A talk given at Google by Professor Ross Anderson entitled Searching for Evil on August 23, 2007.
Topics of interest include:
- Traffic analysis and relevance to online services
- Analogies from fraud to botnets and malware
- Security economics
- Targeting social networks
- Evolving attack strategy
- An overview of phishing
- Rock-phish use of nonstandard phishing with fast-flux dns
- Malicious site removal is slow when not infringing copyright
- A variety of scamming methods
- Irrevocable payments, western union, and e-gold
- Is advertising distorting the web?
Interesting conclusions:
- Vigilantes are the only people effectively targeting phishing mule recruitment
- Plagiarism detection useful to find scammers
