SlideShare a Scribd company logo

RSA Monthly Online Fraud Report -- August 2013

E
EMC

This report offers insight on the latest trends in phishing, malware and cybercrime around the world.

TechnologyNews & Politics
1 of 5
Download to read offline
F R A U D R E P O R T PHISH LOCKERS OUT IN THE WILD August 2013 RSA researchers have been increasingly witnessing the activity of highly targeted Trojans, dubbed ‘Phish Lockers’, used at the hands of cybercriminals to steal credentials. The Trojans are deployed as a means to present online users with a phishing page that is generated by malware, while locking the desktop, hence the name. This type of malware is not defined as a banking Trojan in the traditional sense. It is basic malicious code that can manipulate certain actions on an infected PC, but it is not a rootkit or otherwise able to actively monitor online activity, keylog or perform web injections. Phish lockers were observed attacking banks in Latin America earlier this year, where local pharming is a very common attack method. However, the lockers are now starting to show up in new regions, attacking one or more banks at a time. INSIDE THE PHISH LOCKING ROOM Much like most banking Trojans, phish lockers are activated by trigger. When an infected user logs into a website contained on the malware’s trigger list, the Trojan becomes active. However, unlike banking Trojans, phish lockers don’t have a classic configuration file. Most of the information is hardcoded into the malware and therefore cannot be changed on the fly. The malware is compatible with all major browsers including Internet Explorer, Firefox, Chrome, and Opera. The first visible action that the user will see is the browser window being shut down, then the desktop’s START button disappearing (a common occurrence with ransomware, for example). Based on the URL initially typed into the browser, the Trojan will pop-up a corresponding web form that looks exactly like legitimate web page, but is actually a phishing page.
page 2 The phish locker malware usually comes with a few hardcoded web forms, each requiring a relevant set of credentials from infected bank customers. Usually, the information requested by the malware corresponds with phishing attacks targeting the particular bank. For example, if the bank uses out-of-band SMS for transaction verification, the form might have a request for the user’s mobile number. When banking Trojans infect user machines, they are present on the device and can log a user’s keystrokes and steal documents, certificates, cookies and other elements dictated by the botmaster. Banking malware regularly sends logs of stolen information to its operator, using pre- defined domains as communication resources. Phish lockers on the other hand, are not designed to carry out such complex activity and use basic methods to transmit stolen data such as email. In order to facilitate sending emails from the infected PC, the malware’s author programmed it to use Extended SMTP, predefining a sender and a few recipients that will act as a fallback mechanism in case the data gets intercepted or the mailbox blocked/closed for some reason. Yet another differentiator that separates banking Trojans from phish lockers is the mode of activity. While banking malware steals and listens for data at all times when the browser is open, the locker closes the browser altogether, and then does the stealing. Once the information from the locker’s web forms is sent, the malware remains inactive and does not carry out any other malicious activity on the PC, allowing the user to regain control. CONCLUSION It is rather interesting to see Trojans of this type, which are considered very basic when compared to most banking Trojans in the wild. It is even more interesting to see them appearing in geographies where banking security is considered to be very advanced. This phenomenon may be linked with the trend towards privatization of banking Trojans. This has created a barrier for many cybercriminals as they are denied access to purchase more advanced malware kits to launch attacks. This could be perhaps be pushing some cybercriminals to write and deploy simple malicious codes that will at least get their dirty work done. Figure 1: Phish locker’s web form pop-up requesting credit card information
page 3 Phishing Attacks per Month RSA identified 45,232 phishing attacks launched worldwide in July, marking a 26% increase in attack volume in the last month. 0 10000 20000 30000 40000 50000 60000 Source:RSAAnti-FraudCommandCenter 59406 49488 35440 33768 41834 29581 30151 27463 24347 26902 36966 35831 Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13 Jun13 Jul13 US Bank Types Attacked National banks continue to be the most targeted by phishing within the U.S. banking sector with 74% of attacks in July while credit unions were targeted by one out of every ten attacks last month. 0 20 40 60 80 100 Source:RSAAnti-FraudCommandCenter 11% 11% 9% 9% 12% 6% 15% 8% 17% 15% 8% 11% 11% 15% 15% 14% 14% 9% 15% 15% 23% 23% 12% 19% 13% 15% 74% 74% 77% 77% 79% 79% 70% 69% 60% 73% 73% 76% 74% Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13 Jun13 Jul13 45232
page 4 Top Countries by Attack Volume The U.S. remained the country most attacked by phishing in July, targeted by 58% of total phishing volume. Germany endured the second highest volume of phishing at 9%, followed by the UK at 8%. India, France, Canada, South Africa and Italy were collectively targeted by 15% of phishing volume. UKGermanyChinaCanadaSouth KoreaAustraliaa United Kingdom 8% U.S. 58% Italy 3% South Africa 3% India 3% Germany 9% France 3% Canada 3% 48 Other Countries 10% BrasilIndiaNetherlandsCanadaItalyChinaS AfricaUS Top Countries by Attacked Brands U.S. brands were once again most affected by phishing in July, targeted by 28% of phishing attacks. Brands in the UK, India, Italy and China together endured one- quarter of phishing attack volume. Top Hosting Countries The U.S. remained the top hosting country in July with 45% of global phishing attacks hosted within the country, followed by Canada, Germany, and the UK. To date, RSA has worked with more than 15,300 hosting entities around the world to shut down cyber attacks. U.S. 45% 62 Other Countries 33% Canada 6% Netherlands 4% France 3% Germany 5% United Kingdom 4% BrasilIndiaNetherlandsCanadaItalyChinaS AfricaUSa United Kingdom 11% 51 Other Countries 47% U.S. 28% China 4% Australia 5% India 6% Italy 4%
www.emc.com/rsa CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller – or visit us at www.emc.com/rsa ©2013 EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective holders. AUG RPT 0813

Recommended

Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksArrayShield Technologies Private Limited
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hackingMd. Mehadi Hassan Bappy
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threatsourav newatia
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
cybercrime survival guide
cybercrime survival guidecybercrime survival guide
cybercrime survival guideGary Gray, MCSE
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till nowelakkiya poongunran
 
Are You a Hacker's Target?
Are You a Hacker's Target?Are You a Hacker's Target?
Are You a Hacker's Target?Blue Coat
 

Recommended

Compilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksCompilation of phishing and keylogger attacks
Compilation of phishing and keylogger attacksArrayShield Technologies Private Limited
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hackingMd. Mehadi Hassan Bappy
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threatsourav newatia
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
cybercrime survival guide
cybercrime survival guidecybercrime survival guide
cybercrime survival guideGary Gray, MCSE
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till nowelakkiya poongunran
 
Are You a Hacker's Target?
Are You a Hacker's Target?Are You a Hacker's Target?
Are You a Hacker's Target?Blue Coat
 
Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeBlue Coat
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptSanjay Kumar
 
A presentation on Phishing
A presentation on PhishingA presentation on Phishing
A presentation on PhishingCreative Technology
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
Online financial fraud infographic
Online financial fraud infographicOnline financial fraud infographic
Online financial fraud infographicPrayukth K V
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Phishing technology
Phishing technologyPhishing technology
Phishing technologyPreeti Papneja
 
5 ways criminals use facebook
5 ways criminals use facebook5 ways criminals use facebook
5 ways criminals use facebookWilliam Grieve
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
Phishing & Pharming
Phishing & PharmingPhishing & Pharming
Phishing & PharmingDevendra Yadav
 
Ransomware
RansomwareRansomware
RansomwareDeepakKumar4980
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing AttacksJagan Mohan
 
Phishing
PhishingPhishing
PhishingSaurabhKantSahu1
 
Phishing
PhishingPhishing
PhishingSouganthikaSankaresw
 
Protecting Yourself Against Mobile Phishing
Protecting Yourself Against Mobile PhishingProtecting Yourself Against Mobile Phishing
Protecting Yourself Against Mobile PhishingAlliance Data card services - Know More Sell More
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation AniketPandit18
 
Site2
Site2Site2
Site2funerariagenesis
 
Sarahs Steakhouse
Sarahs SteakhouseSarahs Steakhouse
Sarahs Steakhousesugarmac43
 

More Related Content

What's hot

Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeBlue Coat
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
Online financial fraud infographic
Online financial fraud infographicOnline financial fraud infographic
Online financial fraud infographicPrayukth K V
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORTvineetkathan
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comBusiness.com
 
5 ways criminals use facebook
5 ways criminals use facebook5 ways criminals use facebook
5 ways criminals use facebookWilliam Grieve
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing AttacksJagan Mohan
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation AniketPandit18
 

What's hot (20)

Education is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber CrimeEducation is the Key to Fighting Cyber Crime
Education is the Key to Fighting Cyber Crime
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
A presentation on Phishing
A presentation on PhishingA presentation on Phishing
A presentation on Phishing
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Online financial fraud infographic
Online financial fraud infographicOnline financial fraud infographic
Online financial fraud infographic
 
PHISHING PROJECT REPORT
PHISHING PROJECT REPORTPHISHING PROJECT REPORT
PHISHING PROJECT REPORT
 
A Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.comA Guide to Internet Security For Businesses- Business.com
A Guide to Internet Security For Businesses- Business.com
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
5 ways criminals use facebook
5 ways criminals use facebook5 ways criminals use facebook
5 ways criminals use facebook
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacks
 
Phishing & Pharming
Phishing & PharmingPhishing & Pharming
Phishing & Pharming
 
Ransomware
RansomwareRansomware
Ransomware
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
 
Phishing
PhishingPhishing
Phishing
 
Phishing
PhishingPhishing
Phishing
 
Protecting Yourself Against Mobile Phishing
Protecting Yourself Against Mobile PhishingProtecting Yourself Against Mobile Phishing
Protecting Yourself Against Mobile Phishing
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation
 

Viewers also liked

Sarahs Steakhouse
Sarahs SteakhouseSarahs Steakhouse
Sarahs Steakhousesugarmac43
 
Prostate Cancer and Sexuality: Survey
Prostate Cancer and Sexuality: SurveyProstate Cancer and Sexuality: Survey
Prostate Cancer and Sexuality: SurveyPCAinAZ
 
Online Dating Marktstudie / Branchenreport Deutschland
Online Dating Marktstudie / Branchenreport DeutschlandOnline Dating Marktstudie / Branchenreport Deutschland
Online Dating Marktstudie / Branchenreport DeutschlandFrancesco Monti
 
12 Courselectroniquebase 131216070520-phpapp01
12 Courselectroniquebase 131216070520-phpapp0112 Courselectroniquebase 131216070520-phpapp01
12 Courselectroniquebase 131216070520-phpapp01zinoha
 
Uxperts mobi 2013 - UX for Windows 8
Uxperts mobi 2013 - UX for Windows 8Uxperts mobi 2013 - UX for Windows 8
Uxperts mobi 2013 - UX for Windows 8Winnie Valbracht
 
Serioes Geld verdienen mit automatischen Blogs
Serioes Geld verdienen mit automatischen BlogsSerioes Geld verdienen mit automatischen Blogs
Serioes Geld verdienen mit automatischen BlogsCurt Leuch
 
Apresentação RioJunior - Palestra Trainee - Completa
Apresentação RioJunior - Palestra Trainee - CompletaApresentação RioJunior - Palestra Trainee - Completa
Apresentação RioJunior - Palestra Trainee - CompletaHector Muniz
 
Thank you for Coding #BSW13
Thank you for Coding #BSW13Thank you for Coding #BSW13
Thank you for Coding #BSW13Hoang Huynh
 
Format laporan bulanan
Format laporan bulananFormat laporan bulanan
Format laporan bulananJudith Joseph
 
Sistemas Sensoriales y Modalidades Perceptivas
Sistemas Sensoriales y Modalidades PerceptivasSistemas Sensoriales y Modalidades Perceptivas
Sistemas Sensoriales y Modalidades PerceptivasRosanyely Viloria
 
Linkbuilding 2016 (Seo) von Martin Mißfeldt
Linkbuilding 2016 (Seo) von Martin MißfeldtLinkbuilding 2016 (Seo) von Martin Mißfeldt
Linkbuilding 2016 (Seo) von Martin MißfeldtDUPLICON
 
Market Research on Coca-Cola Vs. Pepsi
Market Research on Coca-Cola Vs. Pepsi Market Research on Coca-Cola Vs. Pepsi
Market Research on Coca-Cola Vs. Pepsi Dushyant Singh
 
Practice pp fs and travistan
Practice pp fs and travistanPractice pp fs and travistan
Practice pp fs and travistanTravis Klein
 
Filo diretto apr13 senza pubbl
Filo diretto apr13 senza pubblFilo diretto apr13 senza pubbl
Filo diretto apr13 senza pubblMarco Frullanti
 
TECHNIQUES TO KEEP MEN AND WOMEN YOUNG, SEXY AND HAPPY FOR PEACE AND PROSPERI...
TECHNIQUES TO KEEP MEN AND WOMEN YOUNG, SEXY AND HAPPY FOR PEACE AND PROSPERI...TECHNIQUES TO KEEP MEN AND WOMEN YOUNG, SEXY AND HAPPY FOR PEACE AND PROSPERI...
TECHNIQUES TO KEEP MEN AND WOMEN YOUNG, SEXY AND HAPPY FOR PEACE AND PROSPERI...Dr. Raju M. Mathew
 
Friday nationalism
Friday nationalismFriday nationalism
Friday nationalismTravis Klein
 

Viewers also liked (20)

Site2
Site2Site2
Site2
 
Sarahs Steakhouse
Sarahs SteakhouseSarahs Steakhouse
Sarahs Steakhouse
 
Vol1 10
Vol1 10Vol1 10
Vol1 10
 
Prostate Cancer and Sexuality: Survey
Prostate Cancer and Sexuality: SurveyProstate Cancer and Sexuality: Survey
Prostate Cancer and Sexuality: Survey
 
Online Dating Marktstudie / Branchenreport Deutschland
Online Dating Marktstudie / Branchenreport DeutschlandOnline Dating Marktstudie / Branchenreport Deutschland
Online Dating Marktstudie / Branchenreport Deutschland
 
12 Courselectroniquebase 131216070520-phpapp01
12 Courselectroniquebase 131216070520-phpapp0112 Courselectroniquebase 131216070520-phpapp01
12 Courselectroniquebase 131216070520-phpapp01
 
Uxperts mobi 2013 - UX for Windows 8
Uxperts mobi 2013 - UX for Windows 8Uxperts mobi 2013 - UX for Windows 8
Uxperts mobi 2013 - UX for Windows 8
 
Serioes Geld verdienen mit automatischen Blogs
Serioes Geld verdienen mit automatischen BlogsSerioes Geld verdienen mit automatischen Blogs
Serioes Geld verdienen mit automatischen Blogs
 
Apresentação RioJunior - Palestra Trainee - Completa
Apresentação RioJunior - Palestra Trainee - CompletaApresentação RioJunior - Palestra Trainee - Completa
Apresentação RioJunior - Palestra Trainee - Completa
 
Thank you for Coding #BSW13
Thank you for Coding #BSW13Thank you for Coding #BSW13
Thank you for Coding #BSW13
 
Introduction to Accumulo
Introduction to AccumuloIntroduction to Accumulo
Introduction to Accumulo
 
Format laporan bulanan
Format laporan bulananFormat laporan bulanan
Format laporan bulanan
 
Sistemas Sensoriales y Modalidades Perceptivas
Sistemas Sensoriales y Modalidades PerceptivasSistemas Sensoriales y Modalidades Perceptivas
Sistemas Sensoriales y Modalidades Perceptivas
 
Linkbuilding 2016 (Seo) von Martin Mißfeldt
Linkbuilding 2016 (Seo) von Martin MißfeldtLinkbuilding 2016 (Seo) von Martin Mißfeldt
Linkbuilding 2016 (Seo) von Martin Mißfeldt
 
Market Research on Coca-Cola Vs. Pepsi
Market Research on Coca-Cola Vs. Pepsi Market Research on Coca-Cola Vs. Pepsi
Market Research on Coca-Cola Vs. Pepsi
 
Practice pp fs and travistan
Practice pp fs and travistanPractice pp fs and travistan
Practice pp fs and travistan
 
Codigo
CodigoCodigo
Codigo
 
Filo diretto apr13 senza pubbl
Filo diretto apr13 senza pubblFilo diretto apr13 senza pubbl
Filo diretto apr13 senza pubbl
 
TECHNIQUES TO KEEP MEN AND WOMEN YOUNG, SEXY AND HAPPY FOR PEACE AND PROSPERI...
TECHNIQUES TO KEEP MEN AND WOMEN YOUNG, SEXY AND HAPPY FOR PEACE AND PROSPERI...TECHNIQUES TO KEEP MEN AND WOMEN YOUNG, SEXY AND HAPPY FOR PEACE AND PROSPERI...
TECHNIQUES TO KEEP MEN AND WOMEN YOUNG, SEXY AND HAPPY FOR PEACE AND PROSPERI...
 
Friday nationalism
Friday nationalismFriday nationalism
Friday nationalism
 

Similar to RSA Monthly Online Fraud Report -- August 2013

RSA Monthly Online Fraud Report -- May 2013
RSA Monthly Online Fraud Report -- May 2013RSA Monthly Online Fraud Report -- May 2013
RSA Monthly Online Fraud Report -- May 2013EMC
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxbkbk37
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxwrite12
 
The Current State of Cybercrime 2014
The Current State of Cybercrime 2014The Current State of Cybercrime 2014
The Current State of Cybercrime 2014EMC
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfKALPITKALPIT1
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityMd Nishad
 
Ransomware Review 2017
Ransomware Review 2017Ransomware Review 2017
Ransomware Review 2017Dryden Geary
 
Your money or your files
Your money or your filesYour money or your files
Your money or your filesRoel Palmaers
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityMichele Thomas
 
proofpoint-blindspots-visibility-white-paper
proofpoint-blindspots-visibility-white-paperproofpoint-blindspots-visibility-white-paper
proofpoint-blindspots-visibility-white-paperKen Spencer Brown
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up bookDiego Souza
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityMuhammad Hamza
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar ReportArindam Sarkar
 
Running Head CYBERSECURITY1CYBERSECURITY 15.docx
Running Head CYBERSECURITY1CYBERSECURITY 15.docxRunning Head CYBERSECURITY1CYBERSECURITY 15.docx
Running Head CYBERSECURITY1CYBERSECURITY 15.docxtodd271
 
Crimes in digital marketing..pptx
Crimes in digital marketing..pptxCrimes in digital marketing..pptx
Crimes in digital marketing..pptxRajviNikeetaRathore
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trendsShreedeep Rayamajhi
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareSymantec
 

Similar to RSA Monthly Online Fraud Report -- August 2013 (20)

RSA Monthly Online Fraud Report -- May 2013
RSA Monthly Online Fraud Report -- May 2013RSA Monthly Online Fraud Report -- May 2013
RSA Monthly Online Fraud Report -- May 2013
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
 
Discuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docxDiscuss similarities and differences between and Trojan.docx
Discuss similarities and differences between and Trojan.docx
 
Ransomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacksRansomware-as-a-Service: The business of distributing cyber attacks
Ransomware-as-a-Service: The business of distributing cyber attacks
 
The Current State of Cybercrime 2014
The Current State of Cybercrime 2014The Current State of Cybercrime 2014
The Current State of Cybercrime 2014
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Ransomware Review 2017
Ransomware Review 2017Ransomware Review 2017
Ransomware Review 2017
 
Your money or your files
Your money or your filesYour money or your files
Your money or your files
 
A Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information SecurityA Survey On Cyber Crime Information Security
A Survey On Cyber Crime Information Security
 
proofpoint-blindspots-visibility-white-paper
proofpoint-blindspots-visibility-white-paperproofpoint-blindspots-visibility-white-paper
proofpoint-blindspots-visibility-white-paper
 
Ransomware all locked up book
Ransomware all locked up bookRansomware all locked up book
Ransomware all locked up book
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cybercrime: A Seminar Report
Cybercrime: A Seminar ReportCybercrime: A Seminar Report
Cybercrime: A Seminar Report
 
Running Head CYBERSECURITY1CYBERSECURITY 15.docx
Running Head CYBERSECURITY1CYBERSECURITY 15.docxRunning Head CYBERSECURITY1CYBERSECURITY 15.docx
Running Head CYBERSECURITY1CYBERSECURITY 15.docx
 
Threat report h1_2013
Threat report h1_2013Threat report h1_2013
Threat report h1_2013
 
Crimes in digital marketing..pptx
Crimes in digital marketing..pptxCrimes in digital marketing..pptx
Crimes in digital marketing..pptx
 
Digital Threat Landscape
Digital Threat LandscapeDigital Threat Landscape
Digital Threat Landscape
 
Cyber security and current trends
Cyber security and current trendsCyber security and current trends
Cyber security and current trends
 
WHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of RansomwareWHITE PAPER▶ The Evolution of Ransomware
WHITE PAPER▶ The Evolution of Ransomware
 

More from EMC

INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDINDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDEMC
 
Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote EMC
 
EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOEMC
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremioEMC
 
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC
 
EMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC
 
Modern infrastructure for business data lake
Modern infrastructure for business data lakeModern infrastructure for business data lake
Modern infrastructure for business data lakeEMC
 
Force Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereForce Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereEMC
 
Pivotal : Moments in Container History
Pivotal : Moments in Container History Pivotal : Moments in Container History
Pivotal : Moments in Container History EMC
 
Data Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewData Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewEMC
 
Mobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeMobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeEMC
 
Virtualization Myths Infographic
Virtualization Myths Infographic Virtualization Myths Infographic
Virtualization Myths Infographic EMC
 
Intelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityIntelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityEMC
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeEMC
 
EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC
 
EMC Academic Summit 2015
EMC Academic Summit 2015EMC Academic Summit 2015
EMC Academic Summit 2015EMC
 
Data Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesData Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesEMC
 
Using EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsUsing EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsEMC
 
Using EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookUsing EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookEMC
 

More from EMC (20)

INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUDINDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
INDUSTRY-LEADING TECHNOLOGY FOR LONG TERM RETENTION OF BACKUPS IN THE CLOUD
 
Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote Cloud Foundry Summit Berlin Keynote
Cloud Foundry Summit Berlin Keynote
 
EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX EMC GLOBAL DATA PROTECTION INDEX
EMC GLOBAL DATA PROTECTION INDEX
 
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIOTransforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
Transforming Desktop Virtualization with Citrix XenDesktop and EMC XtremIO
 
Citrix ready-webinar-xtremio
Citrix ready-webinar-xtremioCitrix ready-webinar-xtremio
Citrix ready-webinar-xtremio
 
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
EMC FORUM RESEARCH GLOBAL RESULTS - 10,451 RESPONSES ACROSS 33 COUNTRIES
 
EMC with Mirantis Openstack
EMC with Mirantis OpenstackEMC with Mirantis Openstack
EMC with Mirantis Openstack
 
Modern infrastructure for business data lake
Modern infrastructure for business data lakeModern infrastructure for business data lake
Modern infrastructure for business data lake
 
Force Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop ElsewhereForce Cyber Criminals to Shop Elsewhere
Force Cyber Criminals to Shop Elsewhere
 
Pivotal : Moments in Container History
Pivotal : Moments in Container History Pivotal : Moments in Container History
Pivotal : Moments in Container History
 
Data Lake Protection - A Technical Review
Data Lake Protection - A Technical ReviewData Lake Protection - A Technical Review
Data Lake Protection - A Technical Review
 
Mobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or FoeMobile E-commerce: Friend or Foe
Mobile E-commerce: Friend or Foe
 
Virtualization Myths Infographic
Virtualization Myths Infographic Virtualization Myths Infographic
Virtualization Myths Infographic
 
Intelligence-Driven GRC for Security
Intelligence-Driven GRC for SecurityIntelligence-Driven GRC for Security
Intelligence-Driven GRC for Security
 
The Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure AgeThe Trust Paradox: Access Management and Trust in an Insecure Age
The Trust Paradox: Access Management and Trust in an Insecure Age
 
EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015EMC Technology Day - SRM University 2015
EMC Technology Day - SRM University 2015
 
EMC Academic Summit 2015
EMC Academic Summit 2015EMC Academic Summit 2015
EMC Academic Summit 2015
 
Data Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education ServicesData Science and Big Data Analytics Book from EMC Education Services
Data Science and Big Data Analytics Book from EMC Education Services
 
Using EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere EnvironmentsUsing EMC Symmetrix Storage in VMware vSphere Environments
Using EMC Symmetrix Storage in VMware vSphere Environments
 
Using EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBookUsing EMC VNX storage with VMware vSphereTechBook
Using EMC VNX storage with VMware vSphereTechBook
 

Recently uploaded

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 

Recently uploaded (20)

Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 

RSA Monthly Online Fraud Report -- August 2013

  • 1. F R A U D R E P O R T PHISH LOCKERS OUT IN THE WILD August 2013 RSA researchers have been increasingly witnessing the activity of highly targeted Trojans, dubbed ‘Phish Lockers’, used at the hands of cybercriminals to steal credentials. The Trojans are deployed as a means to present online users with a phishing page that is generated by malware, while locking the desktop, hence the name. This type of malware is not defined as a banking Trojan in the traditional sense. It is basic malicious code that can manipulate certain actions on an infected PC, but it is not a rootkit or otherwise able to actively monitor online activity, keylog or perform web injections. Phish lockers were observed attacking banks in Latin America earlier this year, where local pharming is a very common attack method. However, the lockers are now starting to show up in new regions, attacking one or more banks at a time. INSIDE THE PHISH LOCKING ROOM Much like most banking Trojans, phish lockers are activated by trigger. When an infected user logs into a website contained on the malware’s trigger list, the Trojan becomes active. However, unlike banking Trojans, phish lockers don’t have a classic configuration file. Most of the information is hardcoded into the malware and therefore cannot be changed on the fly. The malware is compatible with all major browsers including Internet Explorer, Firefox, Chrome, and Opera. The first visible action that the user will see is the browser window being shut down, then the desktop’s START button disappearing (a common occurrence with ransomware, for example). Based on the URL initially typed into the browser, the Trojan will pop-up a corresponding web form that looks exactly like legitimate web page, but is actually a phishing page.
  • 2. page 2 The phish locker malware usually comes with a few hardcoded web forms, each requiring a relevant set of credentials from infected bank customers. Usually, the information requested by the malware corresponds with phishing attacks targeting the particular bank. For example, if the bank uses out-of-band SMS for transaction verification, the form might have a request for the user’s mobile number. When banking Trojans infect user machines, they are present on the device and can log a user’s keystrokes and steal documents, certificates, cookies and other elements dictated by the botmaster. Banking malware regularly sends logs of stolen information to its operator, using pre- defined domains as communication resources. Phish lockers on the other hand, are not designed to carry out such complex activity and use basic methods to transmit stolen data such as email. In order to facilitate sending emails from the infected PC, the malware’s author programmed it to use Extended SMTP, predefining a sender and a few recipients that will act as a fallback mechanism in case the data gets intercepted or the mailbox blocked/closed for some reason. Yet another differentiator that separates banking Trojans from phish lockers is the mode of activity. While banking malware steals and listens for data at all times when the browser is open, the locker closes the browser altogether, and then does the stealing. Once the information from the locker’s web forms is sent, the malware remains inactive and does not carry out any other malicious activity on the PC, allowing the user to regain control. CONCLUSION It is rather interesting to see Trojans of this type, which are considered very basic when compared to most banking Trojans in the wild. It is even more interesting to see them appearing in geographies where banking security is considered to be very advanced. This phenomenon may be linked with the trend towards privatization of banking Trojans. This has created a barrier for many cybercriminals as they are denied access to purchase more advanced malware kits to launch attacks. This could be perhaps be pushing some cybercriminals to write and deploy simple malicious codes that will at least get their dirty work done. Figure 1: Phish locker’s web form pop-up requesting credit card information
  • 3. page 3 Phishing Attacks per Month RSA identified 45,232 phishing attacks launched worldwide in July, marking a 26% increase in attack volume in the last month. 0 10000 20000 30000 40000 50000 60000 Source:RSAAnti-FraudCommandCenter 59406 49488 35440 33768 41834 29581 30151 27463 24347 26902 36966 35831 Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13 Jun13 Jul13 US Bank Types Attacked National banks continue to be the most targeted by phishing within the U.S. banking sector with 74% of attacks in July while credit unions were targeted by one out of every ten attacks last month. 0 20 40 60 80 100 Source:RSAAnti-FraudCommandCenter 11% 11% 9% 9% 12% 6% 15% 8% 17% 15% 8% 11% 11% 15% 15% 14% 14% 9% 15% 15% 23% 23% 12% 19% 13% 15% 74% 74% 77% 77% 79% 79% 70% 69% 60% 73% 73% 76% 74% Jul12 Aug12 Sep12 Oct12 Nov12 Dec12 Jan13 Feb13 Mar13 Apr13 May13 Jun13 Jul13 45232
  • 4. page 4 Top Countries by Attack Volume The U.S. remained the country most attacked by phishing in July, targeted by 58% of total phishing volume. Germany endured the second highest volume of phishing at 9%, followed by the UK at 8%. India, France, Canada, South Africa and Italy were collectively targeted by 15% of phishing volume. UKGermanyChinaCanadaSouth KoreaAustraliaa United Kingdom 8% U.S. 58% Italy 3% South Africa 3% India 3% Germany 9% France 3% Canada 3% 48 Other Countries 10% BrasilIndiaNetherlandsCanadaItalyChinaS AfricaUS Top Countries by Attacked Brands U.S. brands were once again most affected by phishing in July, targeted by 28% of phishing attacks. Brands in the UK, India, Italy and China together endured one- quarter of phishing attack volume. Top Hosting Countries The U.S. remained the top hosting country in July with 45% of global phishing attacks hosted within the country, followed by Canada, Germany, and the UK. To date, RSA has worked with more than 15,300 hosting entities around the world to shut down cyber attacks. U.S. 45% 62 Other Countries 33% Canada 6% Netherlands 4% France 3% Germany 5% United Kingdom 4% BrasilIndiaNetherlandsCanadaItalyChinaS AfricaUSa United Kingdom 11% 51 Other Countries 47% U.S. 28% China 4% Australia 5% India 6% Italy 4%
  • 5. www.emc.com/rsa CONTACT US To learn more about how RSA products, services, and solutions help solve your business and IT challenges contact your local representative or authorized reseller – or visit us at www.emc.com/rsa ©2013 EMC Corporation. EMC, RSA, the RSA logo, and FraudAction are trademarks or registered trademarks of EMC Corporation in the U.S. and/or other countries. All other trademarks mentioned are the property of their respective holders. AUG RPT 0813