Phoenix Information Technology Services. Julio Cardenas

Transcription

1 Phoenix Information Technology Services Julio Cardenas

2 spam, also known as junk or unsolicited bulk (UBE), is a subset of electronic spam involving nearly identical messages sent to numerous recipients by . Clicking on links in spam may send users to phishing web sites or sites that are hosting malware. Phishing is the act of attempting to acquire information such as usernames, passwords, and credit card details (and sometimes, indirectly, money) by masquerading as a trustworthy entity in an electronic communication.

3 SPAM: Statistics and Estimates The total volume of spam has been consistently growing, but in 2011 the trend seems to have reversed. The amount of spam users see in their mailboxes is only a portion of total spam sent, since spammers' lists often contain a large percentage of invalid addresses and many spam filters simply delete or reject "obvious spam." The first known spam , advertising a DEC product presentation, was sent in 1978 by Gary Thuerk to 600 addresses, which was all the users of ARPANET at the time, though software limitations meant only slightly more than half of the intended recipients actually received it. As of August 2010, the amount of spam was estimated to be around 200 billion spam messages sent per day. More than 97% of all s sent over the net are unwanted, according to a Microsoft security report. The Messaging Anti-Abuse Working Group (MAAWG) estimates that 85% of incoming mail is "abusive ", as of the second half of The sample size for the MAAWG's study was over 100 million mailboxes. A 2010 survey of US and European users showed that 46% of the respondents had opened spam messages, although only 11% had clicked on a link

4 Cost of spam A 2004 survey estimated that lost productivity costs Internet users in the United States $21.58 billion annually, while another reported the cost at $17 billion, up from $11 billion in In 2004, the worldwide productivity cost of spam has been estimated to be $50 billion in An estimate of the percentage cost borne by the sender of marketing junk mail (snail mail) is 88%, whereas in 2001 one spam was estimated to cost $0.10 for the receiver and $ (0.01% of the cost) for the sender.

5 SHOCKING! In the United States, most states enacted anti-spam laws during the late 1990s and early 2000s. Many of these have since been pre-empted by the less restrictive CAN-SPAM Act of Spam is legally permissible according to the CAN-SPAM Act of 2003 provided it follows certain criteria: a "truthful" subject line, no forged information in the technical headers or sender address, and other minor requirements. If the spam fails to comply with any of these requirements it is illegal. Aggravated or accelerated penalties apply if the spammer harvested the addresses using methods described earlier. A review of the effectiveness of CAN-SPAM in 2005 by the Federal Trade Commission (the agency charged with CAN-SPAM enforcement) stated that the amount of sexually explicit spam had significantly decreased since 2003 and the total volume had begun to level off. Senator Conrad Burns, a principal sponsor, noted that "Enforcement is key regarding the CAN- SPAM legislation." In 2004, less than 1% of spam complied with the CAN- SPAM Act of In contrast to the FTC evaluation, many observers view the CAN-SPAM act as having failed in its purpose of reducing spam.

6 PHISHING The Beginning A phishing technique was described in detail in 1987, and (according to its creator) the first recorded use of the term "phishing" was made in The term is a variant of fishing, probably influenced by phreaking, and alludes to "baits" used in hopes that the potential victim will "bite" by clicking a malicious link or opening a malicious attachment, in which case their financial information and passwords may then be stolen

7 Spear Phishing Phishing attempts directed at specific individuals or companies have been termed spearphishing. Attackers may gather personal information about their target to increase their probability of success. Clone Phishing A type of phishing attack whereby a legitimate, and previously delivered, containing an attachment or link has had its content and recipient address(es) taken and used to create an almost identical or cloned . The attachment or Link within the is replaced with a malicious version and then sent from an address spoofed to appear to come from the original sender. It may claim to be a re-send of the original or an updated version to the original. Whaling Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.

8 Link manipulation Most methods of phishing use some form of technical deception designed to make a link in an (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers. In the following example URL, it appears as though the URL will take you to the example section of the yourbank website; actually this URL points to the "yourbank" (i.e. phishing) section of the example website. Another common trick is to make the displayed text for a link (the text between the <A> tags) suggest a reliable destination, when the link actually goes to the phishers' site. The following example link, //en.wikipedia.org/wiki/genuine, appears to direct the user to an article entitled "Genuine"; clicking on it will in fact take the user to the article entitled "Deception". Hovering your cursor over the link for a couple of seconds may do a similar thing, but this can still be set by the phisher.

9 Website forgery Once a victim visits the phishing website, the deception is not over. Some phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original address bar and opening a new one with the legitimate URL Phone phishing Not all phishing attacks require a fake website. Messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts. Once the phone number (owned by the phisher, and provided by a Voice over IP service) was dialed, prompts told users to enter their account numbers and PIN. Vishing (voice phishing) sometimes uses fake caller-id data to give the appearance that calls come from a trusted organization.

10

11

12

13 Eliminating Phishing and Spam s 1) Specialized spam filters can reduce the number of phishing s that reach their addressees' inboxes. These approaches rely on machine learning and natural language processing approaches to classify phishing s. address authentication is another new approach. 2) Guard against spam. Be especially cautious of s that: * Come from unrecognized senders. * Ask you to confirm personal or financial information over the Internet and/or make urgent requests for this information. * Aren t personalized. * Try to upset you into acting quickly by threatening you with frightening information 3) Communicate personal information only via phone or secure web sites. In fact: When conducting online transactions, look for a sign that the site is secure such as a lock icon on the browser s status bar or a https: URL whereby the s stands for secure rather than a Also, beware of phone phishing schemes. Do not divulge personal information over the phone unless you initiate the call. Be cautious of s that ask you to call a phone number to update your account information as well.

14 4) Do not click on links, download files or open attachments in s from unknown senders. It is best to open attachments only when you are expecting them and know what they contain, even if you know the sender. 5) Never personal or financial information, even if you are close with the recipient. You never know who may gain access to your account, or to the person s account to whom you are ing. 6) Beware of links in s that ask for personal information, even if the appears to come from an enterprise you do business with. Phishing web sites often copy the entire look of a legitimate web site, making it appear authentic. To be safe, call the legitimate enterprise first to see if they really sent that to you. After all, businesses should not request personal information to be sent via . 7) Beware of pop-ups and follow these tips: * Never enter personal information in a pop-up screen. * Do not click on links in a pop-up screen. * Do not copy web addresses into your browser from pop-ups. * Legitimate enterprises should never ask you to submit personal information in popup screens, so don t do it.

15 8) Protect your computer with a firewall, spam filters, anti-virus and antispyware software. Do some research to ensure you are getting the most up-todate software, and update them all regularly to ensure that you are blocking from new viruses and spyware. 9) Check your online accounts and bank statements regularly to ensure that no unauthorized transactions have been made.

16 Phoenix Information Technology Services Julio Cardenas

17 Project Name: Tivoli Endpoint Manager Project Sponsor: Morna Mellor Project Manager: Julie McCall IET received from the Technology Infrastructure Forum (TIF) a proposal and recommendation for campus-wide implementation and management of Tivoli for all computers accessing the campus network (excluding student-owned systems). First proposal created on September 2, 2012 The IT infrastructure was set in production on January 2013.

18

19

20 Are we using TEM or BigFix in our departments? Yes. How are we using it in our computers? We use it mainly to install new security and software updates on your computers from Windows, Apple and other third party software companies, like Adobe, Oracle, Mozilla, etc. How often do we get our computers updated? As often as new Critical or Important updates are available.

21 Am I going to see more update notifications in my computer? Possibly Yes, if you have other software installed and the updates are not available in the TEM server. Should I leave my computer on at all the times? Preferably Yes, so the updates can be installed at night or during the day. However, we need you to restart your computers at least, once a week, so the updates can take place and your computer perform better.

22 The Dashboard:

23 Conclusion: TEM will provide unified, real-time visibility and enforcement to protect distributed environments against threats that target endpoints and helps organizations to comply with regulatory standards on security. It will help us to make our computers compliant with the UCD Cyber-Safety Policies. TEM will help us to deliver new security patches, software distribution and power management to our departmental computers. TEM will help to manage software assets from procurement to retirement and license compliance using control desk integration.

24 QUESTIONS?

25