Professional Documents
Culture Documents
SA
W
W
"#$%&'K (
"#K&01-.-/ *+,
2.&3
K."1$% 435
W
1429 2008 -
"#$)('&W% 0)
/.- , L+
0002 <24C17
= 978-603-00-1453-8W
? J1 ? J2-@ 0
? K34B6BKHEE= FFCI
005,8J6
1429L5884
=<L)6 1429L5884W
= 978-603-00-1453-8W
>;=83 *789:;0
*/0?
2009-@A1429
W
.*
.*
7&('$-p 7q 7&/U7r7(@7 (+ 7IL//6 S6
-$ 77bO$
?/77- 777I`O 7"LM77 (77c&?g37 ` 777(@
7
7- <c&MgZ
6= (3t
=U4# SK?6Z
+ Y7WU74 7,6?7# SK 76/ 7 Q- 0 @4
vS 8EProject Management ProfessionalFd6= +=aM 4bbl
K Q- BB
/M
W
9.....................................................................................................
: 14...........................................................
1.1 15.................................................................
1.3.1 18 ...............................................
2.3.1 18 ......................................................
4.1 19.....................................
5.1 21...........................................................................
6.1 22..................................................................
: )24................................ (Spam
1.2 26..............................................
2.2 31.............................................
)(Image-based Spam
32
W
: )71(Content Injection
4.4
73 .
5.4
(Phishing
)91................................................................................... Countermeasures
1.5 : 92 ...........
W
1.1.5 92 ........................................
2.1.5 )92 ...................... (Bounced E-Mails
3.1.5 93 ..................................................
4.1.5 94 ......................................................
5.1.5 94 ............................
2.5 : )98 ..................................... (Filteration
3.5 : ) (Security Patches
)99 ...................................................................... (Firewalls
4.5 : )100 ..(Cross-Site Script - XSS
5.5 : )101 ............... (Visual Keyboard
6.5 : )102 ......... (Two-Factor Authentication
7.5 : )104 .............. (Mutual Authentication
8.5 :
)105 ..................................................................... Toolbars
9.5 : )110(Anti-Phishing Software
(Anti-Phishing
111.....................................................................................
117................................................................................................
W
W
10
11
W
?Ui77n776)('&77(E-Mail)%77 77 77bO$@776 +x77
W
12
13
W
14
W
"#
15
W
1.1
KEE-Mail ServerF%&)('6
W
Microsoft
16
q/U4
( 1-1 )
Ewww.microsoft.com/outlook/F (3U4q &dLE1F
Ewww.microsoft.com/exchange/default.mspxF (3U4q &dLE2F
17
W
2.1
2-1
W
18
3.1
1.3.1
(Simple Mail Transfer Protocol - SMTP)
(377U774%77&)('77677'7 %77 `77
O778
7`i7`h1 821 <7L=ERFCF- 7`07`hm]6/O
K2 1123<L=
U74Z36
&`O/-$ bO%&)('6 3`ZO
<L=gO(KE3-1F(Myn8
EPort 25F25<L=x]I
K /63Lx]I
2.3.1
(POP3 Post Office Protocol)
776'
77$%77&)('776774m^77Z6Jx7777
O778
<77L=- 77`07777`h77
Ox778F776/OK 7777%77&)('
19
W
K1 1939
43<L/<
Ozag6^7ZI@ 77^7Z
x8
O%8^ZI K
77 3`77ZO776)('&%77/-$ 77bO77
O(077U774776
110F110<7L=x7]I
) (3-1 SMTP
POP3
4.1
< "I8.BXI4M?@?p4%O6Jx76)('&K%7
E3F^ZI)('&. Ehttp://tools.ietf.org/html/rfc1939F`h
W
20
K?abc.com?8?xyz@abc.com?J6I" I<pr
- 7&(7S?78EDomain
( 4-1)
p7$%78- 7L "I. 7? 7c& Y7`6t7\/ - \Sa
/7
?E 7I87(67`rK" <&" 3O/%&)('6 . ?4
21
W
.E MX records
5.1
(Mail exchange records MX records)
< 7Z 76B7 7/ 7b6a7]
/ 3O-pV
preference
W
22
) (5-1
)(Header
U4J- & 3
77(6U74W7b
WEFromFI /} J76
J /
Kxsender]@[source domain namez
23
W
/} %&)('6H ZS<Wsender
. /mI-=#Jx" ^ I<Wsource domain name
7&I4J7?7(K3`7Z} J767I:EToF3`Z J
777bU77743`777Z 777I4777(6K3`777Z} 7774k?777Sp3`777Z}
K[receiver]@ [destination domain name]
3`Z} %&)('6H ZS<Wreceiver
.ma /} =Jx" ^ I<Wdestination domain name
%7&)('76 7 7 7/ =Z%b]O WERouteF= Z J
\/77 "77 77=/773`77Z %77&)('776 77 za7
/
74q/7/7O$+ 74.U74za]7BZZ0ZS3O/
Y7n/4^7Z 7({7(76d7+/W 3= Z- & %&)('6
= 77Ya?= 77^
%7 &)('776774q/77M+/r77- =77 776/774
$ 77/776E7-1F(77K?77
?%77&)('776774M?77#
K= Z
K /n:(Subject)
K /&:(Body)
%&('a6/ =E6-1F(W
W
24
) (7-1
) .(7-1 .
"!
) ('&
$#$
)(Spam
25
W
W
26
1.2
(Spam)
77c&^77+. 77a 77Y&77/g77%77&)('7 6 77=_/77O
7EBulkF7 8<7
7={EElectronic Messaging SystemF7& )('/
fx77C3`77Z 773L7777/?77L?77"g7777 77/
Electronic
27
W
W
28
F%7&)('76 7 U74J=/7,gETrafficFr
KcIEServer
Data Network
(1)
2006 Spam Trends Report: Year of the Zombies, December 27, 2006,
Commtouch Software Ltd.,
(http://www.commtouch.com/documents/Commtouch_2006_Spam_
Trends_Year_of_the_Zombies.pdf)
29
W
2006 Spam Trends Report: Year of the Zombies, December 27, 2006, Commtouch
Software Ltd.,
(http://www.commtouch.com/documents/Commtouch_2006_Spam_Trends_Year_of_
the_Zombies.pdf)
1000O E3F
W
30
31
W
2.2
x778L 77I6F77.B77X0 77 77=aM^77Z= 77776
)('&g%K/
W
32
3.2.2
(Image-based Spam)
J ] /&M=b^za/g /
/} V6
7P8U74I77,O<76 7Yr%7bI\7oU74+7]7b4
K /&M+=#
77
?W
/77WmO=77#?2006 771 7 /g77 77//776/`O/77Y?
w7=7bU74+/g /3Z&?2 ECommtouchF?O
7% a70w(Y Y&?/g /4% a35
7/g7 7/7Y7ZEData Traffic BandwidthF- 7& 3r7O+ 7IL
(1)
2006 Spam Trends Report: Year of the Zombies, December 27, 2006,
Commtouch Software Ltd.,
(http://www.commtouch.com/documents/Commtouch_2006_Spam_Trends_
Year_of_the_Zombies.pdf)
33
W
EpatternsF/8 77cU774_/77Eheuristic
methodsF7736/V/77"
EOCR
W
34
3.2
x8L I6F.BX)
/7.- 7, 7/+76)('&g7%7
K/
1.3.2 :) (Filtration
77(O]77bO 77/776)('& 77?U774%77?B77
?77S. 77/
W
?/O- 77&(77S?=77Z6EHeaderF 77/77I4 77YI 77/
KEFromF
35
W
KESubjectF /n
KEBodyF /&
77r / <7`\7Sad7 7`76 7b \7Saw` "O{r
=?77Z6'377ZI +77<77L?7 &('a776/6 77I
77Y&?U774]77b
{77rI7?77n377ZI Eregular
expressionsF77r-g377O ?77/
K=6x8=/Lx^6
7YI(7/g7 7/J7b7`3"-./
)/
?%8]b
77# ]7b74 7Y4+7&7`- 7V6n/4
&77LM6g377 `77L(&6 77+ 7746x7777/g77 77/%77/
K1 ]b
Black lists
) : 2.3.2
(/ White lists
W
36
37
W
) : 3.3.2
(Whitelists
W
38
: 5.3.2
(377- i]77#Mw77&
.777 d77LMJ77677I77
q7777n/4 Y77 778g? 77`I- 774k?77h o_/77?77
g77776 77=aM^77ZOt77%77&)('7766 77I77d77V
77 7YJ 7]%7&)('6I4/6./
a/YxCKH/
K dLMJ6m&I4 (^/"naqfx8
77(?@?B/ 7 ?at?W7(377./7
)fx78U7477
?xyz at abc dot com?/67i7y37bO?xyz@abc.com? 7?K?"`I ?dot?
_/77%7%7&)('766 7I4dq/d"ZO$`6/"fxY
KI b6M/-?L(O Y&{r ` m4
M 7b&B7=%&)('6I4
./
)fxC\/
KIU4_/dVq/U4=x6% +=#F
: 6.3.2
EBulkFg3
C =a<6/g /{rF6/M &/
7za/67`O7L?U747 C#?U4666 I
(1)
39
W
?U747$/7 7L
fx8 IK6/U4g /%"6/ /
I4& K/g\/ ?3`Z =MmZr%``S
N]I"{r`6/g /=U4J/)7I4
) =a_ `6 /3`Z 7L\/7
3`Z` /} 66
(6_C@``%=x8./a 68
I4 "&3`Z
? K$
? =d `6/,rg6748/ 7Yir)p7
M\/I
YI4)
/. , Kd Z
7.3.2 :
)(Spam Reporting
4 Z6L)p 7=4g776M7/` 7YI7J7b
<6K C)pfx7874 7bO$ 7/`7 776)('&7/ %7
g /7(K7/7`U74_/777<7 7"IM7I
K/}J6
{7r ` 7f/7<7 7"I78.B7X7%O76Jx7
77I4M?@?W77p4776)('& p77rK%7<77 77"I77IJ776
? 7() ?abc.com?8?xyz@abc.com@7b- 7& U74 7bO$J<7
&" ? m/O1 ?WHOIS(6?/?x78 J 7
VZO- & +4 LJ K- L "I
bOp E1FxY B6
Y^ppb3"O6/4 a?4
S?6/U4dL(3 `Ot
W
40
( 1-2)
(gmail.com )
(1) mail uses Google's innovative technology to keep spam out of your inbox,
gmail.com, (http://www.google.com/mail/help/fightspam/spamexplained.html),
December, 2007.
. Egmail.comF (3U43%&('a6/ `E2)
41
W
8.3.2 :
)(SMTP RFC
^77Z6}77L7777`i"- 773]77I77
O&`7777677Z3
MESMTPF6=`g /7/` 777t7
fxY`O$"K- 73%7/}776g776^7Z6H7//7q
=?P6<Y4 " N`- 73" 7]7I7
O&`7767Z3
`ESMTPFM<Y6<(i /6JxmI 4Jx(6 7+
7Y
in 'KEHackersF/3LmL
9.3.2 : )
Fake MX
(Records
?7S)
/7.- 77,+] M7 77/J7b76)('&g77%7
8/ 3O-pVdn= =7I4]6B 7?. 7U74- 7L "I
0p 46)('& "&<$% K
c&?WbrM &/76)('&{7r?%7d7 7,]O 7L=E 7I8
MV/?/x807O/O8<L/7 7
7(rK=<7L
]w7&
/#?,7 S7#OM7
? 7VIK 7/x7C{7r 7
W
42
4`r/ K\/
43
W
) (2-2
W
44
45
W
"! -
./0 ('&
)(Phishing
W
46
47
W
W
48
49
W
K /M=
BdL( ^=yibdL+= 63`Z
m74/7O/7" M 7_/7bM3`7Z H ZS?%4O = J
K- p $ir (q &/MVZ
7Y3"3`Z `<6]6B#M%8- 3+=O r = J
KF6B0"x8. ) /M
/3`Z B6
M/77bH 77Z@U774d77Lg77g77O77bF776B= 77Wa 77= J
Kgx8M/cI/3`Z B63`Z}
U74/7O 7_/7bM+76
7 - 7 B7&%4O = J
KL+'] & kfx8U4b@#/r Sp4m&
3`Z
=B7d7Lzam7
6 7/3`7Z}{7r` 7Z-$ @ S
M
77b^W 77i&M 7 `S$? 77b ?Y^77Z6t776/77Z- 77& 3d77X
K\/ ? ?a- 4Mi,
W -"M%&('$" #$- V8= b (
K%&('$" #$VC"^ J1
KF6BdLBY J2
77S?^77 77(O77L77]6B 77/7777 877
77=a J3
.ESpamF/g /0 ?
W
50
) (1-3 ""
?E1F @]L =h "#$'($&%
.pYSEI3Z ?6+6/
6/
Z614w3ZJ@2006/6 I614 J781426V J K13718
51
W
"( "2-3)
W
52
"( "3-3)
d7L ?7,6?7Sp&K? 76/_?/7bd7L8=BdL/
(7M 7
_/7b%#dL<" #E4-3F(M
=B
K ZS)/cII= vSE5-3F
d7L 7"I<7Eriyadbank.comFW78%#dL" I<
KEriyadonlin.net.msFF6B
53
W
) (4-3 ""
W
54
) (5-3 ""
/Yc6(/7 $ E6-3Fd7L "7#$'($&%7x78 7
K?H ?_/bdLB=< 7"IEsabb.net.msF<7$m 7 7"I
dLM
Esabb.comF%#KE7-3F(7&? 7,6?\/7d7LB7=
"<#dLvS%#I =/cI) ZS K
55
W
6-3 ""
) (7-3 ""
W
56
websitesF777]6B77&)('
57
W
W
58
KExyzbank.comF
(1)
(2)
59
W
60
W
) (8-3
2006 2007
) (9-3
2006 2007
61
W
) (1-3
) (
93.8
ERetailFBV d3
2.8
2.2
1.2
) (2-3
1
2
3
4
5
6
7
8
9
10
) (
24.21
23.85
b
IC
=
I6 O
= &
? &
= 6 IX
( +i
Z&/r
9.39
8.06
4.64
3.53
3.41
2.42
1.47
1.47
W
62
63
W
emailFb^7777777
64
W
65
W
"! 1
2
./0 ('&
)(Phishing Techniques
)(DNS Poisoning
)(Content Injection
)(Address Obfuscation
)(Malware Attack
Search Engine
(Phishing
(Attack
The Popup
W
66
67
W
/6}
K=BdLzag6 ] 6/4 &I4d
gm&{r
- L "I. ?U43"I6m&{r
M
@ x
07"Ot7d7L7 78g =_7b- L "I. ? YIn\/
K6/ ZSb^W- & 6BO
W
68
( 1-4)
77778?_?/7777b 7777"I<7777?E2-4F(7777M 7777
/7777]I
" I_??` )</byibJ/I?Exyzbank.comF
x7 7"I<7^ W
IrE88.33.22.11F8Exyzbank.comF
^77 77Y
`77EInternet
BrowserF77 (377y]77bM_/77b
69
W
) (2-4
) (3-4
W
70
71
W
localhost
127.0.0.1
( 4-4)
xyzbank.com
92.45.67.89
( 5-4)
Content
) : 3.4
(Injection
siteFyi77#d77LM77I`S?
W%
K\/ ?dLzayibdL/m
O+ 4a J
KdL/ Y
MEmalwareF3 q/0
/O J
K%&('$" #$ zadLM - & 3m
O+ 4a J
W\o`S"" #p ??&hphE I8
EhackersF7/ ^7`r7 (37 7 MI?+/hp J
KEmalicious contentFv3 \iElegitimate contentF%#\o3
EhackersF/ 7^y7ZO7 (37 MI?+/hp J
Cross-Site Script F77+/7fx78_/7OK7fx78M73
k/`? S
FlawF%7k/7
%78EXSS
W
72
News.comF= 73
injection vulnerabilityF
script XSSF
(1) PayPal fixes phishing hole, by Joris Evers, Staff Writer, CNET News.com, Published:
June 16, 2006 4:12 PM PDT, (http://www.news.com/PayPal-fixes-phishing-hole/21007349_3-6084974.html).
73
W
authenticationF
77677bO
) : 4.4
(Attack MITM
W
74
Y /?7_/6M
/? KEMan-in-the-MiddleF
) (7-4
75
W
( 8-4)
^7Z 77'4p M
/V8 r(OL
K'4?dL
?7I7V8?77 7U7ZO7'74p7 7VC74 r(O
^77Z 77- 77& 3r77Op77 EcontentF\77og77EActive
AttackF
W
76
) (9-4 .
\77Sa"/77"77V8?773M77
/ 77 <77ZO%778?77?. 77
6/4EDNS PoisoningF- L "Ig7-pVZ 04p 7I66/7
zagO%U74$ 7K7]6Bd7L077p7$747IJ/7
?_/b?{r
p$ ZVZ 04p7Jx
77
W
78
W
) (10-4 ""
) (11-4 ""
79
W
) (12-4 ""
) (13-4 ""
W
80
: 6.4
(Malware Attack)
p77 77H77x778MEi77,F^77Z- 774d77y377bO
q77za776F77(x7780377K6 77br77(77 (377y]77b
K^Z Y
M4=BEmalwareF3
p7 7+x]I- d3L/ b3qfx8yZO
7bO7I4 737U7rK(i7,^)7Z73L (3y]b
^7Z<7$^7Z76BO7I4 7_/7b%&)('dL ^Z
fx7877
7 S%7]rM/bm ZSU4 %b^F6/B=
7bza C 7=a6/7Z- 7& 3fx78 7`a<7Zri, Y
Mq
_/7b%&)('dLd M^Zb^Wf=iIJx
K%``@m&?U4 bd Jx
77S-/77`&V77Z077
/O%778H77x77C+=Y77/77"\77Sa
V77Z77`6m7777Jx77i77, 77Y
MEKeystroke
LoggerFyO 77]
: 7.4
(Search Engine Phishing)
7BV d737&('ad7L. 7&a%78" 7#p\/ ?`6/
O
77 778d77Lfx77877/77K778- 77VI77 (377U774ERetailF
81
W
) : 8.4
(Popup Attack
x7rId7&
/c&@+= I0 Hx86
x77 (37- i]7b<7cM% ?(EPopup BlockerF`3I
7
H7x78?$aK+g7 7&MHx8 -$wL`r
K- i]bMd&fx8
3L Sza$ r
+x77r &%778E14-4F(77M 77
H77x77C776`77`6/"
+x7r Ifx78MK_/7bd7L
yi7#d7L+7(+x7r & 7?73IO+/b
^7Z <7
6/7- 7& 3m7P3O^7Z 707"677
6`3I
W
82
) (14-4
83
W
9.4
browserF7
W
84
www.contentverification.com/graphic-F77777777777777n/i]77777777777777b777777777777774
KEattacks/demo/adbarframeset.html
/7 y]7b^7 7(mZ]& Z E16-4F(/6
774 F77(IOv77S9.23<77L=^77ZIEOperaF1 ?/77??77 (377
77I/774%778/77?y]77bM+77
77# 0377Z77IF776BO
M 7,6?K7n/i]7b73L7I6/W. ] a SMdL%``@
77I6/77W\?/77&F776B77I6/77W 77b /774m77Z]&(77
KEgifF$ EimageF+=#8F6B
(1) opera.com.
( 15-4)
85
W
"( "16-4)
t7?_/7b1 7S 8F6BI6/WH?U4/
777iI777&('a7776/ 777=w777=? 777I4%777(6/ECitibankF2 ?777I
77777877777/ 77777I4 77777
E17-4F(77777M 77777
_/77777b77777b^W
?7It7d7%&)('E6/`?WIsupport@citibank.com
(1) http://www.antiphishing.org/phishing_archive/Citibank_3-31-04.htm
(2) www.citibank.com
W
86
F%77b^F776/B77=EATM/Debit
card numberF%77
87
W
W
88
?< 77@%77bI6/77?U77Z6F776B77I6/771 /7 H77?
77(M. 77,77]EText
89
W
) (19-4
90
W
) (20-4
91
W
"! 456
(9 <
./: ('&
)(Phishing Countermeasures
)(Filteration
)(Visual Keyboard
)(Two-Factor Authentication
)(Mutual Authentication
Anti-Phishing
(Toolbars
)(Anti-Phishing Softwares
x8L I6]Fb)
/.- ,- VC+ "#$)('& K%
87
W
1
92
: 1,5
1.1.5
7/74p7)<CUIZ%&('a6/IcI.p46BO
77/fx778w77&
a 77/776/`H 77Z@x778y77Z6K77cI77b^77iI
K6=
" #- V84=x&a ,6?%"6$?ii#
emailF77O/776E1-5F(77y77n6
93
W
) (1-5 )(Bouncing Email
3.1.5
/77
773L-$ 77bO$773= 77Z]$-77=/za+
77 B77
W
94
4.1.5
-$ 7777d77Lg7777
- 77Z@U774- 77F77773L/
?-p6777i?%777b^F7776/B7 7=g777O?- 777Z@za 777
K =_b SM- iZ
5.1.5
r ,Z/-= =#- ] & ^S? b6
M7=7#- 7]^77$77]6B<YLMrYZcI3L
K]6B<YO i]b],ZM?<Y
F77,Z7 (377 7 773L7-$ 77@fx7877_ 7
7(
8= 7WcIB==#- ]% F,ZcI%&)('dL
7`I7
O/07d7 7`EreferrerF?/7W?7`S77`i76/4
+=7bF77iEHTTP Hypertext Transfer ProtocolF07%7bI
77`S 77
aK+=77b/77t7777&)('i]77b77I4(77Jx77
07r/76 7{7r7YkI4za?cII4gzag6?/W?
+=77#-/77 p7S7 6} 77 77/77677L?+=77bF7777iHTTP
K"+=b$m3I6/6x
7
O1 - 7`077`h0ZirK Sza r./
)x8
7+7 ]d7nEreferrerF?/W`?S{rEHTTPF0%bI`I
KEhttp://tools.ietf.org/html/rfc2616F`h^)('&ZIE1F
95
W
W
96
97
W
) (2-5 ""
) (3-5 ""
) (4-5
W
98
) (5-5 ""
2.5 : )(Filteration
} 77=]77bO7 O776)('&%77M YS/77W377t77]77b%& 77
/7
a Y]7b 77,.g77 7/ 77, 7Y&
M77 r 7,6?ESpamF7/
- 7VC "77#$'($&%77 77=U774+776)('&M%7777
KEdeception-based phishing emilsF
99
(Security
W
) : 3.5
Patches
(Firewalls)
- 77I`U7747777I778%77&('$" 77#$- 77V877&?77S?
7Y
M7I-/7p7m7p 7<76Etechnical
subterfugeF7I]
W
100
Kyi#dL
) : 4.5
(- XSS
script - XSSF777+/77fx778_/77OK77
37U74K%
= 7 =7b73L7_ ,\qI6Eprogramming flawF
Euser reviewF 7q7I=B7`<O?EblogsF- &M=B- `O
- 77
/Mv77- 77
?Ediscussion
101
W
KEweb-based emailF
H77%77&('$" 77#$i77n77L/77" J 77]U7777`6/"
77M 77Yc]S773L 778 a77
fx778]77bO778v773\77o77`S
K=B- i]bU4 Yn/44 n%
W
102
) (6-5
6.5 : )
Two-Factor
(Authentication
?77 7,6?_/7667b`x78MKEStrong AuthenticationF?J7)
/7.
<6^/`6/ ,6b=
?U4 K6b
/-phE I8 W6b
103
W
77`6J7`I0i7Z74MK%7_/b+BY
?J`I0iZ
7
{ ,6?`6?? %& IOtL "3{
K?_/O? I6Jx=/
77
776/77Z- 77& 3/7ZO%77&('$" 77#$- 774M+ 74
\/7 ?- 7& 07<76x?_/O? IFIbOt=/
67b7&?76/7 4Iza%IO- & 3
6b4Mr na
K?w&? ????
74%7&('$" 7#$- VC ,./
a^Z6% I6b
" 7777#$EMan-in-the-middle
AttackF7777M7 77
/7777V877776/
W
104
AttackF7777M7777
/7777V877776/
105
W
) (7-5
) (8-5
8.5 :
)(Anti-Phishing Toolbars
6/77W?+774J776/77W778-==7777IF 7777(6
4M+YX/76KEApplicationF 773"O7766/7WE9-5F(7
?y]77bU774?77
?-(377777777 F?==377777Z
aw77&'&a?77
KEExplorer
Internet
W
106
107
W
1 crypto.stanford.edu/SpoofGuardL
W
108
. .(1-5)
microsoft.com/ie
pages.ebay.com/ebay_toolbar
www.callingid.com
cloudmark.com
earthlink.net
toolbar.trustwatch.com
crypto.stanford.edu/SpoofGuard
eBay
CallingID
CLOUDMARK
EarthLink
TrustWatch
SpoofGuard
( 10-5)
""
109
W
) (11-5 "
"
) (12-5 ""SpoofGuard
W
Anti-
110
) : 9.5
(Phishing Software
- 77V877n776 @Esecurity
softwareF776 @q/77<77c77,O
111
W
)(
Access
bO
Active Attack
IVC
Address Obfuscation
I6O
ATM
Anti-Phishing Toolbars
%_/b+BY
?
" 77777777#$77777777ir (-?/77777777W?
%&('$
Anti-Phishing Softwares
Application
Attachments
- `r/
Attacker
<
Y
Authentication
6b
Backdoors
] H?
Bandwidth
bO$+ IL
Bank
_/b
Biometrics
6@N6 `
Black List
.Z`
Blog
Bounced E-Mail
Browser
&
+O/%&)('6=
y]b
W
Chat Rooms
Commercial Whitelists
Computer
Configuration
112
h o_/
6= V. ,3`<
H S
3nL4LPYO
Content
\
Cracker
H/
Database
Data Integrity
Dialog Box
- & +4 L
- & 3E (O?Fp
J=SI#
Dictionary Attack
` V8
Discussion Boards
` I- `S
DNS Poisoning
Domain Name
Download
E-mail
E-mail account
%&)('6H ZS
E-mail address
%&)('6I4
E-mail client
E-mail Filtering
%&)('6]bO
E-Mail Header
/=?Z6/O
E-Mail Route
113
E-mail Server
Fax
W
%&)('6
EN
]F &
Filtering
]bO
Firewalls
6 @
=
Form
Forums
- 6I
Hackers
E/ CF (3L'
Heuristics Methods
Hosts File
HTML
HTTP
Inquiry
Install
Instant Messenging
Internet
Integrity Check
36/V/"
],F
0%bIB'
0%bI`I
O/
p
w3OL0bIOL0
/O
/W 3'L%&'
(3
(`i
IP Address
w&'&$ O/I4
IPS
- L '$dIc&?
Junk mail
Keystroke Logger
Locally
H/g6
yO ]S-/`&VZ
%
W
Look and Feel
Malicious content
Malware
Man-In-The-Middle
Message body
Mutual Authentication
114
ZS)/cI
v3 \
3q
M
/V8
/&
36b
OCR
n_@U4_/
Online
Online trust
Open Mail Rely
Operating System
Passive Attack
Password
Pharming
Phishing
%&h
]%&)('6
c&
ZVCLSpVC
=/
- 7L "I . 7? -pVM04p
34=BL
%&('$" #$
POP3
60( O/
Popup
`3I- i]b
Programming Flow
Regular Expressions
Scam
%k/
r-g3
4
115
Search Engines
Security Updates
Server
Smart Card
SMTP
SMS
Social Engineering
Spywares
Strong Authentication
Subject
Text Field
Tools
Traffic
Two-Factor Authentication
Upgrade
User name
Version number
Virus
Visual Keyboard
W
vi3-
/
I- 6i
xL "3
Z36
&`O/
+gbLb& =
4
$IC
NZVq/
J`6b
/n
%b&`S
+4 Z-
r
% I6b
L'-=#a
^Z<
^ZI<L=
gr
/yO ]S
Vulnerability
+/h
Web browser
(3y]b
W
Webmail
White List
Window
Worm
www
116
(3U43%&)('6
. ,3`
+xr &
+
(3
117
W
+
*
Jonathan B. Postel, "SIMPLE MAIL TRANSFER PROTOCOL", RFC 821,
(http://tools.ietf.org/html/rfc821), August 1982.
Network Working Group, "Requirements for Internet Hosts -- Application and
Support", RFC 1123, (http://tools.ietf.org/html/rfc1123), May 1996.
Network Working Group, "Post Office Protocol - Version 3", RFC 1939,
(http://tools.ietf.org/html/rfc1939), May 1996.
Network Working Group, "MAIL ROUTING AND THE DOMAIN
SYSTEM", RFC 974, (http://tools.ietf.org/html/rfc974) , January 1986.
Network Working Group, "Common DNS Operational and Configuration
Errors", RFC 1912, (http://tools.ietf.org/html/rfc1912) , February 1996.
?Virus
descs/novarg.shtm).
(http://www.news24.com/News24/South_Africa/News/0,,2-7-
E1442_1641875,00.html
W
118
? Nick Johnston, PDF Spam: Spam Evolves, PDF becomes the Latest Threat",
Anti-Spam Development at MessageLabs, A MessageLabs Whitepaper,
August 2007K
EI3S.pY
%&('$" #$= h]@ L?
77V@J7714w377Z677Z 776/+776/
7777 ?677Z
13718 J2006/6 I614 J781426
Christopher Abad, The economy of phishing: A survey of the operations of
the phishing market, First Monday, volume 10, number 9, September 2005,
(http://firstmonday.org/issues/issue10_9/abad/index.html). M. Jakobsson, S.
Myers, Phishing and Countermeasures: Understanding the Increasing Problem
of Electronic Identity Theft, Wiley, 2007.
The Anti-Phishing Working Group, www.apwg.com.
Phishing Activity Trends, Report for the Month of November, 2007, AntiPhishing Working Group (APWG), apwg.org
Gartner, Media Relations, 2008 Press Releases, Gartner Survey Shows
Phishing Attacks Escalated in 2007; More than $3 Billion Lost to These
Attacks, (http://www.gartner.com/it/page.jsp?id=565125), 05-March-2008.
Joris Evers, Staff Writer, PayPal fixes phishing hole, CNET News.com,
119
W