Professional Documents
Culture Documents
“PHISHING”
-A THREAT TO NETWORK SECURITY
GODAVARI INSTITUTE OF
ENGINEERING AND TECHNOLOGY
Presented by:
N.SURAJ S.V.R.ADITYA
web based delivery, and trojoned host. In from the analogy that early Internet
addition to these, it describes the various criminals used email lures to “phish” (FISH)
phishing attack vectors. Phishing attacks for passwords and financial data from sea of
include man in middle attacks, confusing Internet users. The term Phishing covers not
URL attacks, hidden attacks, and confusing only obtaining user account details, but now
host names. Our paper also gives includes access to all personal and financial
to trick the Customer into doing something name and password which trick many
with their server and/or supplied page customers into thinking that they are
actually visiting the target organization.
content .The most common methods are:
3.3 CONFUSING HOST NAMES:
3.1 MAN IN MIDDLE ATTACKS:
Most Internet users are familiar with
In this class of attacks, the attackers situate
navigating to sites and services using a fully
themselves between the customer and the
qualified domain name, such as
real web-based application, and proxies all
www.site.com. For a web browser to
communications between the systems.
communicate over the Internet, this address
must to be resolved to an IP address, such as
209.134.161.35 for www.site.com. This
resolution of IP address to host name is
achieved through domain name servers.
3.4 HIDDEN ATTACKS:
An attacker may make use of HTML,
DHTML and other scriptable code that can
3.2 CONFUSING URL ATTACKS: be interpreted by the customer’s web
browser and used to manipulate the display
The secret for many phishing attacks is
of the rendered information. In many
to get the message recipient to follow a
instances the attacker will use these
hyperlink (URL) to the attacker’s server,
techniques to disguise fake content as
without them realizing that they have been
coming from the real site – whether this is a
duped. The most common methods of URL
man-in-the-middle attack, or a fake copy of
obfuscation include:
the site hosted on the attackers own systems.
The most common vectors include: to detect and block the installation of
• Hidden Frames • Overriding Page malicious software like Trojans, spy wares.
Content • Graphical Substitution 4.1.2 Email Sophistication:
4. DEFENCE MECHANISM: Many of the attacks are successful due to
The Phisher has a large number of methods HTML-based email Functionality as
at their disposal consequently there is no Explained above.
single solution capable of combating all · HTML functionality must be disabled
these different attack vectors. However, it is in all email client applications capable of
possible to prevent current and future accepting or sending Internet emails.
Phishing attacks by utilizing a mix of Instead plain-text email representation
information security technologies and should be used, and ideally the chosen
techniques. For best protection, these font should be fixed-with such as Courier.
security technologies and techniques must · Email applications capable of blocking
be deployed at three Logical layers: “dangerous” attachments and preventing
The Client-side – this includes the user’s users from quickly executing or viewing
PC.The Server-side – this includes the attached content should be used whenever
businesses, Internet visible systems and possible.
custom applications. Enterprise Level – 4.1.3 Browser Capabilities:
distributed technologies and third-party The common web browser may be used as a
management services defense against phishing attacks – if it is
4.1 CLIENT SIDE: configured securely. Customers and
Client side is a representation of forefront of businesses must make a move to use a web
anti-phishing security. At this side browser that is appropriate for the task at
protection against phishing can be done by: hand. To help prevent many Phishing attack
· Desktop protection technologies vectors, web browser users should:
· Email sophistication • Disable all window pop-up functionality.
· Browser capabilities • Disable Java runtime support.
· Customer vigilance • Disable ActiveX support.
4.1.1 Desktop protection technologies: • Disable all multimedia and auto-play/auto-
By using anti-viruses, anti-spy wares, execute extensions.
personal firewall etc, which have the ability • Prevent the storage of non-secure cookies.
•Ensure that any downloads cannot be · Credit card and bank account
automatically run from the browser, and statements are to be reviewed as soon as
must Instead be downloaded into a directory they are received to determine whether there
for anti- Virus inspection. are any unauthorized charges. If the
4.1.4 Customer Vigilance: statement is late by more than a couple of
Customers may take a number of steps to days, a call to Credit Card Company or bank
avoid becoming a victim of a phishing must be made to confirm billing address and
attack that involve inspecting content that is account balances.
presented to them carefully.
Some measures that should be taken by the 4.2 SERVER SIDE:
customer are: By implementing intelligent anti-phishing
· If a customer gets an email that warns techniques into the organizations web
he/she, with little or no notice that their application security, developing internal
account will be shut down unless they processes to combat phishing vectors and
reconfirm billing information, they should educating customers – it is possible to take
not reply or click on the link in the email. an active role in protecting customers from
Instead, they should contact the company future attack. At the server-side, protection
cited in the email using a telephone number against Phishing can be done by:
or Web site address that is known to be 1. Improving customer awareness
genuine. 2. Host and Linking conventions
· Customer should never respond to 3. Enterprise Level
HTML email with embedded submission
forms. Any information submitted via the 5. CONCLUSION:
email (even if it is legitimate) will be sent in Phishing, which started off being part of
clear text that could be observed. popular hacking culture, has now increased
· Users should avoid emailing personal numerously with the growth of use of
and financial information. Before submitting Internet. The points raised within this paper,
financial information through a Web site, and the solutions proposed, represent key
the "lock" icon on the browser's status bar steps in securing online services from
should be observed .It signals that fraudulent phishing attacks – and also go a
information is secure during transmission.
long way in protecting against many other
popular hacking or criminal attack vectors.