Phishing, short for password harvesting fishing, is the luring of sensitive information, such as passwords and other personal

Phishing Seminar

Date: 29^th November 2004

Time: 16:00

Venue: 1009 EB2

Abstracts

Phishing, short for password harvesting fishing, is the luring of sensitive information, such as passwords and other personal information. The recent Internet Frauds on HSBC and HangSeng ebanking are examples of phishing. In this seminar, the strategies and techniques of phishing are discussed with real case studies and live demonstration. Counter measures against Phishing at the end user level and enterprise network level are also covered.

Seminar outlines

1. Phishing Overview

1.1 What is Phishing

1.2 Profile and trend

2 Attack Strategies and Techniques

(with real case studies and live demonstration)

2.1 Social Engineering

2.2 URL Obfuscation

2.3 Page Redirect

2.4 Cross-site Scripting (XSS)

2.5 Visual spoofing

2.6 Man in the Middle

2.7 IE IFRAME Buffer Overflow

2.8 Trojan Horse Program

3 Defense

3.1 At end user level

3.2 At enterprise network level