Wyniki wyszukiwania - BazTech

1

The analysis of social engineering methods in attacks on authentication systems

Borowiec Łukasz, Demidowski Krzysztof, Pecka Milena, Jonarska Amelia

Advances in Web Development Journal

|

2023

|

Vol. 1

83--106

EN

This comprehensive exploration of social engineering attacks provides insights into various methods, including phishing, vishing, baiting, tailgating, and ransomware. The "elder scam" and its variations, as well as phishing examples, illustrate the evolving tactics used by attackers. Prevention strategies encompass education, training, and technological tools, emphasizing the need for a balanced approach. The conclusion underscores that public awareness, continuous training, and specialized detection tools are vital in mitigating the risks associated with social engineering attacks on authentication systems.

2

Online identity theft detection and prevention methods

Szmyd Przemysław, Matejkowski Dominik

Advances in Web Development Journal

|

2023

|

Vol. 1

1--12

EN

Today, a significant amount of work is performed on computers. Because of the prevalence of technology, a lot of data can be obtained by gaining unauthorized access to important network machines, such as servers. Cyberciminals may also target individual Internet users, trying to acquire their personal information by the use of various methods. The gathered information can be used for identity theft, causing direct harm to the victim or an organization, with which they are associated. In this article we explain the nature of identity theft, examine different approaches used by cybercriminals and review a range of strategies for detecting and preventing this phenomenon. Additionally, we provide examples of two attacks: a phishing attack and an intrusion targeting an unsecured server within an organization's network. We conclude that the risk of data theft is often downplayed. An effective way of mitigating this threat is increasing the employees' knowledge about cyber security and using appropriate software and hardware measures.

3

The impact of the COVID-19 pandemic on cybercrime

Gryszczyńska Agnieszka

Bulletin of the Polish Academy of Sciences. Technical Sciences

|

2021

|

Vol. 69, nr 4

art. no. e137933

EN

The COVID-19 pandemic is accompanied by a cyber pandemic, involving changes in the modi operandi of perpetrators of various crimes, and an infodemic, associated with the spread of disinformation. The article analyses the impact of the COVID-19 pandemic on cybercrime and presents the latest research on the number of cybercrime cases in Poland and their growth dynamics. It determines the factors that contribute to the commission of a crime and prevent easy identification of criminals. It also suggests the legal and organisational changes that could reduce the number and effects of the most frequently recorded cyberattacks at a time of COVID-19. Particular attention is paid to legal problems of the growing phenomenon of identity theft, and the need to ensure better protection of users from phishing, including through education and proactive security measures consisting in blocking Internet domains used for fraudulent attempts to obtain data and financial resources.

4

Data Mining-Based Phishing Detection

Bohacik Jan, Skula Ivan, Zabovsky Michal

Annals of Computer Science and Information Systems

|

2020

|

Vol. 21

27--30

EN

Webpages can be faked easily nowadays and as there are many internet users, it is not hard to find some becoming victims of them. Simultaneously, it is not uncommon these days that more and more activities such as banking and shopping are being moved to the internet, which may lead to huge financial losses. In this paper, a developed Chrome plugin for data mining-based detection of phishing webpages is described. The plugin is written in JavaScript and it uses a C4.5 decision tree model created on the basis of collected data with eight describing attributes. The usability of the model is validated with 10-fold cross-validation and the computation of sensitivity, specificity and overall accuracy. The achieved results of experiments are promising.

5

Organizacyjne aspekty zarządzania bezpieczeństwem danych z perspektywy zagrożeń phishingu

Król K.

Organizacja i Zarządzanie : kwartalnik naukowy

|

2015

|

nr 2

19--32

PL

Wraz z rozwojem i dostępnością Internetu obserwuje się wzrost aktywności przestępczej w sieci. Próby wyłudzenia informacji strategicznych oraz danych osobowych są coraz częstsze. Stanowi to wyzwanie nie tylko dla indywidualnych użytkowników, ale również dla kadry zarządzającej personelem przedsiębiorstw. Celem pracy jest przedstawienie mechanizmu oszustwa internetowego typu „spear phishing ”, polegającego na próbie wyłudzenia danych autoryzacji dostępu do internetowych kont prywatnych lub służbowych. W pracy przedstawiono założenia niskonakładowego, uniwersalnego audytu wewnętrznego, który w sposób kontrolowany pozwoliłby na sondaż stopnia wyszkolenia i podatności pracowników na próby wyłudzenia poufnych danych.

EN

Each month, more attacks are launched for the purpose of stealing account information, logon credentials, and identity information in general. This attack method known as phishing is most commonly initiated by sending out emails with links to spoofed websites that harvest information. This is a challenge not only for individual users but also for personnel management of enterprises. The aim of the study is to present the mechanism of spear phishing, which is one of the type of phishing attack. The paper presents the assumptions of universal audit of data security and information technology systems.