Proxy servers act as intermediaries between internal network clients and the internet. They screen requests, cache content to improve performance, and can anonymize users' IP addresses. Anonymizers like VPNs also anonymize users by routing their traffic through encrypted tunnels to hide their real IP addresses and locations. Phishing scams try to steal users' sensitive information like login credentials by tricking them into entering information on fake websites masquerading as legitimate ones. Educating users and technical measures can help combat phishing.

2. Tools and methods
used in cyber crime
-SHUBHRAVRAT

3. Proxy servers:
 A proxy server usually serves multiple roles: it always acts as a security
device, and its optional functions are as a network management tool
and/or a performance enhancement subsystem. At its simplest, a proxy
server accepts requests from one or more computers and relays those
requests to other computers to screen and/or control the access of PCs on
an internal network to services on the Internet

4. How does it work?

5. Features:
 It is a specialized HTTP Server.
 Functions as a firewall.
 Protects client computers from Hackers by limiting outside access to
clients.
 Allows all clients connected to Web Proxy Server to access Internet from
behind “firewall.”
 Client computer(s) are allowed access past firewall with minimum effort
and without compromising security.

6. Proxy caching
 Proxy server stores all the data it receives as a result of placing requests for
information on the Internet in it’s cache.
 Cache simply means memory.
 The cache is typically hard disk space, but it could be RAM.

7. Advantages of caching:
 Save considerable network cost and connection time.
 Reduce the amount of disk space browsers use because many local
browsers can use a single copy of a cached document.
 Caching is disk based; when you restart the server, documents that you
cache are still available.
 User can access blocked content.

8. Pros of proxy:
 Connects through anonymous IP address.
 Usually cheaper than anonymizers (eg.VPN) ; almost free.
 Faster than anonymizers.
 Encrypts 1 program(eg. browser, bittorent client)

10. Anonymizers:
 An anonymizer or an anonymous proxy is a tool that attempts to make
activity on the internet untraceable. It is a proxy server computer that acts
as an intermediary and privacy shield between a client computer and the
rest of the Internet. It accesses the Internet on the user's behalf, protecting
personal information by hiding the client computer's identifying
information

11. How it works?
 Anonymizer’s personal VPN routes all your traffic through an encrypted
tunnel directly from your laptop to secure and hardened servers and
network. Then VPN server mask users REAL IP address to ensure that User
have complete and continuous anonymity for all Users online activities.

12. VPN working:

13. Advantages of anonymizers
 While using Anonymizer, your IP address, physical location and browsing
are anonymized, protecting you from:
 Government Oversight
 Hackers (IP Sniffing)
 Unsecured Public Wifi
 Online Activity
 Tracking

14. Proxy vs VPN

16. Phishing:
 Phishing is essentially an online con game and phishers are nothing more
than tech-savvy con artists and identity thieves. They use SPAM, malicious
Web sites, email messages and instant messages to trick people into
divulging sensitive information, such as bank and credit card accounts

17. Example of phishing:
In figure you can see example of facebook phishing.
Sometimes spammers create fake pages that look like the
Facebook login page. When you enter your email and
password on one of these pages, the spammer records
your information and keeps it. This is called phishing. The
fake sites, like the one below, use a similar URL to
Facebook.com in an attempt to steal people's login
information.The people behind these websites, then use
the information to access victims' accounts and send
messages to their friends, further propagating the
illegitimate sites. In some instances, the phishers make
money by exploiting the personal information they've
obtained.
http://fbapps.hoxty.com

19. Types of phishing:
 Deceptive - Sending a deceptive email, in bulk, with a “call to action” that
demands the recipient click on a lin k.
 Malware-Based -Running malicious software on the user’s machine.
Various forms of malware-based phishing are:
 Key Loggers & Screen Loggers
 Session Hijackers
 Web Trojans
 Data Theft

20. Continued..
 Content-Injection - Inserting malicious content into legitimate site.
 Man-In-The-Middle Phishing - Phisher positions himself between the user
and the legitimate site.
 Search Engine Phishing - Create web pages for fake products, get the
pages indexed by search engines, and wait for users to enter their
confidential information as part of an order, sign-up, or balance transfer.

21. How to combat phishing?
 Educate application users
 Think before you open
 Never click on the links in an email , message boards or mailing lists
 Never submit credentials on forms embedded in emails
 Inspect the address bar and SSL certificate
 Never open suspicious emails
 Ensure that the web browser has the latest security patch applied
 Install latest anti-virus packages
 Destroy any hard copy of sensitive information
 Verify the accounts and transactions regularly
 Report the scam via phone or email.

22. That’s it for the session.