copyright © 2015 pearson education, inc. computer fraud and abuse techniques chapter 6 6-1

Copyright © 2015 Pearson Education, Inc.

Computer Fraud and Abuse Techniques

Chapter 6

6-1


Types of Attacks•Hacking

▫Unauthorized access, modification, or use of an electronic device or some element of a computer system

•Social Engineering▫Techniques or tricks on people to gain

physical or logical access to confidential information

•Malware▫Software used to do harm

6-2


Hacking▫Hijacking

Gaining control of a computer to carry out illicit activities

▫Botnet (robot network) Zombies Bot herders Denial of Service (DoS) Attack Spamming Spoofing

Makes the communication look as if someone else sent it so as to gain confidential information. 6-3


Forms of Spoofing

• E-mail▫ E-mail sender appears as if it

comes from a different source• Caller-ID

▫ Incorrect number is displayed• IP address

▫ Forged IP address to conceal identity of sender of data over the Internet or to impersonate another computer system

• Address Resolution Protocol (ARP)▫ Allows a computer on a LAN

to intercept traffic meant for any other computer on the LAN

• SMS▫ Incorrect number or

name appears, similar to caller-ID but for text messaging

• Web page▫ Phishing

• DNS▫ Intercepting a request

for a Web service and sending the request to a false service

6-4


Hacking with Computer Code•Cross-site scripting (XSS)

▫Uses vulnerability of Web application that allows the Web site to get injected with malicious code. When a user visits the Web site, that malicious code is able to collect data from the user.

•Buffer overflow attack▫Large amount of data sent to overflow the input

memory (buffer) of a program causing it to crash and replaced with attacker’s program instructions.

•SQL injection (insertion) attack▫Malicious code inserted in place of a query to

get to the database information 6-5


Other Types of Hacking•Man in the

middle (MITM)▫Hacker is

placed in between a client (user) and a host (server) to read, modify, or steal data.

6-6


Other Types of Hacking• Password Cracking

▫Penetrating system security to steal passwords• War Dialing/War Driving

▫Computer automatically dials phone numbers looking for modems/ or look for wireless network.

• Phreaking▫Attacks on phone systems to obtain free phone

service.• Data Diddling

▫Making changes to data before, during, or after it is entered into a system.

• Data Leakage▫Unauthorized copying of company data.

6-7


Hacking Used for Embezzlement•Salami technique:

▫Taking small amounts at a time Round-down fraud

•Economic espionage▫Theft of information, intellectual

property and trade secrets•Cyber-extortion

▫Threats to a person or business online through e-mail or text messages unless money is paid

6-8


Hacking Used for Fraud•Internet misinformation

▫Using the Internet to spread false or misleading information

•E-mail threats•Internet auction

▫Using an Internet auction site to defraud another person Unfairly drive up bidding Seller delivers inferior merchandise or fails to

deliver at all Buyer fails to make payment

•Internet pump and dump▫Using the Internet to pump up the price of a stock

and then selling it 6-9


Hacking Used for Fraud

•Click fraud▫Inflate advertising bills

•Web cramming▫Offer free web for month, billing even if

people do to want to continue•Software piracy

6-10


Social Engineering

•Social Engineering(tricking someone)▫Techniques or psychological tricks used

to gain access to sensitive data or information

▫Used to gain access to secure systems or locations

6-11


Social Engineering Techniques• Identity theft

▫ Assuming someone else’s identity

• Pretexting▫ Using a scenario to trick

victims to divulge information or to gain access

• Posing▫ Creating a fake business to

get sensitive information• Phishing

▫ Sending an e-mail asking the victim to respond to a link that appears legitimate that requests sensitive data

• Pharming▫ Redirects Web site to a

spoofed Web site

• URL hijacking▫ Takes advantage of

typographical errors entered in for Web sites and user gets invalid or wrong Web site

• Scavenging▫ Searching trash for

confidential information• Shoulder surfing

▫ Snooping (either close behind the person) or using technology to snoop and get confidential information

• Skimming Double swiping credit card

• Eeavesdropping

6-12


Minimize the Threat of Social Engineering

•Never let people follow you into restricted areas

•Never log in for someone else on a computer

•Never give sensitive information over the phone or through e-mail

•Never share passwords or user IDs•Be cautious of someone you don’t know who is trying to gain access through you

6-13


Type of Malware(software used to do harm)•Spyware

▫Secretly monitors and collects personal information about users and sends it to someone else

▫Typical sources Downloads such as games, wallpapers,

screensavers, music, videos Web sites that secretly download spyware(drive-by-

downloading) Malware masquerading as anti-spyware security

software Worm or virus Public networks

6-14


Type of Malware(software used to do harm)

•Adware▫Pops banner ads on a monitor, collects information

about the user’s Web-surfing, and spending habits, and forward it to the adware creator

•Key logging▫Records computer activity, such as a user’s keystrokes,

e-mails sent and received, Web sites visited, and chat session participation

•Trojan Horse▫Malicious computer instructions in an authorized and

otherwise properly functioning program

6-15


Type of Malware(software used to do harm)

•Time bombs/logic bombs▫ Idle until triggered by a specified date or time, by a

change in the system, by a message sent to the system, or by an event that does not occur

▫Typically destroys programs and/or data

•Trap Door/Back Door▫A way into a system that bypasses normal authorization

and authentication controls▫Often used during systems development and removed

before system put into operation

6-16


More Malware•Packet Sniffers

▫Capture data from information packets as they travel over networks

▫Rootkit Used to hide the presence of trap doors, sniffers, and

key loggers; conceal software that originates a denial-of-service or an e-mail spam attack; and access user names and log-in information

•Superzapping▫Unauthorized use of special system programs to

bypass regular system controls and perform illegal acts, all without leaving an audit trail

6-17


More Malware

•computer virus ▫self-replicating, executable code that

attaches itself to software▫two phases.

In the first phase, the virus replicates itself and spreads to other systems or files when some predefined event occurs.

attack phase, also triggered by some predefined event, the virus carries out its mission

5-18


More Malware• computer worm is a self-replicating computer

program similar to a virus except for the following three differences▫ A virus is a segment of code hidden in or attached to a

host program or executable file, whereas a worm is a stand-alone program.

▫ A virus requires a human to do something (run a program, open a file, etc.) to replicate itself, whereas a worm does not and actively seeks to send copies of itself to other devices on a network.

▫ Worms harm networks (if only by consuming bandwidth), whereas viruses infect or corrupt files or data on a targeted computer.

5-19


Reducing Malware Threats

•Comprehensive security suites▫Norton, F-secure, McAffee, etc

•Specialized anti malware software▫Example: Malwarebytes Anti-Malware

•Use two user accounts, one with admin privileges and general user account for day to day computing▫General user account may help to

reduce chance of drive-by-downloading


Cellphone Bluetooth Vulnerabilities

•Bluesnarfing▫Stealing contact lists, data, pictures on

bluetooth compatible smartphones•Bluebugging

▫Taking control of a phone to make or listen to calls, send or read text messages

6-21


Key Terms – Table 6-1• Hacking• Hijacking• Botnet• Zombie• Bot herder• Denial-of-service (DoS)

attack• Spamming• Dictionary attack• Splog• Spoofing• E-mail spoofing• Caller ID spoofing• IP address spoofing• MAC address

• Address Resolution Protocol (ARP) spoofing

• SMS spoofing• Web-page spoofing• DNS spoofing• Zero day attack• Patch• Cross-site scripting (XSS)• Buffer overflow attack• SQL injection (insertion)

attack• Man-in-the-middle (MITM)

attack• Masquerading/

impersonation• Piggybacking 6-22


Key Terms (continued)• Password cracking• War dialing• War driving• War rocketing• Phreaking• Data diddling• Data leakage• Podslurping• Salami technique• Round-down fraud• Economic espionage• Cyber-extortion• Cyber-bullying• Sexting

• Internet terrorism• Internet misinformation• E-mail threats• Internet auction fraud• Internet pump-and-dump

fraud• Click fraud• Web cramming• Software piracy• Social engineering• Identity theft• Pretexting• Posing• Phishing• vishing 6-23


Key Terms (continued)• Carding• Pharming• Evil twin• Typosquatting/URL

hijacking• QR barcode replacements• Tabnapping• Scavenging/dumpster

diving• Shoulder surfing• Lebanese looping• Skimming• Chipping• Eavesdropping• Malware• Spyware

• Adware• Torpedo software• Scareware• Ransomware• Keylogger• Trojan horse• Time bomb/logic bomb• Trap door/back door• Packet sniffers• Steganography program• Rootkit• Superzapping• Virus• Worm• Bluesnarfing• Bluebugging

6-24

copyright © 2015 pearson education, inc. computer fraud and abuse techniques chapter 6 6-1

Documents

pearson education

computer fraud

web site

web service

data diddling

hacking hijacking

internet auction site

types of hacking man