SlideShare a Scribd company logo

Web spoofing (1)

Download as PPT, PDF
Khushboo Taneja, profile picture
Khushboo Taneja

Web spoofing allows an attacker to create a fake version of the World Wide Web to trick victims. The attacker lures victims to their fake site, which looks identical to the real site. On the fake site, the attacker can observe any sensitive information entered by the victim. Current browsers are vulnerable to web spoofing attacks even on secure connections. Users should disable JavaScript, always check the URL bar, and be wary of any requests for sensitive information over email.

1 of 17
Downloaded 153 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
WEB SPOOFING By: Khushboo Taneja
Web Spoofing : An internet security attack. Allows an attacker to create a “shadow copy” of the entire World Wide Web. Attacker creates misleading context in order to trick the victim. Online fraud.
Spoofing: It means pretending to be something you are not. In internet terms, it means pretending to be a different IP address from the one you really have in order to gain something.
Starting the Attack: The attacker must somehow lure the victim into the attacker’s false web, there are several ways to do this. An attacker can put a link to false Web onto popular Web page. If the victim is using Web-enabled email, the attacker could email the victim a pointer to false Web. Finally, the attacker could trick a web search engine into indexing part of a false Web.
Have you ever received an e-mail that looked like this? From: Bank of America To: John Doe Subject: Your Online Banking Account is Inactive Your Online Banking Account is Innactive We closed your online access for security reasons. Click here to access your account We must verify your account information. Bank of America, N.A. Member FDIC. Equal Housing Lender © 2004 Bank of America Corporation. All rights reserved.
Spoofing attacks in the physical world as well as the electronic world In the physical world, for example, there have been several incidents in which criminal copy the victim’s card and use the duplicate. In these attack people were befooled for the context what they saw, the location of the machine and the appearance of their electronic displays. People using computer system often makes security relevant decisions based on contextual clues they see. For example you might decide to type in you account number because you believe you are visiting your bank’s web page. This belief might arise because the page has a familiar look.
Context A browser presents many types of context that users might rely on to make decisions. Appearance – the appearance of an object might convey a certain impression. Name of Objects – people often deduce what is in a file by its name. Timing of Events – if 2 things happen at the same time, the user might think they are related. Is MICR0SOFT.COM or MICROSOFT.COM the correct address for Microsoft?
Consequences: Surveillance – the attacker can passively watch the traffic, recording which pages the victim visits and the contacts of those pages. ( This allows the attacker to observe any account numbers or passwords the victim enters .) Tampering – the attacker can modify any of the data traveling in either direction between the victim and the Web. ( The attacker would change the product number, quantity or ship to address .)
How the Attack Works: URL Rewriting Forms “ Secure” Connections
URL Rewriting: The attacker’s first trick is to rewrite all of the URLs on some web page so that they point to the attacker’s server rather than the real server. Assuming the attacker’s server is on the machine www.attacker.org , the attacker rewrites a URL by adding http://www.attacker.org to the front of the URL. For example, http://home.netscape.com becomes http://www.attacker.org/http://home.netscape.com . Once the attacker’s server has fetched the real document needed to satisfy the request, the attacker rewrites all of the URLs. in the document into the same special form. Then the attacker’s server provides the rewritten page to the victim’s browser. If the victim follows a link on the new page, the victim remains trapped in the attacker’s false web.
Forms: When the victim submits a form, the submitted data goes to the attacker’s server. The attacker’s server can observe and even modify the submitted data, doing whatever malicious editing desired, before passing it on to the real server.
“ Secure” Connections: Web spoofing works on both of the major browsers: Internet Explorer and Net Scape Navigator and is not prevented by “Secure” connections.The victim’s browser think everything is fine: it was told to access a URL at www.attacker.org . the secure connection indicator only gives the victim a false sense of security.The victim sees no indication that anything is wrong.
Competing the illusion The attack as described thus far is fairly effective, but not perfect. There is still some remaining context that can give the victim clues that the attack is going on. Such evidence is not too hard to eliminate because browsers are very customizable. The ability of a web page to control browser behavior is often desirable, but when the page is hostile it can be dangerous.
Remedies Follow a three part strategy: Disable JavaScript in your browser so the attacker will be unable to hide the evidence of the attack; Make sure your browser’s location line is always visible; Pay attention to the URLs displayed on your browser’s location line, making sure they always point to the server you think you are connected to.
Protecting yourself against e-mail or online fraud Don’t take anything for granted. Do not click on links you receive in an e-mail message asking for sensitive personal, financial or account information. Call the company directly to confirm requests for updating or verifying personal or account information. Do not share your ID’s or pass codes with anyone. Look for secure connections on Web sites. Always sign off Web sites or secure areas of Web Sites. When your computer is not in use, shut it down or disconnect it from the Internet.
Conclusion Current browsers don’t prevent web spoofing and there can be no secure electronic commerce on the web until web spoofing vulnerability has been addressed.
THANKYOU

More Related Content

PPT
Web spoofing
kondalarao7
 
PPTX
Webspoofing
jaimin_m_raval
 
PDF
A guide to email spoofing
MattChapman50
 
PPTX
Cyber Security (Hacking)
Dhrumit Patel
 
PPTX
Phishing Attack : A big Threat
sourav newatia
 
PPTX
Phishing
SouganthikaSankaresw
 
PPT
P H I S H I N G
bensonoo
 
PDF
Phishing exposed
tamfin
 
Web spoofing
kondalarao7
 
Webspoofing
jaimin_m_raval
 
A guide to email spoofing
MattChapman50
 
Cyber Security (Hacking)
Dhrumit Patel
 
Phishing Attack : A big Threat
sourav newatia
 
Phishing
SouganthikaSankaresw
 
P H I S H I N G
bensonoo
 
Phishing exposed
tamfin
 

What's hot (19)

PPTX
Phishing attack
Raghav Chhabra
 
PPTX
Seminar
Kavis Pandey
 
PPTX
Phishing
Arpit Patel
 
PPT
Phishing attacks ppt
Aryan Ragu
 
PDF
Email phising and spoofing hurting your business
Mithi SkyConnect
 
PPTX
Anti phishing
Shethwala Ridhvesh
 
PPTX
Phishing Scams: 8 Helpful Tips to Keep You Safe
CheapSSLsecurity
 
PPTX
Phishing
Sagar Rai
 
PPTX
Introduction to Hacking
leet detected
 
PDF
Web phish detection (an evolutionary approach)
eSAT Journals
 
PDF
Web phish detection (an evolutionary approach)
eSAT Publishing House
 
PPT
Phishing & Pharming
Devendra Yadav
 
PDF
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
PPTX
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
PPTX
Preventions of Email Hacking
Usman Khan
 
PDF
Fire eye spearphishing
Zeno Idzerda
 
PPTX
Phishing Technology
AvishekMondal15
 
PPTX
S01.L06 - Internet Security
selcukca84
 
PPTX
Email phishing and countermeasures
Jorge Sebastiao
 
Phishing attack
Raghav Chhabra
 
Seminar
Kavis Pandey
 
Phishing
Arpit Patel
 
Phishing attacks ppt
Aryan Ragu
 
Email phising and spoofing hurting your business
Mithi SkyConnect
 
Anti phishing
Shethwala Ridhvesh
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
CheapSSLsecurity
 
Phishing
Sagar Rai
 
Introduction to Hacking
leet detected
 
Web phish detection (an evolutionary approach)
eSAT Journals
 
Web phish detection (an evolutionary approach)
eSAT Publishing House
 
Phishing & Pharming
Devendra Yadav
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
secure from Phishing Hacking and Keylogger
Abhishek Hirapara
 
Preventions of Email Hacking
Usman Khan
 
Fire eye spearphishing
Zeno Idzerda
 
Phishing Technology
AvishekMondal15
 
S01.L06 - Internet Security
selcukca84
 
Email phishing and countermeasures
Jorge Sebastiao
 
Ad

Similar to Web spoofing (1) (20)

PPT
Unauthorized access, Men in the Middle (MITM)
Balvinder Singh
 
PPT
Exploring And Investigating New Dimensions In Phishing
Muhammad Haroon CISM PCI QSA ISMS LA CPTS CEH
 
PPTX
Different types of attacks in internet
Rohan Bharadwaj
 
PPSX
Shiv seminar final
Shivarajkumar Badiger
 
PPT
Strategies to handle Phishing attacks
Sreejith.D. Menon
 
PPS
Amazon & E Bay
Sabyasachi Dasgupta
 
PPTX
Tools and methods used in cyber crime
shubhravrat Deshpande
 
PPTX
phishing-technology-730-J1A0e1Q.pptx
MaheshDhope1
 
PPTX
PPT on Phishing
Pankaj Yadav
 
PDF
phishingppt-160209144204.pdf
vinayakjadhav94
 
PPTX
Phishing ppt
Sanjay Kumar
 
PPT
Internet Phishing El phishing es una forma de ciberdelincuencia en la que los...
i2422282
 
PDF
Phishing: Analysis and Countermeasures
IRJET Journal
 
PDF
Ethical Hacking and Cyber Security
Neeraj Negi
 
PDF
Sip 140208055023-phpapp02
mark scott
 
PDF
A Review on Antiphishing Framework
IJAEMSJORNAL
 
PPTX
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
PPTX
Hack using firefox
Reza Nurfachmi
 
PPT
Web security ppt sniper corporation
sharmaakash1881
 
PPT
Web Application Security
Chris Hillman
 
Unauthorized access, Men in the Middle (MITM)
Balvinder Singh
 
Exploring And Investigating New Dimensions In Phishing
Muhammad Haroon CISM PCI QSA ISMS LA CPTS CEH
 
Different types of attacks in internet
Rohan Bharadwaj
 
Shiv seminar final
Shivarajkumar Badiger
 
Strategies to handle Phishing attacks
Sreejith.D. Menon
 
Amazon & E Bay
Sabyasachi Dasgupta
 
Tools and methods used in cyber crime
shubhravrat Deshpande
 
phishing-technology-730-J1A0e1Q.pptx
MaheshDhope1
 
PPT on Phishing
Pankaj Yadav
 
phishingppt-160209144204.pdf
vinayakjadhav94
 
Phishing ppt
Sanjay Kumar
 
Internet Phishing El phishing es una forma de ciberdelincuencia en la que los...
i2422282
 
Phishing: Analysis and Countermeasures
IRJET Journal
 
Ethical Hacking and Cyber Security
Neeraj Negi
 
Sip 140208055023-phpapp02
mark scott
 
A Review on Antiphishing Framework
IJAEMSJORNAL
 
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
Hack using firefox
Reza Nurfachmi
 
Web security ppt sniper corporation
sharmaakash1881
 
Web Application Security
Chris Hillman
 
Ad

Web spoofing (1)

  • 1. WEB SPOOFING By: Khushboo Taneja
  • 2. Web Spoofing : An internet security attack. Allows an attacker to create a “shadow copy” of the entire World Wide Web. Attacker creates misleading context in order to trick the victim. Online fraud.
  • 3. Spoofing: It means pretending to be something you are not. In internet terms, it means pretending to be a different IP address from the one you really have in order to gain something.
  • 4. Starting the Attack: The attacker must somehow lure the victim into the attacker’s false web, there are several ways to do this. An attacker can put a link to false Web onto popular Web page. If the victim is using Web-enabled email, the attacker could email the victim a pointer to false Web. Finally, the attacker could trick a web search engine into indexing part of a false Web.
  • 5. Have you ever received an e-mail that looked like this? From: Bank of America To: John Doe Subject: Your Online Banking Account is Inactive Your Online Banking Account is Innactive We closed your online access for security reasons. Click here to access your account We must verify your account information. Bank of America, N.A. Member FDIC. Equal Housing Lender © 2004 Bank of America Corporation. All rights reserved.
  • 6. Spoofing attacks in the physical world as well as the electronic world In the physical world, for example, there have been several incidents in which criminal copy the victim’s card and use the duplicate. In these attack people were befooled for the context what they saw, the location of the machine and the appearance of their electronic displays. People using computer system often makes security relevant decisions based on contextual clues they see. For example you might decide to type in you account number because you believe you are visiting your bank’s web page. This belief might arise because the page has a familiar look.
  • 7. Context A browser presents many types of context that users might rely on to make decisions. Appearance – the appearance of an object might convey a certain impression. Name of Objects – people often deduce what is in a file by its name. Timing of Events – if 2 things happen at the same time, the user might think they are related. Is MICR0SOFT.COM or MICROSOFT.COM the correct address for Microsoft?
  • 8. Consequences: Surveillance – the attacker can passively watch the traffic, recording which pages the victim visits and the contacts of those pages. ( This allows the attacker to observe any account numbers or passwords the victim enters .) Tampering – the attacker can modify any of the data traveling in either direction between the victim and the Web. ( The attacker would change the product number, quantity or ship to address .)
  • 9. How the Attack Works: URL Rewriting Forms “ Secure” Connections
  • 10. URL Rewriting: The attacker’s first trick is to rewrite all of the URLs on some web page so that they point to the attacker’s server rather than the real server. Assuming the attacker’s server is on the machine www.attacker.org , the attacker rewrites a URL by adding http://www.attacker.org to the front of the URL. For example, http://home.netscape.com becomes http://www.attacker.org/http://home.netscape.com . Once the attacker’s server has fetched the real document needed to satisfy the request, the attacker rewrites all of the URLs. in the document into the same special form. Then the attacker’s server provides the rewritten page to the victim’s browser. If the victim follows a link on the new page, the victim remains trapped in the attacker’s false web.
  • 11. Forms: When the victim submits a form, the submitted data goes to the attacker’s server. The attacker’s server can observe and even modify the submitted data, doing whatever malicious editing desired, before passing it on to the real server.
  • 12. “ Secure” Connections: Web spoofing works on both of the major browsers: Internet Explorer and Net Scape Navigator and is not prevented by “Secure” connections.The victim’s browser think everything is fine: it was told to access a URL at www.attacker.org . the secure connection indicator only gives the victim a false sense of security.The victim sees no indication that anything is wrong.
  • 13. Competing the illusion The attack as described thus far is fairly effective, but not perfect. There is still some remaining context that can give the victim clues that the attack is going on. Such evidence is not too hard to eliminate because browsers are very customizable. The ability of a web page to control browser behavior is often desirable, but when the page is hostile it can be dangerous.
  • 14. Remedies Follow a three part strategy: Disable JavaScript in your browser so the attacker will be unable to hide the evidence of the attack; Make sure your browser’s location line is always visible; Pay attention to the URLs displayed on your browser’s location line, making sure they always point to the server you think you are connected to.
  • 15. Protecting yourself against e-mail or online fraud Don’t take anything for granted. Do not click on links you receive in an e-mail message asking for sensitive personal, financial or account information. Call the company directly to confirm requests for updating or verifying personal or account information. Do not share your ID’s or pass codes with anyone. Look for secure connections on Web sites. Always sign off Web sites or secure areas of Web Sites. When your computer is not in use, shut it down or disconnect it from the Internet.
  • 16. Conclusion Current browsers don’t prevent web spoofing and there can be no secure electronic commerce on the web until web spoofing vulnerability has been addressed.

Editor's Notes

  • #8: The text and pictures on a Web page might give some impression about where the page came from – corporate logo implies it came from a certain corporation.