HOME       POLICIES       SUBMISSION        PEOPLE        ARCHIVES         CONFERENCES        CONTACT
ABSTRACT

Phishing Trojan horse programs are not traditional bots, but sophisticated and original pieces of malicious code. Since iDefense began tracking this technique in May 2006, attackers have quietly seeded dozens of variants into the wild to target at least 30 specific banking institutions. These attackers had intimate knowledge of each targeted bank’s Web infrastructure and built a sophisticated command-and-control system that completely automated the attacks. The authors believe that criminal organizations are using these phishing Trojans to compromise millions of bank accounts across the globe. These Phishing Trojan attacks can defeat sophisticated authentication schemes that security experts previously thought impenetrable. This document discusses mitigation techniques that work and fail in light of these new malicious code attacks. The audience will be given an overview on malicious code attacks against the financial infrastructure and an introduction to banking authentication schemes. This document also includes cyber fraud detection and mitigation strategies.


KEYWORDS

Authentication, Online Fraud, Information Security, Malicious Code, Phishing.

ARCHIVES
To return to the Volume/Number webpage, click here.
THE INTERNATIONAL JOURNAL OF FORENSIC COMPUTER SCIENCE - IJoFCS

Volume 3, Number 1, pp 9-24, DOI: 10.5769/J200801001 or http://dx.doi.org/10.5769/J200801001


Cyber Fraud Trends and Mitigation


By Richard Howard, Ralph Thomas, Jeff Burstein, and Roxanna Bradescu



To download this paper, click here