Threats: Overview
"In my testimony to Congress in 2004, I warned that, as more people become aware of current
'Phishing' scams, the cyber criminals often get even more clever, and create new, more sophisticated techniques"
Howard Schmidt, Former White House cybersecurity advisor
Former Chief Security Officer of eBay and Microsoft
Since 2004, online fraud and identity theft have evolved from simple
Phishing to
Pharming to
Man in the Middle (MITM) attacks. Simple Phishing could be mitigated with basic fraud detection techniques (IP Geo, Device Fingerprinting), weak second factors such as cookies, and user education programs to prevent users from logging into the bank using links in email. In 2005,
Pharming redirected users automatically without the end user clicking on a link. In late 2005 and 2006,
Man in the Middle attacks defeated one time passwords (OTPs) (
Tokens and Scratch Cards) and other forms of shared secrets at large U.S. and European banks. The next step in the evolution of online fraud will likely be
Man in the Browser attacks that can defeat even Smart Cards and PKI by modifying the transaction in the browser after the user authentication has taken place.
Phishing
In 2004, the first wave of “
Phishing 1.0” attacks tricked unsuspecting users into clicking on links to fake websites and giving up their usernames, passwords, and other personal information leading to financial fraud and identity theft. The
TriCipher Armored Credential System (
TACS) prevents Phishers from being able to log into users account to commit fraud or online identity theft by requiring additional authentication factors beyond simple user names and passwords.
Keystroke Logging
Keystroke logging is an attack where malicious code on a user’s PC intercepts the user’s keystrokes in order to steal the user’s password. Virtual Keyboards that require users to click on a graphical keyboard with the mouse can prevent basic keystroke loggers. However, more advance keystroke loggers can determine the location of the virtual keyboard on the screen and track the user’s mouse clicks to steal the password. In addition,
Phishing sites can put a fake virtual keyboard on the fraudulent
Phishing site to capture the user’s password. The
TriCipher Armored Credential System (
TACS) prevents fraudsters using keystroke loggers from being able to log into users account to commit fraud or online identity theft by requiring additional authentication factors that can’t be captured with a keystroke logger.
Pharming
Unlike
Phishing,
Pharming attacks compromise Domain Name Services (DNS) to automatically redirect users to a fraudulent site when attempt to login to a legitimate website. For example, when a user types in a URL to navigate to their online bank, they would automatically be redirected to a fraudulent version of the banks website. The
TriCipher Armored Credential System (
TACS) prevents
Pharming from being able to log into users account to commit fraud or online identity theft by requiring additional authentication factors beyond simple user names and passwords.
Man in the Middle
A
Man in the Middle Phishing attack tricks the user into clicking on a link to login to their bank through a
Man in the Middle Phishing proxy site. Unlike traditional Phishing, the user is actually passed through to the real website, making it virtually impossible for even savvy users to tell that they are being scammed. Man in the Middle Phishing sites are actually easier for Phishers to setup than traditional Phishing because they don’t even have to maintain a fake website. Man in the Middle Phishing defeats weak authentication methods including Passwords, IP Geolocation, Device Fingerprinting, Cookies+Personal Security Images, Virtual Keyboard, Grid Cards and Tokens. The
TriCipher Armored Credential System (TACS) prevents Man-in-the-Middle Phishers from being able to log into a users account to commit fraud or online identity theft by using strong mutual authentication.
Learn More about Man in the Middle Phishing
Man in the Browser Attacks
Man in the Browser (
MITB) is a variation on a Man in the Middle attack where malware in the web browser interjects itself between the user and the browser to modify transaction data. MITB attacks defeat even the strongest user authentication (including PKI and smart cards) because it modifies data for individual transactions after the user has logged in. The TriCipher Armored Credential System (TACS) prevents
Man in the Browser attacks from modifying transactions to commit fraud by authenticating high-risk transactions through a secure authentication channel that is out-of-band from the web browser.
Learn More about Man in the Browser Attacks
