Websites: Ways to Safe Surfing
Unmasking Scam Websites: Ways to Safe Surfing
SoftwareDeals
 
Introduction to malvertising
Introduction to malvertising Introduction to malvertising
Introduction to malvertising
Mohd Arif
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
Md Nishad
 
The Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersThe Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From Hackers
Spouse Ware
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
Md. Atiqur Rahman
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
KALPITKALPIT1
 

Similar to cybercrime survival guide (20)

Cyber crime.pptx
Cyber crime.pptxCyber crime.pptx
Cyber crime.pptx
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Cloning Attack-Unveiling the Stealthy Threat.pdf
Cloning Attack-Unveiling the Stealthy Threat.pdfCloning Attack-Unveiling the Stealthy Threat.pdf
Cloning Attack-Unveiling the Stealthy Threat.pdf
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Malware Infections
Malware InfectionsMalware Infections
Malware Infections
 
Cybersecurity Training
Cybersecurity TrainingCybersecurity Training
Cybersecurity Training
 
12 c business i environment i society mba 2016
12 c business i environment i society mba 201612 c business i environment i society mba 2016
12 c business i environment i society mba 2016
 
What are cybercrimes? How cybercrime works?
What are cybercrimes? How cybercrime works?What are cybercrimes? How cybercrime works?
What are cybercrimes? How cybercrime works?
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
 
cybersecurity and cyber crime
cybersecurity and cyber crimecybersecurity and cyber crime
cybersecurity and cyber crime
 
W verb68
W verb68W verb68
W verb68
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Unmasking Scam Websites: Ways to Safe Surfing
Unmasking Scam Websites: Ways to Safe SurfingUnmasking Scam Websites: Ways to Safe Surfing
Unmasking Scam Websites: Ways to Safe Surfing
 
Introduction to malvertising
Introduction to malvertising Introduction to malvertising
Introduction to malvertising
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
The Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From HackersThe Best And Easiest Ways To Protect Yourself From Hackers
The Best And Easiest Ways To Protect Yourself From Hackers
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 

cybercrime survival guide

  • 2. 400,000,000 Almost400millionpeople1 fall victimtocybercrimeeveryyear. Acommonwayforcriminals to attackpeople is viawebsites,unfortunatelythisincludeslegitimate sitesthathavebeenhackedorcompromisedin some way. This puts your visitors and your reputation on the line, so every website owner needs to understand the risks posed by cybercrime and how to prevent it. This essential survival guidewillhelp you navigate thewilds and come outoftheothersidesafe,soundandprotected. 1 2013NortonReport.Slide10.http://uk.norton.com/cybercrimereport
  • 3. Attack I 3 61%One in 500 websites are infected with malware. These sites are often legitimate websites (worryingly 61% of websites serving malware are legitimate sites) that have been infiltrated byonline criminals. Criminals can buy off the shelf software toolkits to attack websites, or more accurately the servers that run them, in the same way that computer viruses attack people’s homeandbusinessPCsmeaningthattoday almostanyone can access the tools required to hack a website. These attack kits can scan thousands of sites a minute overthe internet and spot known weaknesses and vulnerabilities, which are then used to insert malicious softwareontovulnerablewebsites. Thereareotherwaystobreakintoa websiteservertoo. Hackerscanuse socialengineering,phishingattacks orspywaretostealtheusername andpassword ofan administrator andsimplygivethemselvesaccess tothesystem–sodon’tgivethem a chance! 2 ISTR 18 http://www.symantec.com/security_response/publications/threatreport.jsp 3 ISTR 18 http://www.symantec.com/security_response/publications/threatreport.jsp
  • 4. Attack I 4 How identity theft and phishing work Identity theft is one of the most insidious forms of online crime. It takes different forms from the theft of a credit card number to a complete takeover of someone’s online identity. This is what happened to journalist Mat Honan4 in 2012 when hackers progressively broke into his email and other online accounts and then remotely wiped his computer and smart phone. In the process, he lost ‘a year’s worth of photos, covering the entire lifespan of his daughter’ as well as documents and emails. Regaining access to all his accounts and reclaiming his digital life took a huge amount of time and effort5 . Honan was the victim of a clever series of social engineeringattacks designedto get accessto one system after another but many more people are tricked into givingawaytheirusernamesandpasswordsonincreasingly convincing sophisticated phishing sites. With phishing, a victim gets an email or social media message or clicks on a link from a seemingly legitimate website. They then arrive at a fake website that looks exactly like the real thing – a bank, a social media site or whatever – and they enter in their login details. Except that now it’s the criminals who have those details. Some security suites include tests that scan for fake sitesandforward-thinkingwebsiteownersuse advanced security technology such as extended validation SSL certificates to prove that they are a real site and not an imposter; but without this help it is often very difficult to spot the difference between a real site and a phishing replica. Withphishing,avictimgetsanemailor social media message or clicks on a link from a seemingly legitimate website. 4 http://www.wired.com/gadgetlab/2012/08/apple-amazon-mat-honan-hacking/ 5 http://www.wired.com/gadgetlab/2012/08/mat-honan-data-recovery/
  • 5. Attack I 5 How botnetswork Because of the waymovies portrayinternet hackers, it’s easyto imagine a lone genius sitting in a darkened basement room trying to hack into your website. In practice,that’sextremelyunlikely.Instead,criminalgangsusebotnets onalarge scaletoprobemillionsofPCsandwebsitesautomatically. A botnetisa collectionof computersthathavebeentaken overbymalware,oftenwithout theusers’knowledge, so that they can run software for the botnet operator. One common method of recruitment is drive-by attacks whenusers visit infected websites. Individual botnets can include thousands or tens of thousands of individual machines. Botnet operators can usethemto: • Send spam on a vast scale. • Hostphishingwebsites. • ProbePCsand legitimatewebsitesusingattacktoolkits. • ‘Click’onadverts generatingfraudulentrevenue. • Launch denial of service attacks that stop people usingonline services. Botnets give internet criminals processing power and internet connectivity on a huge scale. This is how they are able to send out millions of spam emails or infect millions of PCs an hour.
  • 6. Infection I 6 Once criminals have infiltrated a website, theycan use it to make money and quite often in many cases a lot of money. For example, they can install spyware on visitors’ computers that steal personal information like credit card details. The installation software hides on regular web pages so often it’s impossible to spot without the right security software. Alternatively, they can stealthily redirect visitors to other sites or change the contents of a site. Stealth works in the criminals’ favor. If people know they’re a victim, they are likely to try to do something about it but most site owners don’t know that their site has been infected and most visitors don’t know they’ve been attacked. The consequences for visitors are potentially serious but the risks for a business with a corrupted website is equally grave: • Loss of customer trust and goodwill. • Redirection of site visitors away to other sites. • Interceptionofprivateinformationenteredon thesite. • Blacklistingbysearchengines(Forexample, Google blocks 10,000 infected sites a day6 ). Stealth works in the criminals’ favor. If people know they’re a victim, they are likelytotrytodosomethingaboutit 6 http://mobile.businessweek.com/articles/2012-05-07/protect-your-companys-website-from-malware
  • 7. Infection I 7 83BILLION 2 MILLION Thesizeofthecybercrime problem Cybercrime is a serious issue for website owners. It’s also a problem for the economy as a whole. It represents a sort of criminal tax on internet commerce of up to €83 billion annually, according to the 2013 Norton Cybercrime Report7 . There are more than a million victims every dayand the average cost per victim is €220. CRIMINAL INTERNET COMMERCE TAX VICTIMS OF CYBERCRIME PER DAY What does this mean on a practical level? Four in ten people who used the internet have fallen victim to attacks suchas malware, viruses, hacking, scams, fraud and theft. And this means: • Spendinghourstryingtorepairtheircomputer, forexample removing a virus(24percent of respondents). • Losingmoneytofraudsterswholockaninfected computerusingRansomwareanddemandpayment to release it. • Losing their identityto criminals who clone credit cards, apply for loans and destroy credit records, leaving victims with months of work trying to sort out the damage. • HavingtheircomputerturnedintostealthyslavePCs in a criminal’s ‘botnet’ (see ‘What is a botnet’ for moreonthis). On a broader scale, it means a loss of confidence and trust in the internet, which reduces people’s freedom of choice and action. 7 go.symantec.com/norton-report-2013
  • 8. Infection I 8 Whois mostatrisk ofcybercrime? According to the 2013 Norton Cybercrime Report which surveyed 13,022 online adults around the world: • Men are more likely to be victims than women. • People who use mobile devices, social networks and public or unsecured Wi-Fi are also more at risk. • Parents of children 8-17 are more vulnerable! When it comes to websites, botnets and attack toolkits don’t differentiate between big companies or small ones,famous namesoranonymousfamily businesses, profitable companies or charities. They probe as many websitesas theycanfind.Bytheirverynature,nowebsite is invincible and consequently every site is a target. Howwebsitemalwareworks Homeandbusinessusersshouldregularlyupdatetheircomputerswith recommended patches and updates for programs, operating systems etc... This isbecausesoftwarecompaniesandsecurityresearchersfindnewglitchesand weaknessesthathackerscanexploitandsosendpatchesoutforthem.Hackers know about these vulnerabilities too and they can use them to take control of unpatched computers: installing viruses or accessing private information, for example. It’sthe same with the servers that run websites. They have anoperating system, like you have Windows or MacOSona regularcomputer.Thereis alsoapplication software that serves up web pages to site visitors. Increasingly,websitesalsousecontentmanagement systems to allow non-technical users to create and edit web pages. Each of these layers of software could contain vulnerabilities that might allow criminals to changethe contentsof a website. Once they have control, they can use the site as a springboard to attack visitors. Internet criminals take different forms. Some look for software vulnerabilities, some write ‘attack toolkits’ that use vulnerabilities to attack websites and others specialize in using these toolkits to attack sites. There are online black markets where different specialists can meet and trade tips and tricks and buy these toolkits. Attack toolkits are like any other kind of commercial software;theyareupdatedregularly,comewith warranties and include technical support. One particularly popular toolkit, known as ‘Blackhole’ accounted for 41 percent of all web-based attacks in 2012.
  • 9. Protection I 9 Individuals, whetherthey are homeusers oryour employeesandcolleagues,canprotectthemselves by using a bit of online common sense: • Deletesuspiciousemailsandsocialmedia messages without clicking on links. • Install up-to-date antivirus security software • Keep your computer up-to-date withthelatest softwarepatchesandupdates. • Backup yourPC to an external driveorcloudbased backup service. • Besecurity-consciousonsocialmediasites:logout when you’re done and don’t connect to people you don’tknow. • Regularly change and use strong passwords and don’tshare them with anyone. • Be careful about what you share online – don’t give away more personal information than you need to on social media sites and be careful about what you upload to online file stores. • Look for trustmarks likethe Norton™Secured Seal and Extended Validation SSL certificates when you visit a site – don’t entrust your confidential information to a site you don’t trust. How to tell if your site is vulnerable The growing risk of website corruption from internet criminals using attack toolkits means that website owners, even if they are not technically inclined, need to take steps to protect their sites, their visitors and their reputation NearlyaquarterofITmanagers don’t know how secure their websiteisandmorethanhalfhave neverconductedavulnerability assessment on their website9 You can sign up for Google’s free Webmaster Tools. This will warn you if Google has blocked your site because of malware but that’s a bit like spotting that the stable door is open after the horse has bolted. AmoreproactivealternativeistochooseSymantecExtendedValidationorProSSLCertificatesforyoursite,whichincludes Symantec’s Web Site Malware Scanning service. This checks your site daily and warns you if there is a problem. In addition, these certificates also include a weekly Vulnerability Assessment to highlight critical problems that may leave your site vulnerable to attack. These services allow you to be proactive rather than reactive. 9 http://www.symantec.com/connect/blogs/website-vulnerabilities-which-countries-websites-are-most-vulnerable-malware
  • 10. Protection I 10 Whatcan you do toprotect your website? Havingreadthis guide, youalreadyunderstandtherisksandthe needtoscan your website for malware and vulnerabilities. However, you can do more to keep your site and visitors safe, including: • Use the Norton™ Secured Seal, which shows visitors that we scan your site regularly for malware and vulnerabilities. It is the most recognized trust mark on the Internet12 and 94% of consumers are likely to continue an online purchase when they see it13 . • Choose Extended Validation SSL Certificates to show your visitors that they are on a real site, not a fake phishing site and to confirm the identity of the company behind the site. Online shoppers are more likely to enter their credit card and/or other confidential financial information into a website with the EV green bar14 . • Keep your server software up-to-date. Ifyouhost or control your own web servers, keep them up to date with patches and updates. If you use a content managementsystem suchasWordPress, keepthat up to date too, including any third party plugins. Symantec research suggests that toolkits mainly tend to target well-known existing vulnerabilities for which thereare already fixes. • Controlaccesstowebservers.Usestrong passwordsforcontentmanagementsystemsand web servers. Don’t allow users to share passwords and ensure that admin-level passwords are limited to users with a strict need to know. • Consider an always-on approach to SSL. Well-known sites like Facebook and Twitter use SSL onevery page, not just onforms and checkout pages. This encrypts and protects all the information given by a user on the site and makes it less vulnerable to so-called ‘man in the middle attacks’. • Understandingthecybercrimethreattoyour website is not just good for security, it’s good for business. Put simply: if customers feel safe, they will buy more. Symantec is your partner in protecting your site and its range of Website Security Solutions make it easier to stay ahead of the criminals and increase trust for your customers. 12 InternationalOnlineConsumerResearch:U.S.,Germany, U.K.July2012 13 SymantecU.S.Online ConsumerStudy, February2011 14 SymantecOnlineConsumerStudy(UK, France,Germany, Benelux, USandAustralia) conducted in January 20