Wyniki wyszukiwania - BazTech

1

Cyberzagrożenia w internecie – analiza przypadków

Połowin Anita

Cybersecurity and Law

|

2024

|

Vol. 12 (2)

117--130

PL

W artykule opisano zagadnienia dotyczące ataków ransomware i specyficznych ataków phishingowych, które mają za zadanie doprowadzić do ataków ransomware. Analiza przy¬padku skupia się na opisie ataku ransomware oraz jego skutkach, przedstawia sposób postępowania cyberprzestępcy w celu nakłonienia użytkownika internetu do podjęcia takich działań, w których efekcie stanie się on ofiarą ataku ransomware. Celem opracowania jest zasugerowanie możliwych rozwiązań wyjścia z sytuacji, gdy użytkownik już stał się ofiarą ataku jednocześnie bez poddawania się szantażowi atakującego. Ponadto przedstawione przykłady ataków mają za zadanie nauczyć rozróżniać wiadomości phishingowe od autentycznych. W artykule wykorzystano autentyczne przykłady ataków, których omówienie pomoże zwiększyć czujność użytkowników internetu i zminimalizować skutki ewentualnego ataku cyberprzestępcy, a być może także ograniczyć liczbę ofiar ataków ransomware.

EN

The article describes issues regarding ransomware attacks and specific phishing attacks that are intended to lead to ransomware attacks. The aim of the study is to suggest possible solutions to overcome the situation when the user has already become a victim of an attack without succumbing to the attacker’s blackmail. Moreover, the examples of attacks presented are intended to teach how to distinguish phishing messages from authentic ones. The article uses real examples of attacks, the discussion of which will help increase the vigilance of Internet users and minimize the effects of a possible cybercriminal attack, and perhaps also reduce the number of victims of ransomware attacks.

2

Email Phishing Detection with BLSTM and Word Embeddings

Wolert Rafał, Rawski Mariusz

International Journal of Electronics and Telecommunications

|

2023

|

Vol. 69, No. 3

485--491

EN

Phishing has been one of the most successful attacks in recent years. Criminals are motivated by increasing financial gain and constantly improving their email phishing methods. A key goal, therefore, is to develop effective detection methods to cope with huge volumes of email data. In this paper, a solution using BLSTM neural network and FastText word embeddings has been proposed. The solution uses preprocessing techniques like stop-word removal, tokenization, and padding. Two datasets were used in three experiments: balanced and imbalanced, whereas in the imbalanced dataset, the effect of maximum token size was investigated. Evaluation of the model indicated the best metrics: 99.12% accuracy, 98.43% precision, 99.49% recall, and 98.96% f1-score on the imbalanced dataset. It was compared to an existing solution that uses the DL model and word embeddings. Finally, the model and solution architecture were implemented as a browser plug-in.

3

The analysis of social engineering methods in attacks on authentication systems

Borowiec Łukasz, Demidowski Krzysztof, Pecka Milena, Jonarska Amelia

Advances in Web Development Journal

|

2023

|

Vol. 1

83--106

EN

This comprehensive exploration of social engineering attacks provides insights into various methods, including phishing, vishing, baiting, tailgating, and ransomware. The "elder scam" and its variations, as well as phishing examples, illustrate the evolving tactics used by attackers. Prevention strategies encompass education, training, and technological tools, emphasizing the need for a balanced approach. The conclusion underscores that public awareness, continuous training, and specialized detection tools are vital in mitigating the risks associated with social engineering attacks on authentication systems.

4

Online identity theft detection and prevention methods

Szmyd Przemysław, Matejkowski Dominik

Advances in Web Development Journal

|

2023

|

Vol. 1

1--12

EN

Today, a significant amount of work is performed on computers. Because of the prevalence of technology, a lot of data can be obtained by gaining unauthorized access to important network machines, such as servers. Cyberciminals may also target individual Internet users, trying to acquire their personal information by the use of various methods. The gathered information can be used for identity theft, causing direct harm to the victim or an organization, with which they are associated. In this article we explain the nature of identity theft, examine different approaches used by cybercriminals and review a range of strategies for detecting and preventing this phenomenon. Additionally, we provide examples of two attacks: a phishing attack and an intrusion targeting an unsecured server within an organization's network. We conclude that the risk of data theft is often downplayed. An effective way of mitigating this threat is increasing the employees' knowledge about cyber security and using appropriate software and hardware measures.

5

Phishing wall - jak zbudować ludzką zaporę przeciwko cyberatakom?

Masztalerz Łukasz

Nowa Energia

|

2021

|

nr 5/6

70--71

PL

O cyberzagrożeniach łatwo mówić, gdy doszło już do incydentu bezpieczeństwa. Wówczas dowiadujemy się, że firma musiała zapłacić okup za uzyskanie klucza do zaszyfrowanych przez złośliwe oprogramowanie danych. Biznes na chwilę obniża poziom ciśnienia krwi, a cyberprzestępca liczy wpływy. Jak wynika z rynku zachodniego i badań zajmującej się cyberbezbieczeństwem firmy Infrascale: już 78% małych i średnich przedsiębiorców działających w modelu B2B zapłaciło pierwsze okupy w wyniku cyber ataku1.

6

The impact of the COVID-19 pandemic on cybercrime

Gryszczyńska Agnieszka

Bulletin of the Polish Academy of Sciences. Technical Sciences

|

2021

|

Vol. 69, nr 4

art. no. e137933

EN

The COVID-19 pandemic is accompanied by a cyber pandemic, involving changes in the modi operandi of perpetrators of various crimes, and an infodemic, associated with the spread of disinformation. The article analyses the impact of the COVID-19 pandemic on cybercrime and presents the latest research on the number of cybercrime cases in Poland and their growth dynamics. It determines the factors that contribute to the commission of a crime and prevent easy identification of criminals. It also suggests the legal and organisational changes that could reduce the number and effects of the most frequently recorded cyberattacks at a time of COVID-19. Particular attention is paid to legal problems of the growing phenomenon of identity theft, and the need to ensure better protection of users from phishing, including through education and proactive security measures consisting in blocking Internet domains used for fraudulent attempts to obtain data and financial resources.

7

Analiza podatności użytkowników systemów informatycznych na atak phishingowy

Grzebielec Szymon

Journal of Computer Sciences Institute

|

2020

|

Vol. 15

164--167

EN

This article presents an analysis of users' vulnerability to phishing attacks. The study was carried out using a self-prepared attack. A phishing attack was carried out on a group of 100 people. The subjects were divided into two groups of 50 people. The first group was attacked from a private, trusted account. The second group was attacked from a foreign email address. The attacked people were asked to complete the survey, its results and conclusions are presented in this article.

PL

W niniejszym artykule przedstawiono analizę podatności użytkowników na atak phishingowy. Badania dokonano za pomocą samodzielnie przygotowanego ataku. Atak phishingowy przeprowadzono na grupie 100 osób. Badanych podzielono na dwie grupy po 50 osób. Pierwszą grupę zaatakowano z prywatnego, zaufanego konta. Drugą grupę natomiast zaatakowano z obcego adresu e-mail. Zaatakowane osoby poproszono o wypełnienie ankiety, jej wyniki oraz wnioski przedstawiono w niniejszym artykule.

8

Data Mining-Based Phishing Detection

Bohacik Jan, Skula Ivan, Zabovsky Michal

Annals of Computer Science and Information Systems

|

2020

|

Vol. 21

27--30

EN

Webpages can be faked easily nowadays and as there are many internet users, it is not hard to find some becoming victims of them. Simultaneously, it is not uncommon these days that more and more activities such as banking and shopping are being moved to the internet, which may lead to huge financial losses. In this paper, a developed Chrome plugin for data mining-based detection of phishing webpages is described. The plugin is written in JavaScript and it uses a C4.5 decision tree model created on the basis of collected data with eight describing attributes. The usability of the model is validated with 10-fold cross-validation and the computation of sensitivity, specificity and overall accuracy. The achieved results of experiments are promising.

9

Safety management in the age of internet threats

Štrbová Monika, Kuzior Paulina

Management Systems in Production Engineering

|

2019

|

nr 2 (27)

88--92

EN

Contemporary world brings people more and more dangers. Creation of the Internet made it even easier to harm other users without consequences. However we still can do something about it. We can learn how to protect ourselves in the network. That is why it is so important to disseminate the main goals of safety management while using Internet. The paper presents main dangers awaiting for network users – both the youngest and the older ones, such as cyberbullying or phishing. The authors also point to the more frequent Internet addiction. The main goal of this paper is to indicate on how the on-line safety management should look like and how people can protect themselves from the dangers, of which they are sometimes even not aware. Children and adults shall be educated about the dangers in the Internet, and how to avoid them. Only then will they know, how to properly manage their on-line safety.

10

Analiza bezpieczeństwa elektronicznych transakcji finansowych

Grodzki G.

Informatyka Teoretyczna i Stosowana

|

2008

|

R. 8, nr 14

95-104

PL

VV pracy przedstawiono typowe metody wykorzystywane przez cyberprzestępców do atakowania banków. Wyjaśniono, w jaki sposób twórcy szkodliwych programów atakujących instytucje finansowe maskują działanie swoich "programów" przed systemami antywirusowymi. Opisano popularne techniki stosowane przez przestępców: phishing, ,,muły pieniężne", a także mechanizmy techniczne wykorzystywane podczas przeprowadzania samego ataku, przekierowanie ruchu, ataki typu "Man-in-the-Middle" oraz "Man-in-the-Endpoint".

EN

In this paper the typical methods used by cybercriminals to attack banking systems are presented. It has been described,how the authors of malware programs hide operation of their "applications" from anti-malware software. The popular techniques like: phishing and "money box" used by criminals are described, as well as the techniques used during the attack phase itself like "Man-in-the-Middle" and" Man-in-the-Endpoint".