how$vulnerable$are$ wetoscams?$ - black...
TRANSCRIPT
![Page 1: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/1.jpg)
How Vulnerable Are We to Scams?
Markus Jakobsson Ting-‐Fang Yen ZapFraud DataVisor
![Page 2: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/2.jpg)
Breaches +
Hacking
Malware +
Phishing
Scams
Iden7ty The;
ATO + Creden7al fraud
Vic7m ini7ated payments
PII +
Creden7als
![Page 3: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/3.jpg)
Breaches +
Hacking
Malware +
Phishing
Scams
Iden7ty The;
ATO + Creden7al fraud
Vic7m ini7ated payments
PII +
Creden7als
![Page 4: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/4.jpg)
Breaches +
Hacking
Malware +
Phishing
Scams
Iden7ty The;
ATO + Creden7al fraud
Vic7m ini7ated payments
PII +
Creden7als
![Page 5: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/5.jpg)
Scams
Iden7ty The;
ATO + Creden7al fraud
Vic7m ini7ated payments
$4B/year
Es7mated fraud loss in US
3.5% U.S adult popula7on scammed/year Average reported loss ~$2300
![Page 6: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/6.jpg)
SPAM
![Page 7: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/7.jpg)
SPAM
Block rates
Hotmail 66% Yahoo 70% Gmail 10-‐98%
![Page 8: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/8.jpg)
SPAM
Block rates
Hotmail 66% Yahoo 70% Gmail 10-‐98%
“Very Nigerian” 94% “Sneaky” 37%
![Page 9: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/9.jpg)
SPAM
Hotmail Yahoo Gmail
427
Hotmail Yahoo Gmail
![Page 10: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/10.jpg)
SPAM
427
Hotmail Yahoo Gmail Hotmail Yahoo Gmail
![Page 11: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/11.jpg)
SPAM
427
Yahoo Hotmail Yahoo Gmail
Thanks!
![Page 12: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/12.jpg)
SPAM
427
Yahoo Hotmail Yahoo Gmail
Thanks!
![Page 13: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/13.jpg)
SPAM Hotmail Yahoo Gmail
Block rate: 66% 70%
98%
10%
![Page 14: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/14.jpg)
“Does this look risky to you?”
![Page 15: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/15.jpg)
“What type of risk is this primarily associated with?”
![Page 16: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/16.jpg)
You have exceeded your mailbox quota. Your account will be blocked 8 AM tomorrow unless you request more space. You can request more space by clicking here.
![Page 17: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/17.jpg)
The recipient may get a computer virus. The recipient may lose his password. This may be a scam aimed at stealing your money. There is no risk. The recipient may get unwanted adver7sements. The recipient’s account may be blocked if she does not pay aeen7on.
![Page 18: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/18.jpg)
The recipient may get a computer virus. The recipient may lose his password. This may be a scam aimed at stealing your money. There is no risk. The recipient may get unwanted adver7sements. The recipient’s account may be blocked if she does not pay aeen7on.
Correct answer
![Page 19: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/19.jpg)
The recipient may get a computer virus. The recipient may lose his password. This may be a scam aimed at stealing your money. There is no risk. The recipient may get unwanted adver7sements. The recipient’s account may be blocked if she does not pay aeen7on.
Reasonable answer
![Page 20: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/20.jpg)
The recipient may get a computer virus. The recipient may lose his password. This may be a scam aimed at stealing your money. There is no risk. The recipient may get unwanted adver7sements. The recipient’s account may be blocked if she does not pay aeen7on.
Naive answer
![Page 21: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/21.jpg)
Naïve (31%)
![Page 22: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/22.jpg)
Naïve (6%)
A “tradi7onal” Nigerian Scam
![Page 23: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/23.jpg)
Naïve (56%)
Targeted scam with complex structure
![Page 24: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/24.jpg)
“I know how to spot online scams”
![Page 25: How$Vulnerable$Are$ WetoScams?$ - Black Hat...You(have(exceeded(your(mailbox(quota.(Your(accountwill(be(blocked(8(AMtomorrow(unless(you(requestmore(space.(You(can(requestmore(space(by(clicking(here](https://reader035.vdocuments.us/reader035/viewer/2022070813/5f0ca3427e708231d4366580/html5/thumbnails/25.jpg)
Email security and user awareness