WEBP-Potential Online Threats

8/13/2019 WEBP-Potential Online Threats

1/20

Presented By:Utkarsh Jaiswal

Abhishek KumarAakriti DhawanAnkita Rastogi

Akash Tomar


2/20

Threats that uses the World Wide Web to facilitate cybercrime.

Web threats use multiple types of malware and fraud, all of which

utilize HTTP or HTTPS protocols, but may also employ other

protocols and components, such as links in email or IM, or malware

attachments or on servers that access the Web.

They benefit cybercriminals by stealing information for subsequent

sale and help absorb infected PCs into botnets.

Web threats pose a broad range of risks, such as identity theft, lossof confidential information/data, theft of network resources,

damaged brand/personal reputation, and erosion of consumer

confidence in e-commerce and online banking.


3/20

Web threats can be divided into two primary

categories, based on delivery method

Push based threats

Pull Attacks


4/20

Push-based threats are the fraudulent means that lure a user to

a malicious website which then collects information and/or

injects malware.

Push attacks use phishing, DNS poisoning (or pharming), and

other means to appear to originate from a trusted source.

Examples of push based threats are-

Spamming

Phishing

DNS Poisoning( Pharming)


5/20

Pull-based web threats are often referred to as drive-by

threats by since they can affect any website visitor.

Cybercriminals infect legitimate websites, which unknowingly

transmit malware to visitors or alter search results to take users

to malicious websites.

Upon loading the page, the users browser passively runs a

malware downloader in a hidden HTML frame (IFRAME)

without any user interaction.


6/20

Malware

Viruses

Trojans Spyware

Adware

Phishing

DNS Poisoning (Pharming)


7/20

A computer user can be tricked or forced into downloadingsoftware onto a computer that is of malicious intent. Suchprograms are known as malware and come in many forms,such as Viruses, Trojan horses, spyware, and worms.

Malicious software is sometimes used to form botnets.

Malware can be installed without the user ever knowing. Justby visiting a compromised website, opening an email or

installing a program, it is possible for the Malware author toexploit vulnerabilities in your PC's operating system to enableremote access or software installation.


8/20

Virusesare programs that can replicate their structures or effects

by infecting other files or structures on a computer.

The common use of a virus is to take over a computer to steal

data.

A virus is designed to spread from your computer to other

computers

One way a virus can spread is by accessing your emails and

sending a copy of itself to your contacts so it spreads, this iscalled a (worm)

Wormsare programs that can replicate themselves throughout a

computer network, performing malicious tasks throughout.


9/20

A program that appears legitimate, but performs someillicit activity when it is run. It may be used to locatepassword information or make the system more

vulnerable to future entry or simply destroy programsor data on the hard disk.


10/20

Spyware is a type of malware (malicious software)installed on computers that collects information aboutusers without their knowledge. The presence of

spyware is typically hidden from the user and can bedifficult to detect. Some spyware, such as keyloggers,may be installed by the owner of a shared, corporate,or public computer intentionally in order to monitor

users.


11/20


12/20

Phishing

Phishing is an attempt to steal your personalinformation. They send out e-mails that appear tocome from legitimate websites such as eBay, PayPal, or

other banking institutions. The e-mails state that yourinformation needs to be updated or validated and askthat you enter your username and password


13/20

Pharming is yet another way hackers attempt tomanipulate users on the Internet. While phishingattempts to capture personal information by getting

users to visit a fake website, pharming redirects usersto false websites without them even knowing it.


14/20

Legislation can refer or laws or the process by whichthey are enacted in certain countries. Many countrieshave some form of legislation, which is a body

dedicated primarily to passing and amending laws


15/20

In the computer security context, a hacker is someone who

seeks and exploits weaknesses in a computer system or computer

network.

Hackers may be motivated by a multitude of reasons, such as

profit, protest, or challenge.

The term hacker is reclaimed by computer programers who argue

that someone breaking into computers is better called a cracker, not

making a difference between computer criminals (black hats) and

computer security experts (white hats ).

According to (Clifford R.D. 2006) a cracker or cracking is to"gain unauthorized access to a computer in order to commit another

crime such as destroying information contained in that

system. These subgroups may also be defined by the legal status of

their activities.


16/20

White hatA white hat hacker breaks security for non-malicious reasons, perhaps to

test their own security system or while working for a security companywhich makes security software. The term "white hat" in Internet slang

refers to an ethical hacker. This classification also includes individuals

who perform penetration tests and vulnerability assessments within a

contractual agreement.

Black hat

A "black hat" hacker is a hacker who "violates computer security for

little reason beyond maliciousness or for personal gain" (Moore,

2005). Black hat hackers form the stereotypical, illegal hacking groups

often portrayed in popular culture, and are "the epitome of all that thepublic fears in a computer criminal". Black hat hackers break into secure

networks to destroy data or make the network unusable for those who

are authorized to use the network.


17/20

Grey hat

A grey hat hacker is a combination of a black hat and a white hat hacker.

A grey hat hacker may surf the internet and hack into a computer system

for the sole purpose of notifying the administrator that their system has a

security defect, for example. Then they may offer to correct the defect

for a fee.

Script kiddie

A script kiddie (also known as a skid or skiddie) is a non-expert who

breaks into computer systems by using pre-packaged automated tools

written by others, usually with little understanding of the underlyingconcepthence the term script (i.e. a prearranged plan or set of

activities) kiddie (i.e. kid, childan individual lacking knowledge and

experience, immature).[


18/20

I DENTI TY THEFT that was coined in 1964 is a form of stealing

someone's identity in which someone pretends to be someone else byassuming that person's identity, typically in order to access resources or

obtain credit and other benefits in that person's name. Identity theft occurs

when someone uses another's personally identifying information, like their

name, identifying number, or credit card number, without their permission,

to commit fraud or other crimes.

Identity Theft sub-divide identity theft into five categories:

Criminal identity theft (posing as another person when apprehended for a

crime)

Financial identity theft (using another's identity to obtain credit, goodsand services)

Identity cloning (using another's information to assume his or her

identity in daily life)

Medical identity theft (using another's identity to obtain medical care ordrugs)


19/20

A BOTNETis a collection of Internet-connected programs communicating with

other similar programs in order to perform tasks. This can be as mundane askeeping control of an Internet Relay Chat (IRC) channel, or it could be used to

send spam email or participate in distributed denial-of-service attack attacks.

LEGAL BOTNETS

The term botnet is widely used when several IRC bots have been linked and may

possibly set channel modes on other bots and users while keeping IRC channelsfree from unwanted users.

I LLEGAL BOTNETS

Botnets sometimes compromise computers whose security defenses have been

breached and control conceded to a third party. Each such compromised device,

known as a "bot", is created when a computer is penetrated by software froma malware(malicious software) distribution. The controller of a botnet is able to

direct the activities of these compromised computers through communication

channels formed by standards-based network protocols such as IRC

and Hypertext Transfer Protocol (HTTP).


20/20

SPYBOT

SEARCH & DESTROY is a spyware and adwareremoval computer program compatible with Microsoft Windows 95 and

later. It scans the computer hard disk and/or RAM for malicious software.

SPYBOT FEATURES

In addition to spyware and adware detection and disinfection, Spybot-S&D

can repair the registry, winsock LSPs, ActiveX objects, browser

hijackers and BHOs, PUPS, computer cookies, trackerware, heavy duty,

homepage hijackers, keyloggers, LSP, tracks, trojans, spybots, revision, and

other kinds of malware. It can also delete tracking cookies.

Some programs are supplied with attached spyware or adware and refuse torun when they are not present; newer versions of Spybot replace the

spyware binaries with inert dummies (designed to fool programs which

simply check for the presence of the spyware's file).

WEBP-Potential Online Threats

Documents

Transcript of WEBP-Potential Online Threats