Phishing

2011 ◽  
pp. 210-220 ◽  
Author(s):  
Indranil Bose
Keyword(s):  
Personal Information ◽  
Social Engineering ◽  
End User ◽  
Management Tools ◽  
Multifactor Authentication ◽  
Mail Server ◽  
Protection Strategies ◽  
Password Management ◽  
E Mail ◽  
User Protection

Phishing is a new form of online crime where the unsuspecting user is tricked into revealing his/her personal information. It is usually conducted using social engineering or technical deceit–based methods. The various ways in which phishing can take place are described in this chapter. This is followed by a description of key strategies that can be adopted for protection of end users and organizations. The end user protection strategies include desktop protection agents, password management tools, secure e-mail, simple and trusted browser setting, and digital signature. Among corporate protection strategies are such measures as e-mail personalization, mail server authentication, monitoring transaction logs, detecting unusual downloading activities, token based and multifactor authentication, domain monitoring, and Web poisoning. Some of the commercially available and popular anti-phishing products are also described in this chapter.

scholarly journals An Implementation of Fraudulent URL Detection with Advanced Feature and ML Technique

2021 ◽  
pp. 369-376
Author(s):  
Sachin Chandwade ◽  
Ms. Shafali Gupta ◽  
Asmita Deshpande ◽  
Falguni Pawar ◽  
Mangesh Nyati
Keyword(s):  
Learning Algorithm ◽  
Personal Information ◽  
Social Engineering ◽  
Machine Learning Algorithm ◽  
Data Mining Algorithms ◽  
The Social ◽  
Wide Range ◽  
Or Organization ◽  
Mining Algorithms ◽  
E Mail

“Phishing is a deceptive attempt to steal the individual’s details, primarily via email.”Phishing is getting more aggressive by the day, and early detection is critical. The term ‘phishing’ is considered to be a one of the social engineering strategies that gather personal information from a business or an individual by posing as a trustworthy institution or organization instead of malicious websites and misleading e-mail to canvass personal information from any organization or an individual. Phishing also targets email by using it as a vehicle and even delivering messages via email to users who serve a firm or belongs to the particular organization that is responsible to execute the key business tasks, that mainly includes financial establishment or a bank etc. Our focus is mainly on the wide range of data mining algorithms as well as the techniques for evaluating functionality. These targeted algorithms will help us to clear the views about the detail structure of phishing URLs. The best machine learning algorithm for discriminating between phishing and the original site is selected using key functional parameters.

scholarly journals A Dockers Storage Performance Evaluation: Impact of Backing File Systems

2021 ◽  
pp. 8-17
Author(s):  
Amer Ramadan ◽  
Keyword(s):  
Performance Evaluation ◽  
Experimental Design ◽  
File Systems ◽  
Experimental Results ◽  
File Server ◽  
Storage Performance ◽  
File Access ◽  
Mail Server ◽  
The Impact ◽  
E Mail

This paper reports on an in-depth examination of the impact of the backing filesystems to Docker performance in the context of Linux container-based virtualization. The experimental design was a 3x3x4 arrangement, i.e., we considered three different numbers of Docker containers, three filesystems (Ext4, XFS and Btrfs), and four application workloads related to Web server I/O activity, e-mail server I/O activity, file server I/O activity and random file access I/O activity, respectively. The experimental results indicate that Ext4 is the most optimal filesystem, among the considered filesystems, for the considered experimental settings. In addition, the XFS filesystem is not suitable for workloads that are dominated by synchronous random write components (e.g., characteristical for mail workload), while the Btrfs filesystem is not suitable for workloads dominated by random write and sequential write components (e.g., file server workload).

scholarly journals Cyberstalking victimization

Temida ◽  
2013 ◽  
Vol 16 (1) ◽  
pp. 151-162
Author(s):  
Vida Vilic
Keyword(s):  
Social Networks ◽  
Electronic Communication ◽  
Personal Information ◽  
Identity Theft ◽  
Social Phenomenon ◽  
Chat Rooms ◽  
Online Fraud ◽  
The Creation ◽  
Personal Photos ◽  
E Mail

Global social networks contributed to the creation of new, inconspicuous, technically perfect shape of criminality which is hard to suppress because of its intangible characteristics. The most common forms of virtual communications? abuse are: cyberstalking and harassment, identity theft, online fraud, manipulation and misuse of personal information and personal photos, monitoring e-mail accounts and spamming, interception and recording of chat rooms. Cyberstalking is defined as persistent and targeted harassment of an individual by using electronic communication. The victim becomes insecure, frightened, intimidated and does not figure out the best reaction which will terminate the harassment. The aim of this paper is to emphasize the importance and necessity of studying cyberstalking and to point out its forms in order to find the best ways to prevent this negative social phenomenon. Basic topics that will be analyzed in this paper are the various definitions of cyberstalking, forms of cyberstalking, and the most important characteristics of victims and perpetators.

scholarly journals A Secure Methodology for Filtering Spam & Malware in E-mail System and Secure E-mail Testbed Setup

2021 ◽  
Vol 10 (2) ◽  
pp. 651-657
Keyword(s):  
Critical Infrastructures ◽  
Mail Server ◽  
Security Properties ◽  
Experimental Testbed ◽  
Typical Configuration ◽  
Mail System ◽  
E Mail

E-mail system is one of the critical infrastructures of any organization. It is necessary to ensure that the mail servers in use should be secured in such a way that no security properties like confidentiality, integrity, and authenticity are compromised. To achieve these security properties we have setup a secure e-mail server testbed that provides security against malware and spam, and guaranties secure e-mail delivery. This paper proposes a secure methodology for filtering spam and malware in the e-mail system, comprising standard layers of protocols and policies. An experimental testbed is established to evaluate the effectiveness of our methodology and was tested with spam and malware e-mails. Our results showed an accuracy of 95 percent, against a typical configuration of an e-mail system.

scholarly journals CONSIDERATIONS OF CRIMINAL LAW AND FORENSIC SCIENCE REGARDING THE ILLEGAL ACCESS TO A COMPUTER SYSTEM

2018 ◽  
Vol 11 (2) ◽  
pp. 49-57
Author(s):  
Adrian Cristian MOISE
Keyword(s):  
Computer System ◽  
Criminal Law ◽  
Personal Information ◽  
Social Engineering ◽  
Criminal Code ◽  
Criminal Offence ◽  
Web Page ◽  
Council Of Europe ◽  
Visual Identity ◽  
The Social

Starting from the provisions of Article 2 of the Council of Europe Convention on Cybercrime and from the provisions of Article 3 of Directive 2013/40/EU on attacks against information systems, the present study analyses how these provisions have been transposed into the text of Article 360 of the Romanian Criminal Code.  Illegal access to a computer system is a criminal offence that aims to affect the patrimony of individuals or legal entities.The illegal access to computer systems is accomplished with the help of the social engineering techniques, the best known technique of this kind is the use of phishing threats. Typically, phishing attacks will lead the recipient to a Web page designed to simulate the visual identity of a target organization, and to gather personal information about the user, the victim having knowledge of the attack.

Social engineering as a threat to personal financial security

2021 ◽  
Vol 17 (1) ◽  
pp. 150-166
Author(s):  
Andrei L. LOMAKIN ◽  
Evgenii Yu. KHRUSTALEV ◽  
Gleb A. KOSTYURIN
Keyword(s):  
Information Security ◽  
Personal Information ◽  
Public Awareness ◽  
Social Engineering ◽  
Training System ◽  
Security Threats ◽  
Security Threat ◽  
Public And Private ◽  
Security Issues ◽  
The Government

Subject. As the socio-economic relationships are getting digitalized so quickly, the society faces more and more instances of cybercrime. To effectively prevent arising threats to personal information security, it is necessary to know key social engineering methods and security activities to mitigate consequences of emerging threats. Objectives. We herein analyze and detect arising information security threats associated with social engineering. We set forth basic guidelines for preventing threats and improving the personal security from social engineering approaches. Methods. The study relies upon methods of systems analysis, synthesis, analogy and generalization. Results. We determined the most frequent instances associated with social engineering, which cause personal information security threats and possible implications. The article outlines guidelines for improving the persona; security from social engineering approaches as an information security threat. Conclusions and Relevance. To make information security threats associated with social engineering less probable, there should be a comprehensive approach implying two strategies. First, the information security protection should be technologically improved, fitted with various data protection, antivirus, anti-fishing software. Second, people should be more aware of information security issues. Raising the public awareness, the government, heads of various departments, top executives of public and private organizations should set an integrated training system for people, civil servants, employees to proliferate the knowledge of information security basics.

The Group Management Alternative

2016 ◽  
Author(s):  
Ofer Bergman ◽  
Steve Whittaker
Keyword(s):  
Information Management ◽  
Potential Benefit ◽  
Personal Information ◽  
File Sharing ◽  
Personal Information Management ◽  
Traditional Methods ◽  
Group Management ◽  
Management Alternative ◽  
Group Information ◽  
E Mail

People who are collaborating can share and organize files in two main ways: performing Group Information Management (GIM) using a common repository or performing Personal Information Management (PIM) by distributing files as e-mail attachments and storing them in personal repositories. One potential benefit for GIM is that it reduces the need for every collaborating participant to individually organize their information. However people are less successful and less efficient at finding files from common repositories than personal folders. Consistent with this, people show a preference for more traditional methods of file-sharing using email. PIM may induce better retrieval because it encourages people to actively organize their files using personal classifications. Such active personal organization is less likely with GIM.

SPIT

2009 ◽  
pp. 1339-1344
Author(s):  
Kevin Curran
Keyword(s):  
Personal Information ◽  
Identity Theft ◽  
Internet Telephony ◽  
Urban Legends ◽  
The People ◽  
Junk Mail ◽  
Spam Filters ◽  
New Type ◽  
Monty Python ◽  
E Mail

Spam in the computer does not simply mean ads. Spam is any message, article, or ad that repeats itself an unacceptable number of times so that it causes annoyance. The content of the spam is of no importance. It could contain your simple “Make Money Fast” hyperlink or a beautiful piece of poetry, but if the message is continuously repeated it becomes spam. The term spam is thought to have been taken from a famous Monty Python sketch. In that sketch spam came with everything the people ordered and the waitress would be constantly saying the word spam. Therefore the meaning of spam is something that repeats itself causing much anger or annoyance. Spam can be categorized as follows: • Junk mail: Mass mailings from legitimate businesses that is unwanted. • Noncommercial spam: Mass mailings of unsolicited messages without an apparent commercial motive including chain letters, urban legends, and joke collections. • Offensive and pornographic spam: Mass mailings of “adult” advertisements or pornographic pictures. • Spam scams: Mass mailings of fraudulent messages or those designed to con people out of personal information for the purpose of identity theft and other criminal acts. • Virus spam: Mass mailings that contain viruses, Trojans, malicious scripts, and so forth. Spoofing (Schwartz & Garfinkel, 1998) is a technique often used by spammers to make them harder to trace. Trojan viruses embedded in e-mail messages also employ spoofing techniques to ensure the source of the message is more difficult to locate (Ishibashi, Yamai, Abe, & Matsuura, 2003). Spam filters and virus scanners can only eliminate a certain amount of spam and also risk catching legitimate e-mails. As the SoBig virus has demonstrated, virus scanners themselves actually add to the e-mail traffic through notification and bounceback messages. SMTP is flawed in that it allows these e-mail headers to be faked, and does not allow for the sender to be authenticated as the “real” sender of the message (Geer, 2004). This article looks at a new type of spam known as spam over Internet telephony (SPIT).

Importance of Information Security and Strategies to Prevent Data Breaches in Mobile Devices

2020 ◽  
pp. 215-225
Author(s):  
Maulik Desai ◽  
Swati Jaiswal
Keyword(s):  
Operating System ◽  
Information Security ◽  
Mobile Phone ◽  
Mobile Devices ◽  
Cell Phone ◽  
End User ◽  
Shoulder Surfing ◽  
A Cell ◽  
Encryption Algorithms ◽  
E Mail

Mobile devices have upgraded from normal java-based phones whose basic functionality was calling, messaging, and storing contact information to a more adaptive operating system like Symbian, iOS, and Android, which have smart features like e-mail, audio player, camera, etc. Gradually, everyone started relying more and more on these mobile devices. This led to an increase in the number of cell phone hackers. Common ways that a hacker gets access to your phone is via phishing, shoulder surfing, piggybacking, etc. There are countermeasures to this like bookmarking your most visited sites, using VPN, using encryption algorithms. Data theft and identity theft are a new concern for today's user; this chapter is to educate the end user of different ways in which their privacy can be invaded via a mobile phone. This chapter will help the researchers to know the mindset of a cell phone hacker and what are the potential damages that can be caused by them and strategies to prevent them.

Sign in / Sign up

Export Citation Format

Share Document