The State Of Phishing Case Analysis

2262 Words 9 Pages
In “The state of phishing”, Aaron examines phishing attacks conducted by a group called Avalanche in 2009 (2010). He analyzes data from the Global Phishing Survey, published by the Anti-Phishing Working Group (APWG). His analysis of the data reveals that Avalanche attacks started in 2008 and spiked in the first half of 2009, diminishing in the second half of 2009 as Top Level Domain (TLD) registers took down Avalanche domains. He briefly covers how Avalanche combined a malware called Zeus with their phishing attack to steal victims, personal information, intercepting passwords and online transaction information. Aaron covers Automated Clearing House (ACH) systems, an electronic network used for financial transactions commonly used for debit, …show more content…
They argue that the data sold on this market is sold under the true value. They demonstrate through tables that everything from phishing, hacking, building malicious code, personal data, banking data, and credit card data was sold through the six forums. They broke down stolen credit card data sold on the forum into following categories, country of origin, Card Company (Visa or MasterCard), type of card i.e. platinum or gold, and credit line on the card account. Holt and Lampke concluded from their analysis that fraud victimization was significant and evolving, that and new improved stolen data market will emerge on the internet, and buyers on these markets need little technical knowledge to utilize the stolen data or services (2010). Though this article brings great insight into the stolen data marketplace it serves little use for a literature review effects of cyber hacking on us financial institutions and US banks on the US economy due to its lack of monetary loss information for bank and financial …show more content…
banking industry (2011). The article goes into how much money is lost to bank robberies and how much is spent on preventing them; then examines how much U.S. banks lose to cybercrimes and then how much is spent on preventing cybercrime. The article touches on why the security posture is the way it is, with specific examples like US bank’s responsibilities for fraudulent charges. The closing is about what should be done to change the current climate. This article is an excellent analysis into why the culture of cybersecurity is relaxed specifically the U.S. private sector and banks. Lesk makes an excellent observation that more money needs to be spent on cybersecurity (Lesk, 2012). This article would be of reasonable value for a literature review of the effects of cyber-hacking of US financial institutions/banks on the US economy. The article specifically references cyber-crime loss estimates for US banks and how much is spent on cyber-security, which clearly demonstrates monetary loss and security associated costs suffered by

Related Documents