Chapter 9: Computer Fraud and Abuse Techniques

Social engineering

use psychological tricks to get victims to comply with the attacker’s wishes (often to gain access to a system or confidential data).

• Often take advantage of our compassion, greed, sex appeal, sloth, trust, urgency, and vanity.

Techniques used in social engineering

Phishing, Pretexting, Posing, pharming, Typosquatting, shoulder surfing, etc.

Typosquatting

Cybercriminals registers domain names that are misspellings of legitimate websites.

Pharming

redirects website traffic to a spoofed website, even if the correct URL is entered.

How was the Brazilian banking pharming attack conducted?

Criminals changed the Domain Name System (DNS) settings on bank customers’ home Wi-Fi routers.

Spoofing:

faking the identity to gain the trust of the victims.

Types of Spoofing?

Web-page spoofing

IP address spoofing: to impersonate another computer (likely to bypass authentication based on IP addresses)

Caller ID spoofing

E-mail spoofing (with forged sender address)

Malware

Any malicious software that is used to do harm. Watch a video that helps you remember some terms below

Ransomware

Locks you out of programs and encrypt your data so that a ransom payment can be demanded.

Spyware

Secretly monitors and collects information and sends it to cybercriminals

Adware

pops up ads and can collect info about web-surfing habits

Keylogger

records users’ keystrokes to steal sensitive data.

Virus

A segment of code that attaches to a program/file that is self-replicating (but needs user to run infected file);

Worm

A program that stands alone, and is automatically self-replicating (without user action);

Trojan Horse

Malicious code inserted in an authorized & functioning program; does not replicate itself.

Time/Logic bomb

lies idle until a specified time or event occurs.

Keylogger Trojan

Trojan horse with keylogger bundled inside.

Zero-day attack (or zero-hour attack)

An attack between the time a new software vulnerability is discovered and the time the developer releases a patch fixing the problem.

Companies (e.g., Google, Microsoft, Tesla) launch bug bounty programs, paying ethical hackers to find bugs before criminals do.

Man in the middle (MITM)

Attackers place their devices in between a legitimate user and a host (server) or between two legitimate users, impersonate both parties, to intercept or modify their communication.

Common on unsecured public Wi-Fi or via Evil Twin attacks.

Botnet

network of hijacked computers or IoT devices (bots or zombies) that are used by the bot herder (or botmaster) to attack systems or spread malware. Estimated1-5% online devices worldwide are part of botnet.

(Distributed) Denial-of-Service (DoS or DDoS) attack:

often using Botnets to overload and shut down servers and prevent legitimate users from accessing them:

• E-mail DoS attack: send many emails from false addresses

• Web page DoS attack: send many web page requests

Vulnerabilities with Bluetooth Devices

When turning on Bluetooth, you are broadcasting the device’s MAC address to people nearby.

Attackers could:

Access contact lists, data, pictures, and private info (Bluesnarfing);

Take control of your device and send text messages or make calls and payments (Bluebugging).

Preventive measures for bluetooth devices?

Turn off Bluetooth when not in use;

Avoid pairing in public;

Install security patches and antivirus software on devices.