- social engineering
see also witiger.com/ecommerce/SocialEngineering.htm
| DOMAIN NAMES | |
| PHISHING
and reDIRECTS
- social engineering see also witiger.com/ecommerce/SocialEngineering.htm |
This
page last updated 2008 Jan 29
.
 |
This web page has audio clips - just click on the icon (like the one to the left) and you can hear Prof. Richardson's voice adding additional information to topics on the page. |  |
turn on your speakers to hear audio clips |
| see also www.witiger.com/ecommerce/domainnamesregister.htm | This is about how to buy a domain with explanations about Domain Registrars |
| see also www.witiger.com/ecommerce/domainnamesmktg.htm | This is about the marketing issues related to using Domain Names and selecting which name to use |
| see also www.witiger.com/ecommerce/domainnamesscams.htm | This is about scams, hoaxes and problems related to Domain Names such as Domain Name Hijacking and Domain Dispute Resolution |
| see also www.witiger.com/ecommerce/hackingexample.htm | This is a series of screen captures explaining how Domain Names got hacked, and why it happened |
| see also www.witiger.com/ecommerce/domainnamephishing.htm | This is specifically about the Domain Name scam called "phishing" |
| . | This page
used in the following courses taught by Prof. Richardson
.
This page deals with o
Re-directs to fake sites, phisher
sites
|
| Phishing
an introduction |
Ontario's
Consumer and Business Services Minister Jim Watson provided an information
session on Internet scams Wednesday [2004 Nov 17th] at Queen's Park as
part of the provincial government's Consumer Awareness Week.
"Internet criminals have become more sophisticated in recent years by setting up dummy Web sites that look similar to those of major banks, trusted sites like eBay, or even government Web sites. Users are encouraged via e-mail to enter personal and financial information into these sites. The practice, known as phishing, has resulted in monetary theft and in worse cases, identity theft." "Your information goes straight into the hands of crooks," As part of its awareness program this week, [2004 Nov 17th] the Ontario government offered a five-point guideline for safe Internet use: o
Clear your cache at the end of every session
|
| Phishing
an introduction |
What is Phishing
and Pharming?
According to the sitehttp://antiphishing.org/
(found by MRK410 student Sheri Cutts)
witiger translation !!
Phishing attacks use trickery, like pretending to be a legit website, and technical sneaky things, to steal your personal info.
WTGR |
| Why Phishing is so dangerous !!! | -
the cops can't help you
"This is certainly a new crime," said Det. Supt. Rick Kotwa [2005] who heads up the anti-rackets investigation bureau for the Ontario Provincial Police. "We don't have a lot of resources designated towards it." |
Festa says "Deadline pressure Scam artists are taking advantage of eBay's deadline-heavy pace in their schemes, knowing that an eBay user facing a ticking clock is less likely to think twice before handing over a username and password. "One person was out of town and panicked when he got home and saw e-mail saying his auctions wouldn't be kept live unless he made these changes," ... "So he went in and gave them all this personal information. If they catch you at the right time, you can be fooled." |
| Phishing
growing in
|
is the title of a story carried October 22, 2004, Vol. 30 No. 15 in Computing Canada "The "attackers," are sophisticated and make their Web sites look almost identical to the legitimate sites, as they seek users secure banking or personal information through solicitation by e-mail. Unsuspecting users, for whatever reasons, are lured into giving up secure information and soon might be robbed, because they trust the sites." "According to Ken Schneider, Symantec's chief architect for the Network and Gateway Security Solutions Group, between 2001 to 2004 reports of phishing increased from eight per cent to 65 per cent. Predominantly done through e-mail, Schneider said spam has evolved over six years from initially being just text to now having criminal intent." "Michael Murphy, Canadian general manager of Symantec Corp., said that e-commerce based Web sites are receiving 16 per cent of attacking traffic from phishers, up from four per cent in 2003. "These sites have your information," he said. "Goodwill and naivete of the individual is what is being exploited." permission to quote from Computing Canada, Computer Dealer News and itbusiness.ca for this article, and all other articles in witiger.com comes from Joe Tersigni, Publisher, IT Business Group, www.plesman.com, May 2005. Copy of email kept on file in the permissions binder. |
|
Scams 
phishing eBay
& PayPal
phishing |
"Hackers tricked several online merchants who use EBay's PayPal payment processing system into disclosing their user names and passwords, then logged onto the merchants' accounts to download lists of customer names, e-mail addresses, home addresses and transactions, said spokeswoman Amanda Pires. The San Jose, Calif., company did not disclose how many customers had their information stolen, but Pires said it constitutes a small percentage of the service's 40 million registered users. No credit card information, Social Security numbers or other financial details were compromised because that information is encrypted and kept on servers not accessible to merchants, Pires said. But EBay fears that the information will be used to trick customers into giving up their credit card information in an e-mail scam known as phishing or spoofing. This is how such scams work: E-mail users receive messages purportedly from PayPal or other businesses saying that they need to verify their credit card number, Social Security number or other information. Often the e-mail links to a Web site designed to look like a legitimate business, but which really belongs to the perpetrator of the fraud. If the victim enters the requested information on the Web site, he or she may become the victim of identity theft. " "Jordana Beebe, spokeswoman for San Diego nonprofit Privacy Rights Clearinghouse, said that such customized messages would represent a dangerous new step in phishing scams, which are already becoming more sophisticated as crooks create more realistic graphics and Web sites. ...So far, PayPal has seen no evidence of the stolen information being used for scams, nor has it seen any increase in fraudulent e-mails, Pires said. The company has now instituted safeguards requiring merchants to prove their identities before accessing customer transaction information. Beebe, of the Privacy Rights Clearinghouse, suggested that PayPal users might want to close their accounts or at least change their passwords in the wake of this incident. " On this page there are several quotes from ecommercetimes.com. Permission was given by Richard Kern, Associate Publisher of the E-Commerce Times, in an email to Prof. Richardson 2004 Dec 10th, a hard copy of the email is kep on file in Richardson's permissions binder. |
| Phishing
Industry
Phishing Industry
|
permission to quote and link comes from Peter Cassidy, secretary general of the Anti-Phishing Working Group (by email 2005April07) Sheri wrote a helpful note. The following is in her own words. "I was reading the upcoming lesson on viruses and scams. I was very interested in the new scam called “Phishing.” I wanted to learn more and came across a very interesting site about the new trend. http://antiphishing.org/APWG_Phishing_Activity_Report_Feb05.pdf" Sheri explained "This site went into detail on how dangerous this new scam really is. It gave me graphs that highlighted the continuous growth of the trend. I also learned that the United States is ranked number one as the top location for hosting phishing sites with 37%. The main attack is on financial institutions. There is an association that was formed called the “Anti-Phishing Working Group.” They hold forums to discuss phishing issues and share phishing problems. “Membership is open to qualified financial institutions, online retailers, ISP’s, the law enforcement community, and solutions providers.” Sheri concludes "I thought
this site would be interesting because this trend is rapidly developing.
I feel with all the new technology we are dealing with, we, as students
should be aware of this type of scam for our future endeavors."
|
| Phishing
a
|
Phishing, a student's
experience
"I was like, 'why are you buying another cell phone?' He verified it was an error. However, in the email it says click here to log into your account. Once he clicked that link, it took him to PayPal's home page. He logged in. It asked him for his name, street address, credit card number and more. He re-entered everything. But, before he clicked the send button, he was wondering why he has to input everything all over again because he was already registered. As he wondered, he noticed that the URL was not even paypal.com. It was a random URL address. It was a replica of PayPal?s homepage. None of the links on the home page worked. If he clicked the button, all his personal information would have been revealed aka identify theft." Salma suggests
Salma adds
|
.
Swartz explains "Customers of Best Buy, EarthLink and America Online are among recent targets of so-called phisher sites — bogus Web sites that fish for personal data such as credit card and Social Security numbers from unsuspecting consumers." Swartz describes what happened
to Best Buy
Swartz describes what happened
to AOL
|
| Spear
Phishing |
Competitor Intelligence
= Corporate Espionage = Spying - faciliated by "spear phishing" !!!
"Spear phishing" is an increasing cyber crime related to corporate espionage. It is a highly targeted phishing attack where a company executive receives an email from an "authorized partner" regarding a project, which is not widely known outside the company. The purpose of such an email is to encourage opening a file, launching a Trojan, which would provide somebody with access to the whole network." WTGR adds,
|
| Spear
Phishing |
"spear phishing" !!!
Catherine Forsythe explains
on
"For example, if you received an email from someone from your tech support services asking to confirm your security code, would you do it? The email is addressed directly to you and has your name in the text of the note. A glance at the email address shows that it is a company email. If you send back your security code or password, you may have been ‘phished’ - specifically, you have been ’spear phished’. You were targeted. Email addresses can be spoofed.
And the mention of your name in the text is just social engineering. It
is to manipulate you into feeling secure and giving up the information."
|
| Spear
Phishing |
"spear phishing" !!!
WTGR adds,
|
| Problems
and Scams example:
|
Oct 2005, I received
an email, supposedly from Bank of America, asking me to log in - only problem
is, I'm not a Bank of America customer - so I automatically know this is
bogus.
A small percentage of people who receive this spam will actually be real Bank of America customers - most will delete the email, but some may think it is real, and they'll follow the instructions, and be a victim. One of the keys to knowing it is fake, is the part that says "Please do not reply to this e-mail. Mail sent to this address cannot be answered. For assistance, log in to ..." Anytime an email says this, it is because they "spoofed" the originating address WTGR
On the "real" Bank of America
website they have a special section talking about phishing and explain
how it works. BOA also says "Bank of America emails will never ask you
to reply to an email with any personal information or data, such as your
Social Security number, ATM or Check Card PIN, or any other sensitive information."
so you know if you get such a request, it is fake.
|
| Problems
and Scams example:
|
On the "real"
Bank of America website they have a special section talking about phishing
and explain how it works. BOA also says "Bank of America emails will never
ask you to reply to an email with any personal information or data, such
as your Social Security number, ATM or Check Card PIN, or any other sensitive
information." so you know if you get such a request, it is fake.
 |
| Problems
and Scams Verisign
Problems
Verisign
Problems
Verisign
|
It used to be that when you misspelled a domain name - nothing happened, the page did not appear. Now,,, Verisign is using software that responds even if there is no site. Is this a problem?.. Yes. Prof. Geist explains in the context of the topic of "Internet governance" "Last Monday, [2003 Sept 15] at 10:45 a.m., the danger of this laissez faire approach became evident to millions of Internet users. At that moment, VeriSign, the U.S. company that enjoys a monopoly over dot-com and dot-net domain name registration (there are competing registrars who sell domains to the public but they must all buy their domains from VeriSign), flicked a switch and launched a new service called Site Finder. Site Finder is designed to deal with a fairly common occurrence for many Internet users — the entry of an incorrect domain name, either because the domain is no longer active or because of a typo. While users are accustomed to receiving an error message when this occurs, VeriSign's Site Finder service now replaces the error page with a VeriSign page that displays advertising and a search tool. For VeriSign, this new innovation is potentially very lucrative. It estimates that dot-com and dot-net domains are mistyped 20 million times per day, resulting in an additional 20 million visitors to VeriSign's Web site daily and millions of dollars in additional revenue from advertising and click-through searches. The service has also had an immediate negative impact on fight against spam. Many ISPs use anti-spam tools that rely on the ability to discern between domains that exist and those that do not. Since Site Finder ensures that all domains resolve, even where they do not exist, that spam- fighting mechanism has been rendered inoperable for the moment (VeriSign pledged to develop a fix late last week). Domain name owners also feel cheated by the new system. As one domain name owner noted, many would not have opted for a dot-com domain years ago had they known that a system would later be established that would take a user elsewhere if they mistakenly enter a typo on the way to their site. Hardest hit, however, are individual Internet users. Twenty million times a day Internet users who inadvertently enter a typo now find themselves subjected to a lengthy VeriSign terms of use contract found on the Site Finder page. That contract includes provisions relating to user privacy that specify that the company has the right to collect statistics — information such as the user's IP address, page views, from which domains users come, and the browser settings installed on users' computers. In fact, Verisign now places a data identifying "cookie" on every user's computer that further assists with data analysis of users' activities. Given the continuing concern over the Site Finder service, it is likely that technical fixes will be developed to override VeriSign's approach. It is also possible that VeriSign will drop its new service, either voluntarily, by order of a court (it was hit with a $100 million lawsuit over the service by a leading search engine late last week) or under compulsion by ICANN. Regardless of the eventual
outcome, Internet users will look back on the day that Internet governance
mattered and remember that they didn't."
permission to quote provided by Joanne MacDonald, TORSTAR Syndicate Sales by email April 2005 and by Prof. Michael Geist in various emails in 2002-2004. Prof. Geist, of the University of Ottawa, is the author of Internet Law in Canada. Copies of emails kept on file in the permissions binder |
| Problems
and Scams Verisign
Problems
Verisign
|
so people looking for witiger.com can be accidentally directed to
|
| Problems
and Scams Verisign
an update |
.
"Verisign Inc., which assigns and administers Web addresses ending in .com and .net, has agreed to suspend its controversial service that redirects misspelled Web queries to its own page, bowing to pressure from an Internet oversight organization and the computing public. The Internet Corp. for Assigned Names and Numbers, or ICANN, had asked Verisign to halt its Site Finder service a few days after it started on Sept. 15, [2003] but Verisign had declined initially. On Friday, [2003 Oct 3] Paul Twomey, the ICANN president, released a letter written to Verisign's executive vice-president, Russell Lewis, demanding that Verisign suspend the Site Finder service by 6 p.m. Saturday because of "numerous indications that these unannounced changes have had very significant impacts on a wide range of Internet users and applications" and had affected the Internet's stability. "Failure to comply with this demand by that time will leave ICANN no choice to seek promptly to enforce Verisign's contractual obligations," Twomey wrote. Penalties could include imposing fines of up to $100,000 (U.S.), or removing Verisign's right to operate as the biggest provider of domain names. In response, Verisign agreed to temporarily suspend the service." |
|
|
CONTACT I MAIN PAGE I NEWS GALLERY I E-BIZ SHORTCUTS I INT'L BIZ SHORTCUTS I MKTG&BUSINESS SHORTCUTS I TEACHING SCHEDULE |
| . | |
| MISTAKES ITEXTS USED I IMAGES I RANK IDISCLAIMER I STUDENT CONTRIBUTORS I FORMER STUDENTS I | |
| . |
