Professional Documents
Culture Documents
?
Introduction
What is spoofing?
Context and Security relevant
decisions
Phishing
Web spoofing
Remedies
What is Spoofing?
Dictionary.com definitions:
² To deceive
² A hoax
Security Relevant Decisions
Examples
Names of objects
Timing of events
Context Spoofing (Examples)
http://www.antiphishing.org/p
hishing_archive.html
Context Spoofing
Spoofed emails have upwards of 20%
success rates
Costs billions of dollars to the industry
Unauthorized Surveillance
Tampering
Identity theft
What is Web Spoofing?
Data tampering
Web Spoofing Attack
Example:
² home.netscape.com
² www.attacker.com/http://home
.netscape.com
ow does the Attack Work?
www.attacker.org
1. Request Spoof
URL 4. Change
page
www.server.com
ow does the Attack Work?
Emails
Search Engines
Completing the Illusion
www.antiphishing.com
http://www.cs.princeton.edu/s
ip/pub/spoofing.html