X

Thank you for sharing!

Your article was successfully shared with the contacts you provided.

Two of the biggest threats to individual Internet users are phishing and botnets. While many users understand the threat presented by phishing, few understand the economy behind it and the fact that phishing activity links to the less well understood botnet threat. During the 2008 Black Hat events in Las Vegas earlier this year, the elite of the computer security community focused their efforts on a better understanding of the economics and the technology behind these threats. One of the joys of making the annual pilgrimage to the Black Hat conference is to attend sessions that present something completely new in security. That was definitely the case with “Bad Sushi: Beating Phishers at Their Own Game” by Nitesh Dhanjani, senior manager and leader of application security services, Ernst & Young LLP and Billy Rios, security engineer, Microsoft Corporation. For those of you not completely up on your computer security jargon, phishing is the process by which a hacker tries to get unsuspecting Internet users to divulge their personally indentifying information such as Social Security numbers, user names and passwords, or credit card information. Phishing is further broken down into several types: • phishing: sending generic e-mails with malicious attachments or links to millions of Internet users to try and steal their PII; • spear phishing: sending specifically crafted e-mails with malicious attachments or links to a targeted group of Internet users to try and steal their PII; and • whaling: sending specifically crafted e-mails with malicious attachments or links to a targeted group of corporate or government executives to try and steal their PII. Unlike most computer security discussions that focus on how bad the economic loss is to phishing victims (Gartner put the cost at $3.2 billion in 2007[FOOTNOTE 1]) or its pervasiveness (81,215 unique phishing Web sites in Q1 2008[FOOTNOTE 2]), Dhanjani and Rios discussed the business and economy behind phishing. They started their exploration by trying to figure out what it would take for someone to get involved in phishing as a money-making business. In effect, the market entrance.

This content has been archived. It is available exclusively through our partner LexisNexis®.

To view this content, please continue to Lexis Advance®.

Not a Lexis Advance® Subscriber? Subscribe Now

Why am I seeing this?

LexisNexis® is now the exclusive third party online distributor of the broad collection of current and archived versions of ALM's legal news publications. LexisNexis® customers will be able to access and use ALM's content by subscribing to the LexisNexis® services via Lexis Advance®. This includes content from the National Law Journal®, The American Lawyer®, Law Technology News®, The New York Law Journal® and Corporate Counsel®, as well as ALM's other newspapers, directories, legal treatises, published and unpublished court opinions, and other sources of legal information.

ALM's content plays a significant role in your work and research, and now through this alliance LexisNexis® will bring you access to an even more comprehensive collection of legal content.

For questions call 1-877-256-2472 or contact us at customercare@alm.com

 
 

ALM Legal Publication Newsletters

Sign Up Today and Never Miss Another Story.

As part of your digital membership, you can sign up for an unlimited number of a wide range of complimentary newsletters. Visit your My Account page to make your selections. Get the timely legal news and critical analysis you cannot afford to miss. Tailored just for you. In your inbox. Every day.

Copyright © 2020 ALM Media Properties, LLC. All Rights Reserved.