427 Botnet fm qxd

Harris was using his grandfather’s MSN account to run the operation.
Jayson was sentenced to 21 months and restitution of $57,000. 
Of course, the individual has no chance of being able to take independent
actions that would catch the phisherman. A number of consortiums, like the
CastleCops.com/PIRT team and the Anti-Phishing.org Web site, have sprung
up to provide a channel for individuals and corporations to have a chance of
contributing to the taking down and eventual capture of phishing site 
operators.
Even in the same country, the process of getting information from the
ISPs involves a significant bureaucracy. Both the law enforcement community
and the judicial community must be involved in the process of developing
and approving a subpoena, which most ISPs require to protect themselves
from lawsuits. Just a few years ago, the ISP operators would have given the
information voluntarily once they were convinced that “terms of service” had
been violated or a suspected crime had been committed. In today’s litigious
world, this rarely happens.
For the botherder, the final component of the phishing/pharming attacks
is the final site where the data is aggregated and exploited.This may be a site
owned and secured by the botherder, but it may also be a neutral site con-
trolled or specified by an individual or group known as 
cashers
.The main
technique for converting credentialed information into cash is to use the
information to create ATM cards (called 
tracking
) and then use the cards to
withdraw the individual’s maximum daily funds. Christopher Abad, in his
report “The Economy of Phishing” (www.firstmonday.org/issues/
issue10_9/abad/), notes that the reason tracking has become popular is
because of measures taken to make it more difficult to ship purchased goods
to countries where credit card fraud is a significant problem.
Studies of institutions targeted for phishing in Abad’s report show that
financial institutions that use weak measures to protect ATM mechanisms
from tracking are the most frequent target.The demand for Bank of America
credential information is almost nonexistent due to the fact that their ATM
card encoding algorithm is difficult to obtain or crack. According to Abad,
phishers interviewed believe it may be encrypted with Triple-DES. When his
report was written, in September 2005, Washington Mutual, Sun Trust Bank,
Citibank, and Citizens Bank were the top four targets of credential theft.

Download 6,98 Mb.

Do'stlaringiz bilan baham: