This is not a beginner’s presentation. Audience who take this
presentation are expected to be experienced in M.S office,
Internet, LAN,O/S (Windows) & general P.C troubleshooting.
They are expected to understand I.T Security problems like
Virus, Spyware, Malware & Botnet and their Remedies.




                       Presenation done by uK
                      Mishra,Your coments will be
What is Information?


It is not an easy task to define what is really meaning of the term "information".
instinctively, information is sequence of symbols, which have some meaning to the
person receiving it. People communicate by exchanging information among them.
The importance of information can be valued quantitatively, depending on the
context. Sometimes information can be valued through monetary amount and that
aspect makes exchange of information very important in today's human society.




                               Presenation done by uK
                              Mishra,Your coments will be
Information Age

The human society is undergoing a fundamental transformation: from an industrial
society to the information society. Information age technologies increasingly pervade
all industrial and societal activities and are accelerating the globalization of
economies.
World's industrial competitiveness, its jobs, its quality of life and the sustainability of
growth depend on it being at the leading edge of the development and take-up of
information age technologies. At the same time, the technologies underpinning the
development of the information society are in rapid evolution. Advances in
information processing and communication are opening up exciting new possibilities.
There is a shift from stand-alone systems to networked information and processes.




                                    Presenation done by uK
                                   Mishra,Your coments will be
Information Age and the Internet
In the age when communications and media have tremendous impact on our
lives,
information and information technologies are becoming more and more important.
Internet as a “network of networks” is becoming the most popular media for the
information transfer. In the age of information everybody needs and uses
information. That is why Internet is not only a tool of the modern age, it is also its
symptom. Fast information exchange in almost every segment of our daily life
helped the Internet to move on from an oddity to the most popular medium.The
Internet is growing faster than previously thought. Internet’s user population is
growing 175 % per year
The Internet is going commercial. Saving money and energy is an essential part
of every business. That is why electronic commerce and on-line money making is
becoming more and more popular




                                Presenation done by uK
                               Mishra,Your coments will be
IT SECURITY
Information security is the process of protecting information. It protects its availability,
privacy and integrity. Access to stored information on computer databases has increased
greatly. More companies store business and individual information on computer than
ever before. Much of the information stored is highly confidential and not for public
viewing.
Information security means guarding information and information systems against
unauthorized access, disruption, disclosure, modification, use or destruction.
Many businesses are solely based on information stored in computers. Personal staff
details, client lists, salaries, bank account details, marketing and sales information may
all be stored on a database. Without this information, it would often be very hard for a
business to operate. Information security systems need to be implemented to protect this
information




                                   Presenation done by uK
                                  Mishra,Your coments will be
Types of Threats
   1. Adware
   Adware, or advertising-supported software, displays advertising banners or pop-ups
   on your computer when you use the application. This is not necessarily a bad thing.
   Such advertising can fund the development of useful software, which is then
   distributed free (for example, the Opera web browser).
                 •installs itself on your computer without your consent
               •installs itself in applications other than the one it came with and
               displays advertising
               when you use those applications
               •hijacks your web browser in order to display more ads (see Browser
               hijackers)
               •gathers data on your web browsing without your consent and sends it
               to others via
               the internet (see Spyware)

               •is designed to be difficult to uninstall .
Adware can slow down your PC. It can also slow down your internet connection by
downloading advertisements. Sometimes programming flaws in the adware can make
your computer unstable.
Advertising pop-ups can also distract you and waste your time if they have to be closed
before you can continue using yourPresenation done by uK
                                    PC.
                                         Mishra,Your coments will be
2. Backdoor Trojans
A backdoor Trojan allows someone to take control of another user’s
computer via the internet without their permission.
A backdoor Trojan may pose as legitimate software, just as other Trojan horse programs
do, so that users run it. Alternatively – as is now increasingly common – users may
allow Trojans onto their computer by following a link in spam mail.
Once the Trojan is run, it adds itself to the computer’s startup routine. It can then
monitor the computer until the user is connected to the internet. When the computer
goes online, the person who sent the Trojan can perform many actions – for example,
run programs on the infected computer, access personal files, modify and upload files,
track the user’s keystrokes, or send out spam mail




                                      Examples
      Trojan-Spy.HTML.Smitfraud.c [Kaspersky], Phish-BankFraud.eml.a [McAfee],
                                  Presenation done by uK
                   Trj/Citifraud.A [Panda coments will be
                                 Mishra,Your Software], generic5 [AVG
3. Bluejacking
Bluejacking is sending anonymous, unwanted messages to other users
with Bluetooth-enabled mobile phones or laptops.
Bluejacking depends on the ability of Bluetooth phones to detect and contact other
Bluetooth devices nearby. The Bluejacker uses a feature originally intended for
exchanging contact details or “electronic business cards”. He or she adds a new
entry
in the phone’s address book, types in a message, and chooses to send it via
Bluetooth.
The phone searches for other Bluetooth phones and, if it fi nds one, sends the
message



                                Presenation done by uK
                               Mishra,Your coments will be
4. Bluesnarfing




Bluesnarfing is the theft of data from a Bluetooth phone.
Like Bluejacking, Bluesnarfing depends on the ability of Bluetooth-enabled devices to
detect and contact others nearby.
In theory, a Bluetooth user running the right software on their laptop can discover a
nearby phone, connect to it without your confirmation, and download your phonebook,
pictures of contacts and calendar.
Your mobile phone’s serial number Presenation be downloaded and used to clone the
                                      can also done by uK
phone.                              Mishra,Your coments will be
5. Boot Sector Viruses
Boot sector viruses spread by modifying the program that enables your
computer to start up.
When you switch on a computer, the hardware looks for the boot sector program –
which is usually on the hard disk, but can be on a floppy disk or CD – and runs it.
This
program then loads the rest of the operating system into memory.
A boot sector virus replaces the original boot sector with its own, modified version
(and
usually hides the original somewhere else on the hard disk). When you next start up,
the infected boot sector is used and the virus becomes active



                                 Presenation done by uK
                                Mishra,Your coments will be
6. Browser Hijackers
Browser hijackers change the default home and search pages in your
internet browser.Some websites run a script that changes the settings in your browser
without your permission. This hijacker can add shortcuts to your “Favorites” folder or,
more seriously,can change the page that is first displayed when you open the browser




                                  Presenation done by uK
                                 Mishra,Your coments will be
7. Chain Letters
     An electronic chain letter is an email that urges you to forward copies
     to other people.Chain letters, like virus hoaxes, depend on you, rather than on
     computer code, to propagate themselves.
     The main types are:
1.          Hoaxes about terrorist attacks, premium-rate phone line scams, thefts from
                    ATMs and so forth.
2.          False claims that companies are offering free flights, free mobile phones,
            or cash rewards if you forward email.
3.          Petitions. Even if genuine, they continue to circulate long after their expiry
            date.
4.      Jokes and pranks, e.g. the claim that the internet would be closed for
maintenance
            on 1 April.



                                      Presenation done by uK
              The solution to the   Mishra,Your coments will be
                                    chain letter problem is simple:   don’t forward such mail
8. Denial of Service attack(DoS)

denial-of-service (DoS) attack prevents users from accessing a computer or
website.
In a DoS attack, a hacker attempts to overload or shut down a computer, so that
legitimate users can no longer access it. Typical DoS attacks target web servers
and aim to make websites unavailable. No data is stolen or compromised, but the
interruption to the service can be costly for a company.
The most common type of DoS attack involves sending more traffic to a computer than
it can handle. Rudimentary methods include sending outsized data packets or sending
email attachments with names that are longer than permitted by the mail programs




                                Presenation done by uK
                               Mishra,Your coments will be
9. Cookies

Cookies are files on your computer that enable websites to remember
your details.
When you visit a website, it can place a fi le called a cookie on your computer. This
enables the website to remember your details and track your visits. Cookies can be a
threat to confidentiality, but not to your data.
Cookies were designed to be helpful. For example, if you submit your ID when you visit
a website, a cookie can store this data, so that you don’t have to re-enter it next time.
Cookies also have benefits for webmasters, as they show which web pages are well used,
providing useful input when planning a redesign of the site.
If you prefer to remain anonymous, use the security settings on your internet browser to
disable cookies.




                                 Presenation done by uK
                                Mishra,Your coments will be
10. Dialers

Dialers change the number used for dial-up internet access to a premium-rate
number.
Dialers are not always malicious. Legitimate companies that offer downloads or games
may expect you to use a premium-rate line to access their services. A pop-up prompts
you to download the dialer and tells you how much calls will cost.
Other dialers may install themselves without your knowledge when you click on a
pop-up message (for example, a message warning you about a virus on your computer
and offering a solution). These do not offer access to any special services – they simply
divert your connection so that you access the internet via a premium-rate number




                                  Presenation done by uK
                                 Mishra,Your coments will be
11. Document Viruses

Document or “macro” viruses take advantage of macros – commands that are
embedded in files and run automatically.
Many applications, such as word processing and spreadsheet programs, use
macros.
A macro virus is a macro program that can copy itself and spread from one file to
another. If you open a file that contains a macro virus, the virus copies itself into the
application’s startup files. The computer is now infected.




                                  Presenation done by uK
                                 Mishra,Your coments will be
12. Email Viruses

  Many of the most creative viruses distribute themselves automatically by email.
  Typically, email-aware viruses depend on the user double-clicking on an attachment.
     This runs the malicious code, which will then mail itself to other people from that
   computer. The Netsky virus, for example, searches the computer for files that may
    contain email addresses, and then uses the email client on your computer to send
itself to those addresses. Some viruses, like Sobig-F, don’t even need to use your email
   client; they include their own “SMTP engine” for constructing and sending the email
                                       messages.


 Even an attachment that appears to be a safe type of file, e.g. a file with a .txt
 extension, can pose a threat. That file may be a malicious VBS script with the real file
 type (.vbs) hidden from view

                                  Presenation done by uK
                                 Mishra,Your coments will be
13. Internet Worms

Worms are programs that create copies of themselves and spread via internet
connections.
Worms differ from computer viruses because they can propagate themselves, rather
than using a carrier program or file. They simply create exact copies of themselves and
use communication between computers to spread.
Internet worms can travel between connected computers by exploiting security “holes”
in the computer’s operating system. The Blaster worm, for example, takes advantage of
a weakness in the Remote Procedure Call service that runs on unpatched Windows NT,
2000 and XP computers and uses it to send a copy of itself to another computer




                                Presenation done by uK
                               Mishra,Your coments will be
14. Mousetrapping
Mouse trapping prevents you from leaving a website.
If you are redirected to a bogus website, you may find that you cannot quit with the
back or close buttons. In some cases, entering a new web address does not enable
you
to escape either.
The site that mousetraps you will either not allow you to visit another address, or will
open another browser window displaying the same site. Some mousetraps let you quit
after a number of attempts, but others do not. To escape, use a bookmark or
“Favorite”, or open the list of recently-visited addresses
and select the next-to-last. You can also press Ctrl+Alt+Del and use the Task Manager
to shut down the browser or, if that fails, restart the computer.
To reduce the risk of mousetrapping, you can disable Javascript in your internet
browser. This prevents you from being trapped at sites that use this script, but it also
affects the look and feel of websites.




                                 Presenation done by uK
                                Mishra,Your coments will be
15. Obfuscated spam
Obfuscated spam is email that has been disguised in an attempt to fool anti-
spam software.
Spammers are constantly trying to find ways to modify or conceal their messages
so that
your anti-spam software can’t read them, but you can.
The simplest example of this “obfuscation” is putting spaces between the letters of
words, hoping that anti-spam software will not read the letters as one word, for
example
VIAGRA
Another common technique is to use misspellings or non-standard characters, for
example
V!agra




                                Presenation done by uK
                               Mishra,Your coments will be
16. Parasitic viruses
Pharming redirects you from a legitimate website to a bogus copy, allowing
criminals to steal the information you enter.
Pharming exploits the way that website addresses are composed.
Each computer on the internet has a numerical “IP address”, e.g. 127.0.0.1.
However,
these are not easy to remember, so web addresses also have a domain name, like
sophos.com. Every time you type in an address, the domain name has to be turned
back into the IP address. A DNS or Domain Name Server on the internet handles
this,
unless a “local host file” on your computer has already done it
To avoid pharming, make sure that you use secure web connections when you
access
sensitive sites. Just look for the https:// prefix in the web address. If a hacker tries to
mimic a secure site, a message will warn you that the site’s certificate does not
match
the address being visited.

                                  Presenation done by uK
                                 Mishra,Your coments will be
17. Page-jacking
Page-jacking is the use of replicas of reputable web pages to catch users and
redirect them to other websites.
Scammers copy pages from an established website and put them on a new site that
appears to be legitimate. They register this new site with major search engines, so that
users doing a search find and follow links to it. When the user arrives at the website,
they are automatically redirected to a different site that displays advertising or offers
of different services. They may also find that they cannot escape from the site without
restarting their computer (just like mousetrapping).




                                   Presenation done by uK
                                  Mishra,Your coments will be
18. Phishing
Phishing is the use of bogus emails and websites to trick you into supplying
confi dential or personal information.
Typically, you receive an email that appears to come from a reputable organization,
such as a bank. The email includes what appears to be a link to the organization’s
website. However, if you follow the link, you are connected to a replica of the
website.
Any details you enter, such as account numbers, PINs or passwords, can be stolen
and
used by the hackers who created the bogus site.




                                Presenation done by uK
                               Mishra,Your coments will be
19.Botnet
A botnet or robot network is a group of computers running a computer application
controlled and manipulated only by the owner or the software source. The botnet may
refer to a legitimate network of several computers that share program processing
amongst them.
Different Types of Bots

XtremBot, Agobot, Forbot, Phatbot.


Botnets may range from one thousand drones to tens of thousands of drones.
The larger the botnet, the more recognition and potential there is for financial
gain. The source computer can rent services of the botnet to third parties.
Common uses of botnets include:
• Spamming – After taking advantage of a victims’ computer systems, the
botnet commander may use the drones to harvest email addresses and send
spam or phishing mails.


                                 Presenation done by uK
                                Mishra,Your coments will be
• Traffic Monitoring – The malware may also be created for the discovery and
interception of sensitive data passing through a drone machine. Such malware
would sniff for user IDs and passwords.
• Denial of Service Attacks – This refers to an attempt to make resources
unavailable to its users. For example, the botnet may attack a network in order to
disrupt a service through overloading the resources of the drone’s computer system.
Such attacks may be carried out to disable the web site of a competitor.
• Keylogging – Some bots install keylogging programs in drone computers. Such
programs filter for key sequences that come before or after keywords such as
“Gmail” or “PayPal.”
• Mass Identity Theft – Such thefts are often attributed to botnet attacks. This may
be a phishing attack, in which the perpetrator presents himself as a legitimate
company in order to obtain personal information, such as user IDs, account
numbers or passwords.
• Botnet Spread – Drones in the network are often used to spread other botnets to
other computers.
• Pay-per-Click Systems Abuse – Drone machines can be used to automatically
click on a site upon browser activation. By artificially increasing the click counter of
an ad, the botnet commander may benefit from Google Adsense, or other affiliate
programs.
                                  Presenation done by uK
                                 Mishra,Your coments will be
20.Malware

Malware is an abbreviated term used to describe a "malicious
software" program. Malware includes things like spyware or adware
programs, such as tracking cookies, which are used to monitor your
surfing habits. It also includes more sinister items, such as
keyloggers, Trojan horses, worms, and viruses.




                         Presenation done by uK
                        Mishra,Your coments will be
21 Spyware

Spyware refers to programs that use your Internet
connection to send information from your personal
computer to some other computer, normally without your
knowledge or permission. Most often this information is a
record of your ongoing browsing habits, downloads, or it
could be more personal data like your name and address
Some programs that have included spyware, like
RealPlayer, disclose this information in their terms and
conditions when RealPlayer is installed, though most
users don't read the terms and conditions when they
install software, particularly if it is free. KaZaA, a free file
sharing program, also includes spyware and there are
many others.

                          Presenation done by uK
                         Mishra,Your coments will be
It is estimated that 90% of all computers on the Internet are infected with spyware.
Some telltale signs of spyware infection are:
•Your computer slows to a crawl due to several spyware programs using up your
memory resources.
•Advertisements pop up even when you are offline.
•You click on a link to go to one site, but your browser gets hijacked and you end
up at another site.
•Your computer is dialing up numbers on its own that show up on your phone bill.
•When you enter a search item, a new and unexpected site handles the search.
•Your bookmarks change on their own.
•You click your Home button but it takes you to a new site, and when you switch
the setting back, the new site appears again anyway.
•You get pop-up ads that address you by name even when you have not visited
site at which you have registered.




                                Presenation done by uK
                               Mishra,Your coments will be
22.Social Media
A number of well-reputed social networking and Web 2.0 sites were
compromised in 2007. The hackers are able to glean very specific
information from site such as LinkedIn and Facebook and then use it to
disguise their attacks as friendly and authentic solicitations. Given the
popularity and interactivity of the social media sites, they tend to
expose their users to cyber criminals in nearly the same way as Instant
Messaging. We believe that Social Media sites will be one of the top 5
vulnerabilities in 2008

Social networking sites are ideal havens for online criminal activities as they
provide a combination of two key factors: a huge number of users and a high-
level of trust among these users,

Demerits.
1. Malware, 2. Spam, 3. Targeted attack through employees, 4. Phishing, 5.
Human error, leading to leaked corporate data.
                               Presenation done by uK
                              Mishra,Your coments will be
Prevention better than cure
Despite the security risks social networks can bring into a
corporate environment, So disabling access to such sites is
not the best option as more and more businesses rely on
these tools to support their daily operations.
Enterprises then need to make sure its employees are
educated about security threats related to social networking
sites, and implement a comprehensive access and data
control strategy to prevent data loss.
"If the enterprise can govern the access of information to
only the right employees, loss of data by the attackers
getting into the network could be minimized," Organizations
can reap the benefits of social and business networking
online, while keeping the fraudsters at bay."

                       Presenation done by uK
                      Mishra,Your coments will be
23.VoIP

  With over 250 million Skype users today, and research that estimates 1.2 billion
   VoIP users by 2012, the cyber criminals have found a large, attractive and easy
 target. More than twice the number of VoIP-related vulnerabilities were reported in
    2007 versus the previous year—several high-profile “vishing” attacks, and a
criminal phreaking (or fraud) conviction—so it’s clear that VoIP threats have arrived
                         and there’s no sign of a slowdown




                                 Presenation done by uK
                                Mishra,Your coments will be
24.Instant Messaging


   The National Vulnerability Database reports more than twice the number of AIM
   (AOL), YIM (Yahoo), and MSN Messenger vulnerabilities for 2007 over the prior
  year. Even more significant is the finding that there were 10 high-severity risks in
  2007, compared with zero in 2006. That’s not all, the top IM virus families of 2005
    through 2007 are actively being replace with new and multiple versions making
signature based products ineffective. Although IM malware has existed for years, it is
   likely that the cyber criminals will chose this avenue to attack un-protected PCs.




                                Presenation done by uK
                               Mishra,Your coments will be
Q&A

 Presenation done by uK
Mishra,Your coments will be
Thank You


   Presenation done by uK
  Mishra,Your coments will be

I.T Security Threats

  • 1.
    This is nota beginner’s presentation. Audience who take this presentation are expected to be experienced in M.S office, Internet, LAN,O/S (Windows) & general P.C troubleshooting. They are expected to understand I.T Security problems like Virus, Spyware, Malware & Botnet and their Remedies. Presenation done by uK Mishra,Your coments will be
  • 2.
    What is Information? Itis not an easy task to define what is really meaning of the term "information". instinctively, information is sequence of symbols, which have some meaning to the person receiving it. People communicate by exchanging information among them. The importance of information can be valued quantitatively, depending on the context. Sometimes information can be valued through monetary amount and that aspect makes exchange of information very important in today's human society. Presenation done by uK Mishra,Your coments will be
  • 3.
    Information Age The humansociety is undergoing a fundamental transformation: from an industrial society to the information society. Information age technologies increasingly pervade all industrial and societal activities and are accelerating the globalization of economies. World's industrial competitiveness, its jobs, its quality of life and the sustainability of growth depend on it being at the leading edge of the development and take-up of information age technologies. At the same time, the technologies underpinning the development of the information society are in rapid evolution. Advances in information processing and communication are opening up exciting new possibilities. There is a shift from stand-alone systems to networked information and processes. Presenation done by uK Mishra,Your coments will be
  • 4.
    Information Age andthe Internet In the age when communications and media have tremendous impact on our lives, information and information technologies are becoming more and more important. Internet as a “network of networks” is becoming the most popular media for the information transfer. In the age of information everybody needs and uses information. That is why Internet is not only a tool of the modern age, it is also its symptom. Fast information exchange in almost every segment of our daily life helped the Internet to move on from an oddity to the most popular medium.The Internet is growing faster than previously thought. Internet’s user population is growing 175 % per year The Internet is going commercial. Saving money and energy is an essential part of every business. That is why electronic commerce and on-line money making is becoming more and more popular Presenation done by uK Mishra,Your coments will be
  • 5.
    IT SECURITY Information securityis the process of protecting information. It protects its availability, privacy and integrity. Access to stored information on computer databases has increased greatly. More companies store business and individual information on computer than ever before. Much of the information stored is highly confidential and not for public viewing. Information security means guarding information and information systems against unauthorized access, disruption, disclosure, modification, use or destruction. Many businesses are solely based on information stored in computers. Personal staff details, client lists, salaries, bank account details, marketing and sales information may all be stored on a database. Without this information, it would often be very hard for a business to operate. Information security systems need to be implemented to protect this information Presenation done by uK Mishra,Your coments will be
  • 6.
    Types of Threats 1. Adware Adware, or advertising-supported software, displays advertising banners or pop-ups on your computer when you use the application. This is not necessarily a bad thing. Such advertising can fund the development of useful software, which is then distributed free (for example, the Opera web browser). •installs itself on your computer without your consent •installs itself in applications other than the one it came with and displays advertising when you use those applications •hijacks your web browser in order to display more ads (see Browser hijackers) •gathers data on your web browsing without your consent and sends it to others via the internet (see Spyware) •is designed to be difficult to uninstall . Adware can slow down your PC. It can also slow down your internet connection by downloading advertisements. Sometimes programming flaws in the adware can make your computer unstable. Advertising pop-ups can also distract you and waste your time if they have to be closed before you can continue using yourPresenation done by uK PC. Mishra,Your coments will be
  • 7.
    2. Backdoor Trojans Abackdoor Trojan allows someone to take control of another user’s computer via the internet without their permission. A backdoor Trojan may pose as legitimate software, just as other Trojan horse programs do, so that users run it. Alternatively – as is now increasingly common – users may allow Trojans onto their computer by following a link in spam mail. Once the Trojan is run, it adds itself to the computer’s startup routine. It can then monitor the computer until the user is connected to the internet. When the computer goes online, the person who sent the Trojan can perform many actions – for example, run programs on the infected computer, access personal files, modify and upload files, track the user’s keystrokes, or send out spam mail Examples Trojan-Spy.HTML.Smitfraud.c [Kaspersky], Phish-BankFraud.eml.a [McAfee], Presenation done by uK Trj/Citifraud.A [Panda coments will be Mishra,Your Software], generic5 [AVG
  • 8.
    3. Bluejacking Bluejacking issending anonymous, unwanted messages to other users with Bluetooth-enabled mobile phones or laptops. Bluejacking depends on the ability of Bluetooth phones to detect and contact other Bluetooth devices nearby. The Bluejacker uses a feature originally intended for exchanging contact details or “electronic business cards”. He or she adds a new entry in the phone’s address book, types in a message, and chooses to send it via Bluetooth. The phone searches for other Bluetooth phones and, if it fi nds one, sends the message Presenation done by uK Mishra,Your coments will be
  • 9.
    4. Bluesnarfing Bluesnarfing isthe theft of data from a Bluetooth phone. Like Bluejacking, Bluesnarfing depends on the ability of Bluetooth-enabled devices to detect and contact others nearby. In theory, a Bluetooth user running the right software on their laptop can discover a nearby phone, connect to it without your confirmation, and download your phonebook, pictures of contacts and calendar. Your mobile phone’s serial number Presenation be downloaded and used to clone the can also done by uK phone. Mishra,Your coments will be
  • 10.
    5. Boot SectorViruses Boot sector viruses spread by modifying the program that enables your computer to start up. When you switch on a computer, the hardware looks for the boot sector program – which is usually on the hard disk, but can be on a floppy disk or CD – and runs it. This program then loads the rest of the operating system into memory. A boot sector virus replaces the original boot sector with its own, modified version (and usually hides the original somewhere else on the hard disk). When you next start up, the infected boot sector is used and the virus becomes active Presenation done by uK Mishra,Your coments will be
  • 11.
    6. Browser Hijackers Browserhijackers change the default home and search pages in your internet browser.Some websites run a script that changes the settings in your browser without your permission. This hijacker can add shortcuts to your “Favorites” folder or, more seriously,can change the page that is first displayed when you open the browser Presenation done by uK Mishra,Your coments will be
  • 12.
    7. Chain Letters An electronic chain letter is an email that urges you to forward copies to other people.Chain letters, like virus hoaxes, depend on you, rather than on computer code, to propagate themselves. The main types are: 1. Hoaxes about terrorist attacks, premium-rate phone line scams, thefts from ATMs and so forth. 2. False claims that companies are offering free flights, free mobile phones, or cash rewards if you forward email. 3. Petitions. Even if genuine, they continue to circulate long after their expiry date. 4. Jokes and pranks, e.g. the claim that the internet would be closed for maintenance on 1 April. Presenation done by uK The solution to the Mishra,Your coments will be chain letter problem is simple: don’t forward such mail
  • 13.
    8. Denial ofService attack(DoS) denial-of-service (DoS) attack prevents users from accessing a computer or website. In a DoS attack, a hacker attempts to overload or shut down a computer, so that legitimate users can no longer access it. Typical DoS attacks target web servers and aim to make websites unavailable. No data is stolen or compromised, but the interruption to the service can be costly for a company. The most common type of DoS attack involves sending more traffic to a computer than it can handle. Rudimentary methods include sending outsized data packets or sending email attachments with names that are longer than permitted by the mail programs Presenation done by uK Mishra,Your coments will be
  • 14.
    9. Cookies Cookies arefiles on your computer that enable websites to remember your details. When you visit a website, it can place a fi le called a cookie on your computer. This enables the website to remember your details and track your visits. Cookies can be a threat to confidentiality, but not to your data. Cookies were designed to be helpful. For example, if you submit your ID when you visit a website, a cookie can store this data, so that you don’t have to re-enter it next time. Cookies also have benefits for webmasters, as they show which web pages are well used, providing useful input when planning a redesign of the site. If you prefer to remain anonymous, use the security settings on your internet browser to disable cookies. Presenation done by uK Mishra,Your coments will be
  • 15.
    10. Dialers Dialers changethe number used for dial-up internet access to a premium-rate number. Dialers are not always malicious. Legitimate companies that offer downloads or games may expect you to use a premium-rate line to access their services. A pop-up prompts you to download the dialer and tells you how much calls will cost. Other dialers may install themselves without your knowledge when you click on a pop-up message (for example, a message warning you about a virus on your computer and offering a solution). These do not offer access to any special services – they simply divert your connection so that you access the internet via a premium-rate number Presenation done by uK Mishra,Your coments will be
  • 16.
    11. Document Viruses Documentor “macro” viruses take advantage of macros – commands that are embedded in files and run automatically. Many applications, such as word processing and spreadsheet programs, use macros. A macro virus is a macro program that can copy itself and spread from one file to another. If you open a file that contains a macro virus, the virus copies itself into the application’s startup files. The computer is now infected. Presenation done by uK Mishra,Your coments will be
  • 17.
    12. Email Viruses Many of the most creative viruses distribute themselves automatically by email. Typically, email-aware viruses depend on the user double-clicking on an attachment. This runs the malicious code, which will then mail itself to other people from that computer. The Netsky virus, for example, searches the computer for files that may contain email addresses, and then uses the email client on your computer to send itself to those addresses. Some viruses, like Sobig-F, don’t even need to use your email client; they include their own “SMTP engine” for constructing and sending the email messages. Even an attachment that appears to be a safe type of file, e.g. a file with a .txt extension, can pose a threat. That file may be a malicious VBS script with the real file type (.vbs) hidden from view Presenation done by uK Mishra,Your coments will be
  • 18.
    13. Internet Worms Wormsare programs that create copies of themselves and spread via internet connections. Worms differ from computer viruses because they can propagate themselves, rather than using a carrier program or file. They simply create exact copies of themselves and use communication between computers to spread. Internet worms can travel between connected computers by exploiting security “holes” in the computer’s operating system. The Blaster worm, for example, takes advantage of a weakness in the Remote Procedure Call service that runs on unpatched Windows NT, 2000 and XP computers and uses it to send a copy of itself to another computer Presenation done by uK Mishra,Your coments will be
  • 19.
    14. Mousetrapping Mouse trappingprevents you from leaving a website. If you are redirected to a bogus website, you may find that you cannot quit with the back or close buttons. In some cases, entering a new web address does not enable you to escape either. The site that mousetraps you will either not allow you to visit another address, or will open another browser window displaying the same site. Some mousetraps let you quit after a number of attempts, but others do not. To escape, use a bookmark or “Favorite”, or open the list of recently-visited addresses and select the next-to-last. You can also press Ctrl+Alt+Del and use the Task Manager to shut down the browser or, if that fails, restart the computer. To reduce the risk of mousetrapping, you can disable Javascript in your internet browser. This prevents you from being trapped at sites that use this script, but it also affects the look and feel of websites. Presenation done by uK Mishra,Your coments will be
  • 20.
    15. Obfuscated spam Obfuscatedspam is email that has been disguised in an attempt to fool anti- spam software. Spammers are constantly trying to find ways to modify or conceal their messages so that your anti-spam software can’t read them, but you can. The simplest example of this “obfuscation” is putting spaces between the letters of words, hoping that anti-spam software will not read the letters as one word, for example VIAGRA Another common technique is to use misspellings or non-standard characters, for example V!agra Presenation done by uK Mishra,Your coments will be
  • 21.
    16. Parasitic viruses Pharmingredirects you from a legitimate website to a bogus copy, allowing criminals to steal the information you enter. Pharming exploits the way that website addresses are composed. Each computer on the internet has a numerical “IP address”, e.g. 127.0.0.1. However, these are not easy to remember, so web addresses also have a domain name, like sophos.com. Every time you type in an address, the domain name has to be turned back into the IP address. A DNS or Domain Name Server on the internet handles this, unless a “local host file” on your computer has already done it To avoid pharming, make sure that you use secure web connections when you access sensitive sites. Just look for the https:// prefix in the web address. If a hacker tries to mimic a secure site, a message will warn you that the site’s certificate does not match the address being visited. Presenation done by uK Mishra,Your coments will be
  • 22.
    17. Page-jacking Page-jacking isthe use of replicas of reputable web pages to catch users and redirect them to other websites. Scammers copy pages from an established website and put them on a new site that appears to be legitimate. They register this new site with major search engines, so that users doing a search find and follow links to it. When the user arrives at the website, they are automatically redirected to a different site that displays advertising or offers of different services. They may also find that they cannot escape from the site without restarting their computer (just like mousetrapping). Presenation done by uK Mishra,Your coments will be
  • 23.
    18. Phishing Phishing isthe use of bogus emails and websites to trick you into supplying confi dential or personal information. Typically, you receive an email that appears to come from a reputable organization, such as a bank. The email includes what appears to be a link to the organization’s website. However, if you follow the link, you are connected to a replica of the website. Any details you enter, such as account numbers, PINs or passwords, can be stolen and used by the hackers who created the bogus site. Presenation done by uK Mishra,Your coments will be
  • 24.
    19.Botnet A botnet orrobot network is a group of computers running a computer application controlled and manipulated only by the owner or the software source. The botnet may refer to a legitimate network of several computers that share program processing amongst them. Different Types of Bots XtremBot, Agobot, Forbot, Phatbot. Botnets may range from one thousand drones to tens of thousands of drones. The larger the botnet, the more recognition and potential there is for financial gain. The source computer can rent services of the botnet to third parties. Common uses of botnets include: • Spamming – After taking advantage of a victims’ computer systems, the botnet commander may use the drones to harvest email addresses and send spam or phishing mails. Presenation done by uK Mishra,Your coments will be
  • 25.
    • Traffic Monitoring– The malware may also be created for the discovery and interception of sensitive data passing through a drone machine. Such malware would sniff for user IDs and passwords. • Denial of Service Attacks – This refers to an attempt to make resources unavailable to its users. For example, the botnet may attack a network in order to disrupt a service through overloading the resources of the drone’s computer system. Such attacks may be carried out to disable the web site of a competitor. • Keylogging – Some bots install keylogging programs in drone computers. Such programs filter for key sequences that come before or after keywords such as “Gmail” or “PayPal.” • Mass Identity Theft – Such thefts are often attributed to botnet attacks. This may be a phishing attack, in which the perpetrator presents himself as a legitimate company in order to obtain personal information, such as user IDs, account numbers or passwords. • Botnet Spread – Drones in the network are often used to spread other botnets to other computers. • Pay-per-Click Systems Abuse – Drone machines can be used to automatically click on a site upon browser activation. By artificially increasing the click counter of an ad, the botnet commander may benefit from Google Adsense, or other affiliate programs. Presenation done by uK Mishra,Your coments will be
  • 26.
    20.Malware Malware is anabbreviated term used to describe a "malicious software" program. Malware includes things like spyware or adware programs, such as tracking cookies, which are used to monitor your surfing habits. It also includes more sinister items, such as keyloggers, Trojan horses, worms, and viruses. Presenation done by uK Mishra,Your coments will be
  • 27.
    21 Spyware Spyware refersto programs that use your Internet connection to send information from your personal computer to some other computer, normally without your knowledge or permission. Most often this information is a record of your ongoing browsing habits, downloads, or it could be more personal data like your name and address Some programs that have included spyware, like RealPlayer, disclose this information in their terms and conditions when RealPlayer is installed, though most users don't read the terms and conditions when they install software, particularly if it is free. KaZaA, a free file sharing program, also includes spyware and there are many others. Presenation done by uK Mishra,Your coments will be
  • 28.
    It is estimatedthat 90% of all computers on the Internet are infected with spyware. Some telltale signs of spyware infection are: •Your computer slows to a crawl due to several spyware programs using up your memory resources. •Advertisements pop up even when you are offline. •You click on a link to go to one site, but your browser gets hijacked and you end up at another site. •Your computer is dialing up numbers on its own that show up on your phone bill. •When you enter a search item, a new and unexpected site handles the search. •Your bookmarks change on their own. •You click your Home button but it takes you to a new site, and when you switch the setting back, the new site appears again anyway. •You get pop-up ads that address you by name even when you have not visited site at which you have registered. Presenation done by uK Mishra,Your coments will be
  • 29.
    22.Social Media A numberof well-reputed social networking and Web 2.0 sites were compromised in 2007. The hackers are able to glean very specific information from site such as LinkedIn and Facebook and then use it to disguise their attacks as friendly and authentic solicitations. Given the popularity and interactivity of the social media sites, they tend to expose their users to cyber criminals in nearly the same way as Instant Messaging. We believe that Social Media sites will be one of the top 5 vulnerabilities in 2008 Social networking sites are ideal havens for online criminal activities as they provide a combination of two key factors: a huge number of users and a high- level of trust among these users, Demerits. 1. Malware, 2. Spam, 3. Targeted attack through employees, 4. Phishing, 5. Human error, leading to leaked corporate data. Presenation done by uK Mishra,Your coments will be
  • 30.
    Prevention better thancure Despite the security risks social networks can bring into a corporate environment, So disabling access to such sites is not the best option as more and more businesses rely on these tools to support their daily operations. Enterprises then need to make sure its employees are educated about security threats related to social networking sites, and implement a comprehensive access and data control strategy to prevent data loss. "If the enterprise can govern the access of information to only the right employees, loss of data by the attackers getting into the network could be minimized," Organizations can reap the benefits of social and business networking online, while keeping the fraudsters at bay." Presenation done by uK Mishra,Your coments will be
  • 31.
    23.VoIP Withover 250 million Skype users today, and research that estimates 1.2 billion VoIP users by 2012, the cyber criminals have found a large, attractive and easy target. More than twice the number of VoIP-related vulnerabilities were reported in 2007 versus the previous year—several high-profile “vishing” attacks, and a criminal phreaking (or fraud) conviction—so it’s clear that VoIP threats have arrived and there’s no sign of a slowdown Presenation done by uK Mishra,Your coments will be
  • 32.
    24.Instant Messaging The National Vulnerability Database reports more than twice the number of AIM (AOL), YIM (Yahoo), and MSN Messenger vulnerabilities for 2007 over the prior year. Even more significant is the finding that there were 10 high-severity risks in 2007, compared with zero in 2006. That’s not all, the top IM virus families of 2005 through 2007 are actively being replace with new and multiple versions making signature based products ineffective. Although IM malware has existed for years, it is likely that the cyber criminals will chose this avenue to attack un-protected PCs. Presenation done by uK Mishra,Your coments will be
  • 33.
    Q&A Presenation doneby uK Mishra,Your coments will be
  • 34.
    Thank You Presenation done by uK Mishra,Your coments will be