200 research outputs found
Phishing in email and instant messaging
Abstract. Phishing is a constantly evolving threat in the world of information security that affects everyone, no matter if you’re a retail worker or the head of IT in a large organisation. Because of this, this thesis aims to give the reader a good overview of what phishing is, and due to its prevalence in email and instant messaging, focuses on educating the reader on common signs and techniques used in phishing in the aforementioned forms of communication. The chosen research method is literature review, as it is the ideal choice for presenting an overview of a larger subject. As a result of the research, many common phishing signs and techniques in both email and instant messaging are presented. Some of these signs include strange senders, fake domain names and spellings mistakes. With this thesis, anyone looking to improve their understanding about phishing can do so in a way that is easy to understand. Some suggestions for future research are also presented based on this thesis’ shortcomings, namely the lack of studies on phishing in instant messaging
Consumer protection for online banking scams via e-mail in Malaysia
The new advancement in technology both hard and soft is creating new opportunities for cyber criminals.It is an effective tool for going against the law.In the economic sector, the number of Malaysians opting for online banking to do transaction is increasing.There are 9.8 million online banking account holders in Malaysia. However, cases of online banking scams in Malaysia have been increasing since such first case was registered in 2005.Statistics from Financial
Mediation Bureau showed that the number of cases had increased.Therefore, the objectives of this paper are to identify cyber scams via email in online banking business model and to examine consumer protection of online banking scams in Malaysia
Large-Scale Analysis of Pop-Up Scam on Typosquatting URLs
Today, many different types of scams can be found on the internet. Online
criminals are always finding new creative ways to trick internet users, be it
in the form of lottery scams, downloading scam apps for smartphones or fake
gambling websites. This paper presents a large-scale study on one particular
delivery method of online scam: pop-up scam on typosquatting domains.
Typosquatting describes the concept of registering domains which are very
similar to existing ones while deliberately containing common typing errors;
these domains are then used to trick online users while under the belief of
browsing the intended website. Pop-up scam uses JavaScript alert boxes to
present a message which attracts the user's attention very effectively, as they
are a blocking user interface element.
Our study among typosquatting domains derived from the Alexa Top 1 Million
list revealed on 8255 distinct typosquatting URLs a total of 9857 pop-up
messages, out of which 8828 were malicious. The vast majority of those distinct
URLs (7176) were targeted and displayed pop-up messages to one specific HTTP
user agent only. Based on our scans, we present an in-depth analysis as well as
a detailed classification of different targeting parameters (user agent and
language) which triggered varying kinds of pop-up scams.Comment: 9 pages, 11 figure
- …