SlideShare una empresa de Scribd logo
1 de 10
Augustine Fou- 1 -
Dr. Augustine Fou
http://linkd.in/augustinefou
July 2013
Mobile Phishing
Augustine Fou- 2 -
Mobile Attacks Rise
As users shift massively to mobile devices, so do the attacks
Source: IBM’s X-Force Trend and Risk Report
Augustine Fou- 3 -
Mobile Phishing 3x Desktop
Mobile users’ habits and the novelty of the medium means it
is still far more vulnerable than the mature desktop platform
Source: Mashable June 2011
Augustine Fou- 4 -
Mobile Phishing
Top Targeted Websites, 2012
Source: Trend Micro, Feb 2013
Augustine Fou- 5 -
Example of Mobile Phishing
Fake Paypal Mobile screen versus real one
If users don’t know what
the real one should look
like, then they can be
easily fooled into logging
in with their real
credentials on a phishing
site like the one pictured.
Augustine Fou- 6 -
Example of Mobile Phishing
Fake Amazon login screen
Mobile apps sometimes
require user to click a link
and then login. Adware and
malware apps can intercept
the link and present a fake
login page which looks
exactly like the real one.
Users don’t have the typical
visual clues to easily tell if
it is the real one or not.
Augustine Fou- 7 -
List of Attacks / Success Rate
Leveraging common behaviors in mobile; attackers are successful
Source: Felt and Wagner, Berkeley Research Paper
Augustine Fou- 8 -
So What?
On mobile devices, users don’t have the same
visual cues they usually have in desktop
browsers. Also, the novelty of the medium means
users don’t yet have the awareness and vigilance
to detect and mitigate new forms of attacks.
Sometimes, even anti virus software is not
enough. Users need to develop new habits which
protect their information and identity.
Augustine Fou- 8 -
Augustine Fou- 9 -
Related Slideshares
Mobile Apps -- Scary Permissions and Consequences
By: Augustine Fou, May 2, 2013
Many Forms of Online Fraud
By: Augustine Fou, April 20, 2013
Fake LinkedIn Profiles
By: Augustine Fou, July 11, 2013
Facebook Advertising Benchmarks
By: Augustine Fou, May 29, 2009
Augustine Fou- 9 -
Augustine Fou- 10 -
Dr. Augustine Fou – Digital Consigliere
“As more and more users spend time
online and on their mobile devices, they
are vulnerable to new forms of attacks.
Specifically phishing and apps that
request „all access‟on their devices.”
FORMER CHIEF DIGITAL OFFICER, HCG (OMNICOM)
MCKINSEY CONSULTANT
CLIENT SIDE / AGENCY SIDE EXPERIENCE
PROFESSOR AND COLUMNIST
ENTREPRENEUR / SMALL BUSINESS OWNER
PHD MATERIALS SCIENCE (MIT '95) AT AGE 23
ClickZ Articles: http://bit.ly/augustine-fou-clickz
Slideshares: http://bit.ly/augustine-fou-slideshares
LinkedIn: http://linkd.in/augustinefou

Más contenido relacionado

Más de Dr. Augustine Fou - Independent Ad Fraud Researcher

Más de Dr. Augustine Fou - Independent Ad Fraud Researcher (20)

Forensic Auditing of Digital Media.pdf
Forensic Auditing of Digital Media.pdfForensic Auditing of Digital Media.pdf
Forensic Auditing of Digital Media.pdf
 
Q1 2022 Update on ad fraud for AMM
Q1 2022 Update on ad fraud for AMMQ1 2022 Update on ad fraud for AMM
Q1 2022 Update on ad fraud for AMM
 
Ad blocking benchmarks q4 2021
Ad blocking benchmarks q4 2021Ad blocking benchmarks q4 2021
Ad blocking benchmarks q4 2021
 
Digital ad dollars trickle down chart
Digital ad dollars trickle down chartDigital ad dollars trickle down chart
Digital ad dollars trickle down chart
 
Still nothing but ad fraud 2021 dr augustine fou
Still nothing but ad fraud 2021 dr augustine fouStill nothing but ad fraud 2021 dr augustine fou
Still nothing but ad fraud 2021 dr augustine fou
 
Bad guys optimize ad fraud efficiency
Bad guys optimize ad fraud efficiencyBad guys optimize ad fraud efficiency
Bad guys optimize ad fraud efficiency
 
Alternative to ANA's end to end supply chain transparency study v final
Alternative to ANA's end to end supply chain transparency study v finalAlternative to ANA's end to end supply chain transparency study v final
Alternative to ANA's end to end supply chain transparency study v final
 
Impact of Loss of 3P Cookies on Publishers' Ad Revenue
Impact of Loss of 3P Cookies on Publishers' Ad RevenueImpact of Loss of 3P Cookies on Publishers' Ad Revenue
Impact of Loss of 3P Cookies on Publishers' Ad Revenue
 
Entire ecosystem supporting ad fraud 2018
Entire ecosystem supporting ad fraud 2018Entire ecosystem supporting ad fraud 2018
Entire ecosystem supporting ad fraud 2018
 
Digital Media Trust Collaborative
Digital Media Trust CollaborativeDigital Media Trust Collaborative
Digital Media Trust Collaborative
 
Programmatic reach analysis 2021
Programmatic reach analysis 2021Programmatic reach analysis 2021
Programmatic reach analysis 2021
 
2021 update on ad fraud brand safety privacy
2021 update on ad fraud brand safety privacy2021 update on ad fraud brand safety privacy
2021 update on ad fraud brand safety privacy
 
Browser and OS Share Jan 2021
Browser and OS Share Jan 2021Browser and OS Share Jan 2021
Browser and OS Share Jan 2021
 
Checking abnormal referrer traffic in google analytics
Checking abnormal referrer traffic in google analyticsChecking abnormal referrer traffic in google analytics
Checking abnormal referrer traffic in google analytics
 
History and Impact of Digital Ad Fraud
History and Impact of Digital Ad FraudHistory and Impact of Digital Ad Fraud
History and Impact of Digital Ad Fraud
 
Digital Fraud Viewability Benchmarks Q4 2020
Digital Fraud Viewability Benchmarks Q4 2020Digital Fraud Viewability Benchmarks Q4 2020
Digital Fraud Viewability Benchmarks Q4 2020
 
What CFEs can do about digital ad fraud
What CFEs can do about digital ad fraudWhat CFEs can do about digital ad fraud
What CFEs can do about digital ad fraud
 
Four types of digital ad spend updated august 2020
Four types of digital ad spend updated august 2020Four types of digital ad spend updated august 2020
Four types of digital ad spend updated august 2020
 
How to Use FouAnalytics For Marketers
How to Use FouAnalytics   For MarketersHow to Use FouAnalytics   For Marketers
How to Use FouAnalytics For Marketers
 
FouAnalytics DIY site media analytics fraud detection baked in
FouAnalytics DIY site media analytics fraud detection baked inFouAnalytics DIY site media analytics fraud detection baked in
FouAnalytics DIY site media analytics fraud detection baked in
 

Último

Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPathCommunity
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Will Schroeder
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...DianaGray10
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfJamie (Taka) Wang
 

Último (20)

Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
UiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation DevelopersUiPath Community: AI for UiPath Automation Developers
UiPath Community: AI for UiPath Automation Developers
 
20230104 - machine vision
20230104 - machine vision20230104 - machine vision
20230104 - machine vision
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
Apres-Cyber - The Data Dilemma: Bridging Offensive Operations and Machine Lea...
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
Connector Corner: Extending LLM automation use cases with UiPath GenAI connec...
 
201610817 - edge part1
201610817 - edge part1201610817 - edge part1
201610817 - edge part1
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
activity_diagram_combine_v4_20190827.pdfactivity_diagram_combine_v4_20190827.pdf
 

Mobile Phishing Social Media Phishing and Other Attacks

  • 1. Augustine Fou- 1 - Dr. Augustine Fou http://linkd.in/augustinefou July 2013 Mobile Phishing
  • 2. Augustine Fou- 2 - Mobile Attacks Rise As users shift massively to mobile devices, so do the attacks Source: IBM’s X-Force Trend and Risk Report
  • 3. Augustine Fou- 3 - Mobile Phishing 3x Desktop Mobile users’ habits and the novelty of the medium means it is still far more vulnerable than the mature desktop platform Source: Mashable June 2011
  • 4. Augustine Fou- 4 - Mobile Phishing Top Targeted Websites, 2012 Source: Trend Micro, Feb 2013
  • 5. Augustine Fou- 5 - Example of Mobile Phishing Fake Paypal Mobile screen versus real one If users don’t know what the real one should look like, then they can be easily fooled into logging in with their real credentials on a phishing site like the one pictured.
  • 6. Augustine Fou- 6 - Example of Mobile Phishing Fake Amazon login screen Mobile apps sometimes require user to click a link and then login. Adware and malware apps can intercept the link and present a fake login page which looks exactly like the real one. Users don’t have the typical visual clues to easily tell if it is the real one or not.
  • 7. Augustine Fou- 7 - List of Attacks / Success Rate Leveraging common behaviors in mobile; attackers are successful Source: Felt and Wagner, Berkeley Research Paper
  • 8. Augustine Fou- 8 - So What? On mobile devices, users don’t have the same visual cues they usually have in desktop browsers. Also, the novelty of the medium means users don’t yet have the awareness and vigilance to detect and mitigate new forms of attacks. Sometimes, even anti virus software is not enough. Users need to develop new habits which protect their information and identity. Augustine Fou- 8 -
  • 9. Augustine Fou- 9 - Related Slideshares Mobile Apps -- Scary Permissions and Consequences By: Augustine Fou, May 2, 2013 Many Forms of Online Fraud By: Augustine Fou, April 20, 2013 Fake LinkedIn Profiles By: Augustine Fou, July 11, 2013 Facebook Advertising Benchmarks By: Augustine Fou, May 29, 2009 Augustine Fou- 9 -
  • 10. Augustine Fou- 10 - Dr. Augustine Fou – Digital Consigliere “As more and more users spend time online and on their mobile devices, they are vulnerable to new forms of attacks. Specifically phishing and apps that request „all access‟on their devices.” FORMER CHIEF DIGITAL OFFICER, HCG (OMNICOM) MCKINSEY CONSULTANT CLIENT SIDE / AGENCY SIDE EXPERIENCE PROFESSOR AND COLUMNIST ENTREPRENEUR / SMALL BUSINESS OWNER PHD MATERIALS SCIENCE (MIT '95) AT AGE 23 ClickZ Articles: http://bit.ly/augustine-fou-clickz Slideshares: http://bit.ly/augustine-fou-slideshares LinkedIn: http://linkd.in/augustinefou