Embed Doc
Copy Link
Readcast
Collections

1
CommentGo Back

Executive Summary

Phishing is the new 21

st

century crime. Globally, the stories arecovered by almost all international media covering the latest organisation to havetheir customers targeted and how many victims succumbed to attacks. Phishingis an online identity theft in which confidential informations are obtained from anindividual. Phishing includes deceptive attacks, in which users are tricked by fraudulent messages into giving out information, malware attacks, in whichmalicious software causes data compromise, and DNS ( Domain Name System)based attacks, in which the lookup of host names is altered to send users to a fraudulent server.There is no precise estimation of losses due to phishing, however the Gartnergroup estimates that the total financial losses attributable due to phishing for USBanks will be approximately US$ 2.8 billion for the year 2006. The indirect lossesare much higher, including customer service expenses, account replacementcosts and higher expenses due to decreased use of online services in the face ofwidespread fear about the security of online financial transactions.This report cover the countermeasure implemented by various foreign banksagainst phishing, informations that are available in public domain.Harish KesharwaniCA.Grad CWA, M.Com

Harish Kesharwani

1

Steps in Phishing attack

1

All phishing attacks fit into the same general information flow. At each step in the flow, different countermeasures can be applied to stop phishing. The steps are:0. The phisher prepares for the attack. Step 0 countermeasures includemonitoring malicious activity to detect a phishing attack before it begins.1. A malicious payload arrives through some propagation vector. Step 1countermeasures involve preventing a phishing message or security exploit fromarriving.2. The user takes an action that makes him or her vulnerable to an informationcompromise. Step 2 countermeasures involve detecting phishing tactics andrendering phishing messages less deceptive.3. The user is prompted for confidential information, either by a remote web siteor locally by a Web Trojan. Step 3 countermeasures are focused on preventingphishing content from reaching the user.4. The user compromises confidential information. Step 4 countermeasuresconcentrate on preventing information from being compromised.5. The confidential information is transmitted from a phishing server to thephisher. Step 5 countermeasures involve tracking information transmittal.6. The confidential information is used to impersonate the user. Step 6countermeasures center on rendering the information useless to a phisher.7. The phisher engages in fraud using the compromised information. Step 7countermeasures focus on preventing the phisher from receiving money.

1

Content taken from Report Title – Online Identity Theft: Phishing Technology, Choke points andCountermeasures available in website

Harish Kesharwani

2

Table of Contents

Page No1Abstract..………………………………………………………………………….52Introduction…….………………………………………………………………...53 Phishing attack October 2006..………………………………………………...53.1Phishing Trend……………………………………………………….…..63.2Recent Phishing attack – International.………………………………..64International Scenario…………………………………………………………...64.1Bank of America………………………………………………………….74.2Hong Kong & Sanghai Banking Corporation………………………....84.3US Bank…………………………………………………………………..104.4Well Fargo Bank………………………………………………………...124.5Nat West Bank…………………………………………………………..134.6eBay & Paypal……………………………………………………………144.7Lloyds TSB Bank………………………………………………………..154.8Barclays Bank…………………………………………………………...164.9Wachovia Bank……………………………………………………….…174.10National Australia Bank………………………………………………..204.11Royal Bank of Canada……………………………………………….…214.12Amarillo National Bank…………………………………………….…..244.13Nantucket Bank…………………………………………………….…....254.14Summary of countermeasure………………………………………....275Conclusion……….……………………………………………………………….296References………………………………………………………………………..29

Harish Kesharwani

3

of 00

Leave a Comment

Plz send me this copy to vikyath4488@gmail.com

reply03 / 31 / 2010

Phishing Attack & Countermeasures

This research paper tries to describe the menace of phishing fraud in international scenario and various countermeasure adopted by various banks in the world. The Paper tries to... (More)

5,128 Reads

Info and Rating

Category:	Research > Arts & Architecture
Rating:	(3 Ratings)
Upload Date:	02/19/2009
Copyright:	Attribution Non-commercial
Tags:	phishing attacks & countermeasures phishing attacks & countermeasures (fewer)

Flag document for inapproriate content

Uploaded by

Harish KEsharwani

Download

Embed Doc
Copy Link
Add To Collection
Comments
Readcast
Share

×

Share on Scribd:

Readcast

TIP Press Ctrl-F⌘F to quickly search anywhere in the document.

Searching...

Result 00 of 00

00 results for result for

p.

More from This User

Related Documents

More From This User

This article tries to explain the menance of expense reimbursement fraud and ...

Income Tax forms for AY 2009-2010

Income Tax forms for AY 2009-2010

Income Tax forms for AY 2009-2010

Income Tax forms for AY 2009-2010

Form ITR-V and Acknowledgement Final

Income Tax forms for AY 2009-2010

Income Tax - Calculator AY 2009-2010

best worksheet for calculating income tax laibility for salaried person appli...

Fraud Detterrence Measures

This article explore the measure to be implemented for preventing fraud. The ...

Basic Material on Options

Basic Material on Options

Step by Step Learning Future & option

The guidelines describe the natures of future and option in derivative segmen...

101 Motivational Quotes

The bokk by Steven Grabek is available freely and has good collection of moti...

12 Dirty Habits That Prevent You From Developing Exceptional People...

Some brief information about habits which comes in between developing skills ...

Best Motivational quotes

Motivational quotes to achieve and aim big. Dream big and get big

Top 200 Secrets of Success by Robin sharma

The books has a collection of ways to be positive and think positive in life....

Origination of Number

This PPT shows how the number came into origination and how the same was disc...

Ways to do Revenue - Fraud

The article tries to explain the various type of revenue fraud. In financial...

Baby Girls names

Baby girls names readily available in sheet

Baby Girls Names 4

1000 of Girls name readily available in this file. Part 1 of various collection

Baby Girls Names 3

1000 of Girsl name readily available in this file. Part 3of various collection

Baby Girls Names 2

1000 of Girsl name readily available in this file. Part 2of various collection

baby Girls Name part 1

1000 of Girsl name readily available in this file. Part 1 of various collection

Financial Statement Fraud

The article tries to explain the various type of occupational fraud can happe...

Restated Satyam Balance Sheet

The file brings out the likely reststed balancesheet of Satyam after his conf...

Phishing Attack & Countermeasures

This research paper tries to describe the menace of phishing fraud in interna...

Cheque Fraud & Countermeasures

This research paper tries to describe the menance of cheque fraud in internat...

Related Docuements