SlideShare a Scribd company logo

Emerging Phishing Trends and Effectiveness of the Anti-Phishing Landing Page

IIIT Hyderabad
IIIT Hyderabad

Each month, more attacks are launched with the aim of making web users believe that they are communicating with a trusted entity which compels them to share their personal, financial information. Acquired sensitive information is then used for personal benefits, like, gain access to money of the individuals from whom the information was taken. Phishing costs Internet users billions of dollars every year. A recent report highlighted phishing loss of around $448 million to organizations in April 2014. Researchers at Carnegie Mellon University (CMU) created an anti-phishing landing page supported by Anti-Phishing Working Group (APWG) with the aim to train users on how to prevent themselves from phishing attacks. It is used by financial institutions, phish site take down vendors, government organizations, and online merchants. When a potential victim clicks on a phishing link that has been taken down, he / she is redirected to the landing page. In this paper, we present the comparative analysis on two datasets that we obtained from APWG’s landing page log files; one, from September 7, 2008 - November 11, 2009, and other from January 1, 2014 - April 30, 2014. We found that the landing page has been successful in training users against phishing. Forty six percent users clicked lesser number of phishing URLs from January 2014 to April 2014 which shows that training from the landing page helped users not to fall for phishing attacks. Our analysis shows that phishers have started to modify their techniques by creating more legitimate looking URLs and buying large number of domains to increase their activity. We observed that phishers are exploiting Internet Corporation for Assigned Names and Numbers (ICANN) accredited registrars to launch their attacks even after strict surveillance. We saw that phishers are trying to exploit free subdomain registration services to carry out attacks. In this paper, we also compared the phishing e-mails used by phishers to lure victims in 2008 and 2014. We found that the phishing e-mails have changed considerably over time. Phishers have adopted new techniques like sending promotional e-mails and emotionally targeting users in clicking phishing URLs.

Engineering
1 of 24
Download to read offline
Emerging Phishing Trends and Effectiveness of the Anti-Phishing Unifying the Global Response to Cybercrime Landing Page Srishti Gupta, Ponnurangam K. (“PK”) IIIT – Delhi, India Presenter: Prateek Dewan 1
Unifying the Global Response to Cybercrime Overview • Problem • Dataset • Results • Discussion 2
Unifying the Global Response to Cybercrime Phishing • Social Engineering attack • Trick people to get personal information • Computer Security Threat • …. 3
Unifying the Global Response to Cybercrime Statistics • APWG: 11% rise • EMC2: $448 million loss • 2013: ’Year of breach’ by Symantec • Peter Pan virus: UK (2014) • Evolving: Tabnabbing 4
Unifying the Global Response to Cybercrime Problem 5 • Evolution of phishing URLs • Learning? http://phish-education.apwg.org/r/
Unifying the Global Response to Cybercrime Related Work 6 • Kumaraguru et al.- Data from APWG • Analysed URLs from Oct 2008 - March 2009 • Analysed phishing emails for above period Kumaraguru, Ponnurangam, Lorrie Faith Cranor, and Laura Mather. "Anti-phishing landing page: Turning a 404 into a teachable moment for end users." Sixth Conference on Email and Anti-Spam. 2009.
IP Date Requesting URL Referrer Success Code Size Browser Unifying the Global Response to Cybercrime Data Schema 7 • IP: IP address of user clicking the phishing URL • Date: Date on which the page was redirected to education page • Requesting URL: The phishing URL • Referrer: The page visited before coming to education page • Success code: Status code of client requested • Size: Size of complete header • Browser: Browser information of the user
2014 dataset (Jan ’14 - Apr ’14) Unifying the Global Response to Cybercrime Dataset 8 Statisics Whole Dataset <=5 hits > 5 hits Number of unique URLs 28, 471 17, 368 10, 833 Total Hits for all unique URLs 3, 646, 483 33, 073 3, 613, 410 Maximum number of hits for a single URL 342, 317 5 342, 317 Minimum number of hits for a single URL 1 1 6 Average number of hits per URL 104.9 1.6 300.2 Median number of hits per URL 2 1 17 Standard Deviation for the URLs 3077.2 1.1 5224.5 2008 dataset (Sept ’08 - Nov ’09): 21, 890 unique URLs
• Vulnerable: Australia, France, Germany • Top host: USA, Czech, UK Unifying the Global Response to Cybercrime Countries 9 Vulnerable Host 2008: Peru, USA, Argentina USA, Hungary, France
Structure of Phishing URL Unifying the Global Response to Cybercrime 10 • IP Address Obfuscation • Not significant, attackers buying domains • Directory Structure Similarity • 2008: 18%; 2014: 38% • Using same phishing kits • Number of host components • Append authentic-looking word • Length greater than 3 suspicious • 2008: 7.8%; 2014: 17.4%
Phishing Campaign Unifying the Global Response to Cybercrime 11 • Victims always greater • Attacks are always successful
Unifying the Global Response to Cybercrime Learning 12 • 3, 359 unique users • 46% lesser hits
Learning - User Distribution Unifying the Global Response to Cybercrime 13 • High percentage with lesser clicks • Less percentage with more clicks
Unifying the Global Response to Cybercrime Popular TLDs 14 • .org most popular in 2008 • .com growing • Country specific TLDs observed
Non - ICANN Registrar Unifying the Global Response to Cybercrime 15 • No concrete policy • 45% 2008; 24% 2014
Unifying the Global Response to Cybercrime ICANN Registrar 16 • 55% 2008; 75.6 % 2014 • Improper monitoring https://www.icann.org/resources/pages/responsibilities-2014-03-14-en
Unifying the Global Response to Cybercrime Browser Analysis 17 • User Agent String Parser API • Browser blacklists ineffective
Observations (Bots) Unifying the Global Response to Cybercrime 18 • 2, 110 IP address • United States, China, Japan • No requesting URL (linked content) IP Address format Country Agent Type 157.55.XXX.XXX United States Bingbot 180.76.XXX.XXX China Baiduspider 199.30.XXX.XXX United States MSN bot 123.125.XXX.XXX China Baiduspider 176.195.XXX.XXX Russia Googlebot
Unifying the Global Response to Cybercrime Referrer Analysis 19 • Phishing shifting target to OSM • c0m.at, registered in France - Malicious Referrer Clicks http://www.google.com 980 http://m.facebook.com 670 http://fasebook.c0m.at 640 http://www.facebook.cm 550 http://www.clixsense.com 220 http://www.youtube.com 181 http://servinox.com.co 132 http://www.akihabarashop.jp 130 http://dflogins.ls.fr 91 http://google.ro 90
Unifying the Global Response to Cybercrime Phishing e-mails 20 • 170 matches • Logos, banners • Account Upgrade • Promotional • Winning cash prize • Helping e-mails
Unifying the Global Response to Cybercrime Tag Cloud 21
Unifying the Global Response to Cybercrime Discussion 22 • Sophisticated URL structuring • ICANN registrars exploited • Low cost, country specific TLDs used • Browser blacklists ineffective • Use of subdomain-services • Online Social Media to spread URLs • Changing emails pattern
Unifying the Global Response to Cybercrime Questions ? 23
For any queries, please write to Unifying the Global Response to Cybercrime srish3g@iiitd.ac.in pk@iiitd.ac.in h:p://precog.iiitd.edu.in/people/srish3/ 24

Recommended

Effective Anti-Phishing Strategies and Exercises - FISSEA 2017 Conference
Effective Anti-Phishing Strategies and Exercises - FISSEA 2017 ConferenceEffective Anti-Phishing Strategies and Exercises - FISSEA 2017 Conference
Effective Anti-Phishing Strategies and Exercises - FISSEA 2017 Conference
Paubox, Inc.
 
How to Use Open Source Intelligence (OSINT) in Investigations
How to Use Open Source Intelligence (OSINT) in InvestigationsHow to Use Open Source Intelligence (OSINT) in Investigations
How to Use Open Source Intelligence (OSINT) in Investigations
Case IQ
 
Preserving privacy while sharing data
Preserving privacy while sharing dataPreserving privacy while sharing data
Preserving privacy while sharing data
Gordon Haff
 
Fighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacksFighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacks
Shashi Prakash
 
3Es of Ransomware
3Es of Ransomware3Es of Ransomware
3Es of Ransomware
Sunil Kumar
 
Week 8.2 Anonymous Networks
Week 8.2 Anonymous NetworksWeek 8.2 Anonymous Networks
Week 8.2 Anonymous Networks
IIIT Hyderabad
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
Shreedeep Rayamajhi
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
PRISMA CSI
 

Recommended

Effective Anti-Phishing Strategies and Exercises - FISSEA 2017 Conference
Effective Anti-Phishing Strategies and Exercises - FISSEA 2017 ConferenceEffective Anti-Phishing Strategies and Exercises - FISSEA 2017 Conference
Effective Anti-Phishing Strategies and Exercises - FISSEA 2017 Conference
Paubox, Inc.
 
How to Use Open Source Intelligence (OSINT) in Investigations
How to Use Open Source Intelligence (OSINT) in InvestigationsHow to Use Open Source Intelligence (OSINT) in Investigations
How to Use Open Source Intelligence (OSINT) in Investigations
Case IQ
 
Preserving privacy while sharing data
Preserving privacy while sharing dataPreserving privacy while sharing data
Preserving privacy while sharing data
Gordon Haff
 
Fighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacksFighting the next wave of sophisticated phishing attacks
Fighting the next wave of sophisticated phishing attacks
Shashi Prakash
 
3Es of Ransomware
3Es of Ransomware3Es of Ransomware
3Es of Ransomware
Sunil Kumar
 
Week 8.2 Anonymous Networks
Week 8.2 Anonymous NetworksWeek 8.2 Anonymous Networks
Week 8.2 Anonymous Networks
IIIT Hyderabad
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
Shreedeep Rayamajhi
 
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
Practical White Hat Hacker Training - Passive Information Gathering(OSINT)
PRISMA CSI
 
Advanced phishing for red team assessments
Advanced phishing for red team assessmentsAdvanced phishing for red team assessments
Advanced phishing for red team assessments
JEBARAJM
 
Nmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanationNmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanation
Wangolo Joel
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
Cyren, Inc
 
Google Analytics in the age of not provided Search Fest 2014
Google Analytics in the age of not provided Search Fest 2014Google Analytics in the age of not provided Search Fest 2014
Google Analytics in the age of not provided Search Fest 2014Timothy Resnik
 
Offensive OSINT
Offensive OSINTOffensive OSINT
Offensive OSINT
Christian Martorella
 
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Abzetdin Adamov
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
 
Network Security - Luxury or Must Have?
Network Security - Luxury or Must Have? Network Security - Luxury or Must Have?
Network Security - Luxury or Must Have?
Allot Communications
 
Stop-Think-Connect: Past, present, and future. APWG Bern Symposium
Stop-Think-Connect: Past, present, and future. APWG Bern SymposiumStop-Think-Connect: Past, present, and future. APWG Bern Symposium
Stop-Think-Connect: Past, present, and future. APWG Bern Symposium
IIIT Hyderabad
 
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing EmailsAnalyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
IIIT Hyderabad
 
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on TwitterIIIT Hyderabad
 
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
IIIT Hyderabad
 
Credibility Ranking of Tweets during High Impact Events
Credibility Ranking of Tweets during High Impact EventsCredibility Ranking of Tweets during High Impact Events
Credibility Ranking of Tweets during High Impact Events
IIIT Hyderabad
 
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
IIIT Hyderabad
 
IGDTUW workshop
IGDTUW workshopIGDTUW workshop
IGDTUW workshop
IIIT Hyderabad
 
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
IIIT Hyderabad
 
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
IIIT Hyderabad
 
Studying user footprints in different online social networks
Studying user footprints in different online social networksStudying user footprints in different online social networks
Studying user footprints in different online social networks
IIIT Hyderabad
 
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
IIIT Hyderabad
 
Week 6.1: eCrime
Week 6.1: eCrimeWeek 6.1: eCrime
Week 6.1: eCrime
IIIT Hyderabad
 
Week 7.1 Link Farming
Week 7.1 Link FarmingWeek 7.1 Link Farming
Week 7.1 Link Farming
IIIT Hyderabad
 
Week 6.2: eCrime
Week 6.2: eCrimeWeek 6.2: eCrime
Week 6.2: eCrime
IIIT Hyderabad
 

More Related Content

What's hot

Advanced phishing for red team assessments
Advanced phishing for red team assessmentsAdvanced phishing for red team assessments
Advanced phishing for red team assessments
JEBARAJM
 
Nmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanationNmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanation
Wangolo Joel
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
Cyren, Inc
 
Google Analytics in the age of not provided Search Fest 2014
Google Analytics in the age of not provided Search Fest 2014Google Analytics in the age of not provided Search Fest 2014
Google Analytics in the age of not provided Search Fest 2014Timothy Resnik
 
Offensive OSINT
Offensive OSINTOffensive OSINT
Offensive OSINT
Christian Martorella
 
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Abzetdin Adamov
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
Cyren, Inc
 
Network Security - Luxury or Must Have?
Network Security - Luxury or Must Have? Network Security - Luxury or Must Have?
Network Security - Luxury or Must Have?
Allot Communications
 

What's hot (8)

Advanced phishing for red team assessments
Advanced phishing for red team assessmentsAdvanced phishing for red team assessments
Advanced phishing for red team assessments
 
Nmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanationNmapper theHarvester OSINT Tool explanation
Nmapper theHarvester OSINT Tool explanation
 
Webinar: A deep dive on ransomware
Webinar: A deep dive on ransomwareWebinar: A deep dive on ransomware
Webinar: A deep dive on ransomware
 
Google Analytics in the age of not provided Search Fest 2014
Google Analytics in the age of not provided Search Fest 2014Google Analytics in the age of not provided Search Fest 2014
Google Analytics in the age of not provided Search Fest 2014
 
Offensive OSINT
Offensive OSINTOffensive OSINT
Offensive OSINT
 
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.Technical, Legal and Political Issues of Combating Terrorism on the Internet.
Technical, Legal and Political Issues of Combating Terrorism on the Internet.
 
Webinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking surveyWebinar: IT security at SMBs: 2016 benchmarking survey
Webinar: IT security at SMBs: 2016 benchmarking survey
 
Network Security - Luxury or Must Have?
Network Security - Luxury or Must Have? Network Security - Luxury or Must Have?
Network Security - Luxury or Must Have?
 

Viewers also liked

Stop-Think-Connect: Past, present, and future. APWG Bern Symposium
Stop-Think-Connect: Past, present, and future. APWG Bern SymposiumStop-Think-Connect: Past, present, and future. APWG Bern Symposium
Stop-Think-Connect: Past, present, and future. APWG Bern Symposium
IIIT Hyderabad
 
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing EmailsAnalyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
IIIT Hyderabad
 
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on TwitterIIIT Hyderabad
 
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
IIIT Hyderabad
 
Credibility Ranking of Tweets during High Impact Events
Credibility Ranking of Tweets during High Impact EventsCredibility Ranking of Tweets during High Impact Events
Credibility Ranking of Tweets during High Impact Events
IIIT Hyderabad
 
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
IIIT Hyderabad
 
IGDTUW workshop
IGDTUW workshopIGDTUW workshop
IGDTUW workshop
IIIT Hyderabad
 
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
IIIT Hyderabad
 
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
IIIT Hyderabad
 
Studying user footprints in different online social networks
Studying user footprints in different online social networksStudying user footprints in different online social networks
Studying user footprints in different online social networks
IIIT Hyderabad
 
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
IIIT Hyderabad
 
Week 6.1: eCrime
Week 6.1: eCrimeWeek 6.1: eCrime
Week 6.1: eCrime
IIIT Hyderabad
 
Week 7.1 Link Farming
Week 7.1 Link FarmingWeek 7.1 Link Farming
Week 7.1 Link Farming
IIIT Hyderabad
 
Week 6.2: eCrime
Week 6.2: eCrimeWeek 6.2: eCrime
Week 6.2: eCrime
IIIT Hyderabad
 
Week 8.1 Profile Linking on Online Social Media
Week 8.1 Profile Linking on Online Social MediaWeek 8.1 Profile Linking on Online Social Media
Week 8.1 Profile Linking on Online Social Media
IIIT Hyderabad
 
ICWSM 2016 paper presentation, Megha Arora
ICWSM 2016 paper presentation, Megha AroraICWSM 2016 paper presentation, Megha Arora
ICWSM 2016 paper presentation, Megha Arora
IIIT Hyderabad
 
Credibility, Identity Resolution, Privacy, and Policing in Online Social Media
Credibility, Identity Resolution, Privacy, and Policing in Online Social MediaCredibility, Identity Resolution, Privacy, and Policing in Online Social Media
Credibility, Identity Resolution, Privacy, and Policing in Online Social Media
IIIT Hyderabad
 

Viewers also liked (17)

Stop-Think-Connect: Past, present, and future. APWG Bern Symposium
Stop-Think-Connect: Past, present, and future. APWG Bern SymposiumStop-Think-Connect: Past, present, and future. APWG Bern Symposium
Stop-Think-Connect: Past, present, and future. APWG Bern Symposium
 
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing EmailsAnalyzing Social and Stylometric Features to Identify Spear phishing Emails
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
 
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter
$1.00 per RT #BostonMarathon #PrayForBoston: Analyzing Fake Content on Twitter
 
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
Faking Sandy: Characterizing and Identifying Fake Images on Twitter during Hu...
 
Credibility Ranking of Tweets during High Impact Events
Credibility Ranking of Tweets during High Impact EventsCredibility Ranking of Tweets during High Impact Events
Credibility Ranking of Tweets during High Impact Events
 
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
Mitigating Misinformation Spread on Micro-blogging Web Services using TweetCr...
 
IGDTUW workshop
IGDTUW workshopIGDTUW workshop
IGDTUW workshop
 
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
Keynote at 4th International Symposium on Secuirty in Computing at Communicat...
 
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
Digital Forces - Social: Future Trends, Student Projects Highlight, Software ...
 
Studying user footprints in different online social networks
Studying user footprints in different online social networksStudying user footprints in different online social networks
Studying user footprints in different online social networks
 
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
Designing and Evaluating Techniques to
 Mitigate Misinformation Spread on 
Mi...
 
Week 6.1: eCrime
Week 6.1: eCrimeWeek 6.1: eCrime
Week 6.1: eCrime
 
Week 7.1 Link Farming
Week 7.1 Link FarmingWeek 7.1 Link Farming
Week 7.1 Link Farming
 
Week 6.2: eCrime
Week 6.2: eCrimeWeek 6.2: eCrime
Week 6.2: eCrime
 
Week 8.1 Profile Linking on Online Social Media
Week 8.1 Profile Linking on Online Social MediaWeek 8.1 Profile Linking on Online Social Media
Week 8.1 Profile Linking on Online Social Media
 
ICWSM 2016 paper presentation, Megha Arora
ICWSM 2016 paper presentation, Megha AroraICWSM 2016 paper presentation, Megha Arora
ICWSM 2016 paper presentation, Megha Arora
 
Credibility, Identity Resolution, Privacy, and Policing in Online Social Media
Credibility, Identity Resolution, Privacy, and Policing in Online Social MediaCredibility, Identity Resolution, Privacy, and Policing in Online Social Media
Credibility, Identity Resolution, Privacy, and Policing in Online Social Media
 

Similar to Emerging Phishing Trends and Effectiveness of the Anti-Phishing Landing Page

The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016
Tudor Damian
 
PhishAri: Automatic Realtime Phishing Detection on Twitter
PhishAri: Automatic Realtime Phishing Detection on TwitterPhishAri: Automatic Realtime Phishing Detection on Twitter
PhishAri: Automatic Realtime Phishing Detection on Twitter
Anupama Aggarwal
 
Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2
Wen-Pai Lu
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposedtamfin
 
Content Marketing - Mini Case Studies
Content Marketing - Mini Case StudiesContent Marketing - Mini Case Studies
Content Marketing - Mini Case Studies
LaSandra Brill
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
GDSCCVR
 
Use of hog descriptors in phishing detection
Use of hog descriptors in phishing detectionUse of hog descriptors in phishing detection
Use of hog descriptors in phishing detection
Selman Bozkır
 
How to build corporate size fraud prevention
How to build corporate size fraud preventionHow to build corporate size fraud prevention
How to build corporate size fraud prevention
Yury Leonychev
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
Gabor Szathmari
 
Fears and fulfillment with IT security
Fears and fulfillment with IT securityFears and fulfillment with IT security
Fears and fulfillment with IT security
David Strom
 
AppInspect: Large-scale Evaluation of Social Networking Apps
AppInspect: Large-scale Evaluation of Social Networking AppsAppInspect: Large-scale Evaluation of Social Networking Apps
AppInspect: Large-scale Evaluation of Social Networking Apps
Markus Huber
 
Symantec Website Security Threat Report - Insights
Symantec Website Security Threat Report - InsightsSymantec Website Security Threat Report - Insights
Symantec Website Security Threat Report - Insights
Symantec Website Security
 
Working Together to Build a Cyber Security Program
Working Together to Build a Cyber Security ProgramWorking Together to Build a Cyber Security Program
Working Together to Build a Cyber Security Program
National Retail Federation
 
How to build corporate size fraud prevention
How to build corporate size fraud preventionHow to build corporate size fraud prevention
How to build corporate size fraud prevention
Rakuten Group, Inc.
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
Jeremy Quadri
 
PIE - BSides Vancouver 2018
PIE - BSides Vancouver 2018PIE - BSides Vancouver 2018
PIE - BSides Vancouver 2018
Greg Foss
 
Identity Theft
Identity TheftIdentity Theft
Identity TheftSimpletel
 
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Selman Bozkır
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptx
NOUREDDINEOUNINISSE
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website Trends
Sucuri
 

Similar to Emerging Phishing Trends and Effectiveness of the Anti-Phishing Landing Page (20)

The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016The state of web applications (in)security @ ITDays 2016
The state of web applications (in)security @ ITDays 2016
 
PhishAri: Automatic Realtime Phishing Detection on Twitter
PhishAri: Automatic Realtime Phishing Detection on TwitterPhishAri: Automatic Realtime Phishing Detection on Twitter
PhishAri: Automatic Realtime Phishing Detection on Twitter
 
Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2Browser isolation (isc)2 may presentation v2
Browser isolation (isc)2 may presentation v2
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposed
 
Content Marketing - Mini Case Studies
Content Marketing - Mini Case StudiesContent Marketing - Mini Case Studies
Content Marketing - Mini Case Studies
 
Info Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study JamsInfo Session on Cybersecurity & Cybersecurity Study Jams
Info Session on Cybersecurity & Cybersecurity Study Jams
 
Use of hog descriptors in phishing detection
Use of hog descriptors in phishing detectionUse of hog descriptors in phishing detection
Use of hog descriptors in phishing detection
 
How to build corporate size fraud prevention
How to build corporate size fraud preventionHow to build corporate size fraud prevention
How to build corporate size fraud prevention
 
Iron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data ResponsiblyIron Bastion: How to Manage Your Clients' Data Responsibly
Iron Bastion: How to Manage Your Clients' Data Responsibly
 
Fears and fulfillment with IT security
Fears and fulfillment with IT securityFears and fulfillment with IT security
Fears and fulfillment with IT security
 
AppInspect: Large-scale Evaluation of Social Networking Apps
AppInspect: Large-scale Evaluation of Social Networking AppsAppInspect: Large-scale Evaluation of Social Networking Apps
AppInspect: Large-scale Evaluation of Social Networking Apps
 
Symantec Website Security Threat Report - Insights
Symantec Website Security Threat Report - InsightsSymantec Website Security Threat Report - Insights
Symantec Website Security Threat Report - Insights
 
Working Together to Build a Cyber Security Program
Working Together to Build a Cyber Security ProgramWorking Together to Build a Cyber Security Program
Working Together to Build a Cyber Security Program
 
How to build corporate size fraud prevention
How to build corporate size fraud preventionHow to build corporate size fraud prevention
How to build corporate size fraud prevention
 
Cyber Security Seminar
Cyber Security SeminarCyber Security Seminar
Cyber Security Seminar
 
PIE - BSides Vancouver 2018
PIE - BSides Vancouver 2018PIE - BSides Vancouver 2018
PIE - BSides Vancouver 2018
 
Identity Theft
Identity TheftIdentity Theft
Identity Theft
 
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
Phishing Attacks: Trends, Detection Systems and Computer Vision as a Promisin...
 
Cybersecurity.pptx
Cybersecurity.pptxCybersecurity.pptx
Cybersecurity.pptx
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website Trends
 

More from IIIT Hyderabad

Responsible & Safe AI Systems at ACM India ROCS at IIT Bombay
Responsible & Safe AI Systems at ACM India ROCS at IIT BombayResponsible & Safe AI Systems at ACM India ROCS at IIT Bombay
Responsible & Safe AI Systems at ACM India ROCS at IIT Bombay
IIIT Hyderabad
 
International Collaboration: Experiences, Challenges, Success stories
International Collaboration: Experiences, Challenges, Success storiesInternational Collaboration: Experiences, Challenges, Success stories
International Collaboration: Experiences, Challenges, Success stories
IIIT Hyderabad
 
Responsible & Safe AI: #LegalBias #Inconsistency #BiasinLLMs #MultiModalBias
Responsible & Safe AI: #LegalBias #Inconsistency #BiasinLLMs #MultiModalBiasResponsible & Safe AI: #LegalBias #Inconsistency #BiasinLLMs #MultiModalBias
Responsible & Safe AI: #LegalBias #Inconsistency #BiasinLLMs #MultiModalBias
IIIT Hyderabad
 
Identify, Inspect and Intervene Multimodal Fake News
Identify, Inspect and Intervene Multimodal Fake NewsIdentify, Inspect and Intervene Multimodal Fake News
Identify, Inspect and Intervene Multimodal Fake News
IIIT Hyderabad
 
#ChatGPT #ResponsibleAI
#ChatGPT #ResponsibleAI#ChatGPT #ResponsibleAI
#ChatGPT #ResponsibleAI
IIIT Hyderabad
 
Data Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafety
Data Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafetyData Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafety
Data Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafety
IIIT Hyderabad
 
It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...
IIIT Hyderabad
 
Beyond the Surface: A Computational Exploration of Linguistic Ambiguity
Beyond the Surface: A Computational Exploration of Linguistic AmbiguityBeyond the Surface: A Computational Exploration of Linguistic Ambiguity
Beyond the Surface: A Computational Exploration of Linguistic Ambiguity
IIIT Hyderabad
 
Data Science for Social Good: #LegalNLP #AlgorithmicBias...
Data Science for Social Good: #LegalNLP #AlgorithmicBias...Data Science for Social Good: #LegalNLP #AlgorithmicBias...
Data Science for Social Good: #LegalNLP #AlgorithmicBias...
IIIT Hyderabad
 
How to Write a (Good) Research Paper
How to Write a (Good) Research Paper How to Write a (Good) Research Paper
How to Write a (Good) Research Paper
IIIT Hyderabad
 
Data Science for Social Good: #LegalNLP #AlgorithmicBias
Data Science for Social Good: #LegalNLP #AlgorithmicBiasData Science for Social Good: #LegalNLP #AlgorithmicBias
Data Science for Social Good: #LegalNLP #AlgorithmicBias
IIIT Hyderabad
 
Social Computing Research in India
Social Computing Research in IndiaSocial Computing Research in India
Social Computing Research in India
IIIT Hyderabad
 
Social Computing Research in India
Social Computing Research in IndiaSocial Computing Research in India
Social Computing Research in India
IIIT Hyderabad
 
Modeling Online User Interactions and their Offline effects on Socio-Technica...
Modeling Online User Interactions and their Offline effects on Socio-Technica...Modeling Online User Interactions and their Offline effects on Socio-Technica...
Modeling Online User Interactions and their Offline effects on Socio-Technica...
IIIT Hyderabad
 
Privacy. Winter School on “Topics in Digital Trust”. IIT Bombay
Privacy. Winter School on “Topics in Digital Trust”. IIT BombayPrivacy. Winter School on “Topics in Digital Trust”. IIT Bombay
Privacy. Winter School on “Topics in Digital Trust”. IIT Bombay
IIIT Hyderabad
 
It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...
IIIT Hyderabad
 
It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...
IIIT Hyderabad
 
Leveraging Social Media for Financial Advice
Leveraging Social Media for Financial AdviceLeveraging Social Media for Financial Advice
Leveraging Social Media for Financial Advice
IIIT Hyderabad
 
Development of Stress Induction and Detection System to Study its Effect on B...
Development of Stress Induction and Detection System to Study its Effect on B...Development of Stress Induction and Detection System to Study its Effect on B...
Development of Stress Induction and Detection System to Study its Effect on B...
IIIT Hyderabad
 
A Framework for Automatic Question Answering in Indian Languages
A Framework for Automatic Question Answering in Indian LanguagesA Framework for Automatic Question Answering in Indian Languages
A Framework for Automatic Question Answering in Indian Languages
IIIT Hyderabad
 

More from IIIT Hyderabad (20)

Responsible & Safe AI Systems at ACM India ROCS at IIT Bombay
Responsible & Safe AI Systems at ACM India ROCS at IIT BombayResponsible & Safe AI Systems at ACM India ROCS at IIT Bombay
Responsible & Safe AI Systems at ACM India ROCS at IIT Bombay
 
International Collaboration: Experiences, Challenges, Success stories
International Collaboration: Experiences, Challenges, Success storiesInternational Collaboration: Experiences, Challenges, Success stories
International Collaboration: Experiences, Challenges, Success stories
 
Responsible & Safe AI: #LegalBias #Inconsistency #BiasinLLMs #MultiModalBias
Responsible & Safe AI: #LegalBias #Inconsistency #BiasinLLMs #MultiModalBiasResponsible & Safe AI: #LegalBias #Inconsistency #BiasinLLMs #MultiModalBias
Responsible & Safe AI: #LegalBias #Inconsistency #BiasinLLMs #MultiModalBias
 
Identify, Inspect and Intervene Multimodal Fake News
Identify, Inspect and Intervene Multimodal Fake NewsIdentify, Inspect and Intervene Multimodal Fake News
Identify, Inspect and Intervene Multimodal Fake News
 
#ChatGPT #ResponsibleAI
#ChatGPT #ResponsibleAI#ChatGPT #ResponsibleAI
#ChatGPT #ResponsibleAI
 
Data Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafety
Data Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafetyData Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafety
Data Science for Social Good: #MentalHealth #CodeMix #LegalNLP #AISafety
 
It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...
 
Beyond the Surface: A Computational Exploration of Linguistic Ambiguity
Beyond the Surface: A Computational Exploration of Linguistic AmbiguityBeyond the Surface: A Computational Exploration of Linguistic Ambiguity
Beyond the Surface: A Computational Exploration of Linguistic Ambiguity
 
Data Science for Social Good: #LegalNLP #AlgorithmicBias...
Data Science for Social Good: #LegalNLP #AlgorithmicBias...Data Science for Social Good: #LegalNLP #AlgorithmicBias...
Data Science for Social Good: #LegalNLP #AlgorithmicBias...
 
How to Write a (Good) Research Paper
How to Write a (Good) Research Paper How to Write a (Good) Research Paper
How to Write a (Good) Research Paper
 
Data Science for Social Good: #LegalNLP #AlgorithmicBias
Data Science for Social Good: #LegalNLP #AlgorithmicBiasData Science for Social Good: #LegalNLP #AlgorithmicBias
Data Science for Social Good: #LegalNLP #AlgorithmicBias
 
Social Computing Research in India
Social Computing Research in IndiaSocial Computing Research in India
Social Computing Research in India
 
Social Computing Research in India
Social Computing Research in IndiaSocial Computing Research in India
Social Computing Research in India
 
Modeling Online User Interactions and their Offline effects on Socio-Technica...
Modeling Online User Interactions and their Offline effects on Socio-Technica...Modeling Online User Interactions and their Offline effects on Socio-Technica...
Modeling Online User Interactions and their Offline effects on Socio-Technica...
 
Privacy. Winter School on “Topics in Digital Trust”. IIT Bombay
Privacy. Winter School on “Topics in Digital Trust”. IIT BombayPrivacy. Winter School on “Topics in Digital Trust”. IIT Bombay
Privacy. Winter School on “Topics in Digital Trust”. IIT Bombay
 
It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...
 
It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...It is our choices, Harry, that show what we truly are, far more than our abil...
It is our choices, Harry, that show what we truly are, far more than our abil...
 
Leveraging Social Media for Financial Advice
Leveraging Social Media for Financial AdviceLeveraging Social Media for Financial Advice
Leveraging Social Media for Financial Advice
 
Development of Stress Induction and Detection System to Study its Effect on B...
Development of Stress Induction and Detection System to Study its Effect on B...Development of Stress Induction and Detection System to Study its Effect on B...
Development of Stress Induction and Detection System to Study its Effect on B...
 
A Framework for Automatic Question Answering in Indian Languages
A Framework for Automatic Question Answering in Indian LanguagesA Framework for Automatic Question Answering in Indian Languages
A Framework for Automatic Question Answering in Indian Languages
 

Recently uploaded

Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
JoytuBarua2
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
Intella Parts
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
Kamal Acharya
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
Aditya Rajan Patra
 
Railway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdfRailway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdf
TeeVichai
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
bakpo1
 
English lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdfEnglish lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdf
BrazilAccount1
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
Kamal Acharya
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Sreedhar Chowdam
 
Basic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparelBasic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparel
top1002
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
WENKENLI1
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
Robbie Edward Sayers
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
SyedAbiiAzazi1
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Dr.Costas Sachpazis
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
Massimo Talia
 
Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdfWater Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation & Control
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
AJAYKUMARPUND1
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
karthi keyan
 
AP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specificAP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specific
BrazilAccount1
 
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTSHeap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Soumen Santra
 

Recently uploaded (20)

Planning Of Procurement o different goods and services
Planning Of Procurement o different goods and servicesPlanning Of Procurement o different goods and services
Planning Of Procurement o different goods and services
 
Forklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella PartsForklift Classes Overview by Intella Parts
Forklift Classes Overview by Intella Parts
 
Student information management system project report ii.pdf
Student information management system project report ii.pdfStudent information management system project report ii.pdf
Student information management system project report ii.pdf
 
Recycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part IIIRecycled Concrete Aggregate in Construction Part III
Recycled Concrete Aggregate in Construction Part III
 
Railway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdfRailway Signalling Principles Edition 3.pdf
Railway Signalling Principles Edition 3.pdf
 
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
一比一原版(SFU毕业证)西蒙菲莎大学毕业证成绩单如何办理
 
English lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdfEnglish lab ppt no titlespecENG PPTt.pdf
English lab ppt no titlespecENG PPTt.pdf
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
 
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&BDesign and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
Design and Analysis of Algorithms-DP,Backtracking,Graphs,B&B
 
Basic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparelBasic Industrial Engineering terms for apparel
Basic Industrial Engineering terms for apparel
 
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdfGoverning Equations for Fundamental Aerodynamics_Anderson2010.pdf
Governing Equations for Fundamental Aerodynamics_Anderson2010.pdf
 
HYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generationHYDROPOWER - Hydroelectric power generation
HYDROPOWER - Hydroelectric power generation
 
14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application14 Template Contractual Notice - EOT Application
14 Template Contractual Notice - EOT Application
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
 
Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024Nuclear Power Economics and Structuring 2024
Nuclear Power Economics and Structuring 2024
 
Water Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdfWater Industry Process Automation and Control Monthly - May 2024.pdf
Water Industry Process Automation and Control Monthly - May 2024.pdf
 
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
Pile Foundation by Venkatesh Taduvai (Sub Geotechnical Engineering II)-conver...
 
CME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional ElectiveCME397 Surface Engineering- Professional Elective
CME397 Surface Engineering- Professional Elective
 
AP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specificAP LAB PPT.pdf ap lab ppt no title specific
AP LAB PPT.pdf ap lab ppt no title specific
 
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTSHeap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
Heap Sort (SS).ppt FOR ENGINEERING GRADUATES, BCA, MCA, MTECH, BSC STUDENTS
 

Emerging Phishing Trends and Effectiveness of the Anti-Phishing Landing Page

  • 1. Emerging Phishing Trends and Effectiveness of the Anti-Phishing Unifying the Global Response to Cybercrime Landing Page Srishti Gupta, Ponnurangam K. (“PK”) IIIT – Delhi, India Presenter: Prateek Dewan 1
  • 2. Unifying the Global Response to Cybercrime Overview • Problem • Dataset • Results • Discussion 2
  • 3. Unifying the Global Response to Cybercrime Phishing • Social Engineering attack • Trick people to get personal information • Computer Security Threat • …. 3
  • 4. Unifying the Global Response to Cybercrime Statistics • APWG: 11% rise • EMC2: $448 million loss • 2013: ’Year of breach’ by Symantec • Peter Pan virus: UK (2014) • Evolving: Tabnabbing 4
  • 5. Unifying the Global Response to Cybercrime Problem 5 • Evolution of phishing URLs • Learning? http://phish-education.apwg.org/r/
  • 6. Unifying the Global Response to Cybercrime Related Work 6 • Kumaraguru et al.- Data from APWG • Analysed URLs from Oct 2008 - March 2009 • Analysed phishing emails for above period Kumaraguru, Ponnurangam, Lorrie Faith Cranor, and Laura Mather. "Anti-phishing landing page: Turning a 404 into a teachable moment for end users." Sixth Conference on Email and Anti-Spam. 2009.
  • 7. IP Date Requesting URL Referrer Success Code Size Browser Unifying the Global Response to Cybercrime Data Schema 7 • IP: IP address of user clicking the phishing URL • Date: Date on which the page was redirected to education page • Requesting URL: The phishing URL • Referrer: The page visited before coming to education page • Success code: Status code of client requested • Size: Size of complete header • Browser: Browser information of the user
  • 8. 2014 dataset (Jan ’14 - Apr ’14) Unifying the Global Response to Cybercrime Dataset 8 Statisics Whole Dataset <=5 hits > 5 hits Number of unique URLs 28, 471 17, 368 10, 833 Total Hits for all unique URLs 3, 646, 483 33, 073 3, 613, 410 Maximum number of hits for a single URL 342, 317 5 342, 317 Minimum number of hits for a single URL 1 1 6 Average number of hits per URL 104.9 1.6 300.2 Median number of hits per URL 2 1 17 Standard Deviation for the URLs 3077.2 1.1 5224.5 2008 dataset (Sept ’08 - Nov ’09): 21, 890 unique URLs
  • 9. • Vulnerable: Australia, France, Germany • Top host: USA, Czech, UK Unifying the Global Response to Cybercrime Countries 9 Vulnerable Host 2008: Peru, USA, Argentina USA, Hungary, France
  • 10. Structure of Phishing URL Unifying the Global Response to Cybercrime 10 • IP Address Obfuscation • Not significant, attackers buying domains • Directory Structure Similarity • 2008: 18%; 2014: 38% • Using same phishing kits • Number of host components • Append authentic-looking word • Length greater than 3 suspicious • 2008: 7.8%; 2014: 17.4%
  • 11. Phishing Campaign Unifying the Global Response to Cybercrime 11 • Victims always greater • Attacks are always successful
  • 12. Unifying the Global Response to Cybercrime Learning 12 • 3, 359 unique users • 46% lesser hits
  • 13. Learning - User Distribution Unifying the Global Response to Cybercrime 13 • High percentage with lesser clicks • Less percentage with more clicks
  • 14. Unifying the Global Response to Cybercrime Popular TLDs 14 • .org most popular in 2008 • .com growing • Country specific TLDs observed
  • 15. Non - ICANN Registrar Unifying the Global Response to Cybercrime 15 • No concrete policy • 45% 2008; 24% 2014
  • 16. Unifying the Global Response to Cybercrime ICANN Registrar 16 • 55% 2008; 75.6 % 2014 • Improper monitoring https://www.icann.org/resources/pages/responsibilities-2014-03-14-en
  • 17. Unifying the Global Response to Cybercrime Browser Analysis 17 • User Agent String Parser API • Browser blacklists ineffective
  • 18. Observations (Bots) Unifying the Global Response to Cybercrime 18 • 2, 110 IP address • United States, China, Japan • No requesting URL (linked content) IP Address format Country Agent Type 157.55.XXX.XXX United States Bingbot 180.76.XXX.XXX China Baiduspider 199.30.XXX.XXX United States MSN bot 123.125.XXX.XXX China Baiduspider 176.195.XXX.XXX Russia Googlebot
  • 19. Unifying the Global Response to Cybercrime Referrer Analysis 19 • Phishing shifting target to OSM • c0m.at, registered in France - Malicious Referrer Clicks http://www.google.com 980 http://m.facebook.com 670 http://fasebook.c0m.at 640 http://www.facebook.cm 550 http://www.clixsense.com 220 http://www.youtube.com 181 http://servinox.com.co 132 http://www.akihabarashop.jp 130 http://dflogins.ls.fr 91 http://google.ro 90
  • 20. Unifying the Global Response to Cybercrime Phishing e-mails 20 • 170 matches • Logos, banners • Account Upgrade • Promotional • Winning cash prize • Helping e-mails
  • 21. Unifying the Global Response to Cybercrime Tag Cloud 21
  • 22. Unifying the Global Response to Cybercrime Discussion 22 • Sophisticated URL structuring • ICANN registrars exploited • Low cost, country specific TLDs used • Browser blacklists ineffective • Use of subdomain-services • Online Social Media to spread URLs • Changing emails pattern
  • 23. Unifying the Global Response to Cybercrime Questions ? 23
  • 24. For any queries, please write to Unifying the Global Response to Cybercrime srish3g@iiitd.ac.in pk@iiitd.ac.in h:p://precog.iiitd.edu.in/people/srish3/ 24