Phishing Exposed
By Lance James, Secure Science Corporation, Joe Stewart (Foreword)
HIGHLIGHT
Phishing scams are threatening to undermine consumer confidence in electronic commerce and banking as the Gartner Group reports these scams cost the U.S over $2.4 Billion in 2004, not including law enforcement costs. For the first time ever, author Lance James from Secure Sciences Corporation will take readers inside the technical, financial, and social underworlds operated by Phishing gangs, and detail law enforcement’s efforts to take down these secret, well organized, and highly sophisticated gangs. |
Phishers Techniques Unveiled and Disassembled!
Date: Oct 2005
Pages: 450 (est.)
User level: All |
DESCRIPTION
Phishing Exposed unveils the techniques phishers employ that enable them to successfully commit fraudulent acts against the global financial industry. Phishing Exposed also highlights the motivation, psychology and legal aspects encircling this deceptive art of exploitation. The External Threat Assessment Team will outline innovative forensic techniques employed in order to unveil the identities of these organized individuals, and does not hesitate to remain candid about the legal complications that make prevention and apprehension so difficult today. Phishing Exposed provides an in-depth, high-tech view from both sides of the playing field, and is a real eye-opener for the average internet user, the advanced security engineer, on up through the senior executive management of a financial institution. This is the book to provide the intelligence necessary to stay one step ahead of the enemy, and to successfully employ a pro-active and confident strategy against the evolving attacks against e-commerce and its customers.
KEY
SELLING POINTS
- According to the Anti-Phishing Working Group there was a 28% increase in phishing email in the second half of 2004.
- Phishing attacks occur on a daily basis – causing over $1.2 billion in losses in 2004 alone, and it’s only going to increase.
- There are no effective techniques known widely to detect, deter, track and prevent phishing at this time.
MARKET
INFORMATION
According to reports, the volume of spam and phishing email has grown dramatically – over 400% last year alone. Secure Science has copies of mailing lists that phishers use, and databases they have compromised. Phishers have access to, at minimum, 500 million email addresses, and our research has showed that per every 100,000 emails, 10% are received, and 1% are victimized. There evolving techniques will gain more ROI, especially with the use of advanced exploits such as XSS attacks, IE vulnerabilities, and malicious payload delivery, where we have observed information gain on over 500,000 users within a single week.
Phishing Exposed reveals techniques that have not been previously publicly disclosed, including author analysis via neural net technology, keyboard typing profiling, attacker profiling, tracking techniques, advanced pattern recognition, and in-depth phishing-specific research to be found nowhere else. The author has used these techniques to successfully identify multiple malware authors including agobot, and sobig.
ABOUT
THE AUTHOR
Lance James is the Chief Technology Officer of Secure Science Corporation, a company dedicated to providing advanced technology solutions to security. He frequently lectures at Colleges throughout the San Diego area on "Security & Cryptography in Data Communications", and heads the Secure Science’s External Threat Assessment Team, specifically in forensics that enable tracking of phishers. In addition, he is the creator of InvisibleNet, a distributed pseudonymous framework for real-time communication on the internet. On his off-time, he spends time reading, analyzing protocols, playing music, and spending time with his family in Southern California.
TECHNOLOGY
BACKGROUND
Phishers employ 4 basic attack methods (not including malware distribution) when sending their bulk-mailings in efforts to gain to access to customer accounts. These attacks are detailed within the book and examined via advanced forensics in efforts to develop techniques to track and prevent future occurrences. The tools developed for intelligence gathering and aggregation demonstrates the necessity to properly process the abundant amount of phishing data that is collected. The techniques used for author analysis, hostile site analysis, hard drive analysis, spam research, and pattern matching are quite technical, including tools like unpacking FSG, ASPack, and UPX exe packers, that demonstrate how to analyze the malware and what is has been created to do. Phishing Exposed demonstrates examples of the malware distributed by phishers, as well as the attack vectors used, including the numerous MS-ITS protocol attacks, the IFRAME Tag Exploit and the MS-ITS Protocol Zone Bypass Vulnerability' [Bugtraq Id 9658].
Also described are techniques for reversing shellcode, decrypting malware content, and breaking IRC and IM encryption that phishers and other criminals use to protect themselves and their identities.
|
