Presented By:

Utkarsh Jaiswal Abhishek Kumar Aakriti Dhawan Ankita Rastogi Akash Tomar

 Threats that uses the World Wide Web to facilitate cybercrime. Web threats use multiple types of malware and fraud, all of which

utilize HTTP or HTTPS protocols, but may also employ other protocols and components, such as links in email or IM, or malware attachments or on servers that access the Web.
They benefit cybercriminals by stealing information for subsequent

sale and help absorb infected PCs into botnets.

Web threats pose a broad range of risks, such as identity theft, loss

of confidential information/data, theft of network resources, damaged brand/personal reputation, and erosion of consumer confidence in e-commerce and online banking.

 Web threats can be divided into two primary categories, based on delivery method
Push based threats Pull Attacks

Push-based threats are the fraudulent means that lure a user to

a malicious website which then collects information and/or

injects malware.
Push attacks use phishing, DNS poisoning (or pharming), and

other means to appear to originate from a trusted source.

Examples of push based threats are Spamming Phishing DNS Poisoning( Pharming)

Pull-based web threats are often referred to as drive-by

threats by since they can affect any website visitor.

Cybercriminals infect legitimate websites, which unknowingly transmit malware to visitors or alter search results to take users to malicious websites.

Upon loading the page, the users browser passively runs a

malware downloader in a hidden HTML frame (IFRAME)

without any user interaction.

 Malware

Viruses
Trojans Spyware Adware Phishing DNS Poisoning (Pharming)

 A computer user can be tricked or forced into downloading

software onto a computer that is of malicious intent. Such programs are known as malware and come in many forms, such as Viruses, Trojan horses, spyware, and worms. Malicious software is sometimes used to form botnets.
Malware can be installed without the user ever knowing. Just

by visiting a compromised website, opening an email or installing a program, it is possible for the Malware author to exploit vulnerabilities in your PC's operating system to enable remote access or software installation.

 Viruses are programs that can replicate their structures or effects

by infecting other files or structures on a computer.

The common use of a virus is to take over a computer to steal

data.
A virus is designed to spread from your computer to other

computers
One way a virus can spread is by accessing your emails and

sending a copy of itself to your contacts so it spreads, this is

called a (worm)
Worms are programs that can replicate themselves throughout a

computer network, performing malicious tasks throughout.

 A program that appears legitimate, but performs some

illicit activity when it is run. It may be used to locate password information or make the system more vulnerable to future entry or simply destroy programs or data on the hard disk.

 Spyware is a type of malware (malicious software)

installed on computers that collects information about users without their knowledge. The presence of spyware is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users.

 Adware is free software that is supported by

advertisements. Common adware programs are toolbars that sit on your desktop or work in conjunction with your Web browser. They include features like advanced searching of the Web or your hard drive and better organization of your bookmarks and shortcuts.

Phishing
Phishing is an attempt to steal your personal

information. They send out e-mails that appear to come from legitimate websites such as eBay, PayPal, or other banking institutions. The e-mails state that your information needs to be updated or validated and ask that you enter your username and password

 Pharming is yet another way hackers attempt to

manipulate users on the Internet. While phishing attempts to capture personal information by getting users to visit a fake website, pharming redirects users to false websites without them even knowing it.

 Legislation can refer or laws or the process by which

they are enacted in certain countries. Many countries have some form of legislation, which is a body dedicated primarily to passing and amending laws

 In the computer security context, a hacker is someone

who seeks and exploits weaknesses in a computer system or computer network. Hackers may be motivated by a multitude of reasons, such as profit, protest, or challenge. The term hacker is reclaimed by computer programers who argue that someone breaking into computers is better called a cracker, not making a difference between computer criminals (black hats) and computer security experts (white hats ). According to (Clifford R.D. 2006) a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system. These subgroups may also be defined by the legal status of their activities.

White hat A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. Black hat A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" (Moore, 2005). Black hat hackers form the stereotypical, illegal hacking groups often portrayed in popular culture, and are "the epitome of all that the public fears in a computer criminal". Black hat hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network.

Grey hat A grey hat hacker is a combination of a black hat and a white hat hacker. A grey hat hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect, for example. Then they may offer to correct the defect for a fee.

Script kiddie A script kiddie (also known as a skid or skiddie) is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concepthence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, childan individual lacking knowledge and experience, immature).[

 IDENTITY THEFT that

was coined in 1964 is a form of stealing someone's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name. Identity theft occurs when someone uses another's personally identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. Identity Theft sub-divide identity theft into five categories: Criminal identity theft (posing as another person when apprehended for a crime) Financial identity theft (using another's identity to obtain credit, goods and services) Identity cloning (using another's information to assume his or her identity in daily life) Medical identity theft (using another's identity to obtain medical care or drugs)

A BOTNET is a collection of Internet-connected programs communicating with other similar programs in order to perform tasks. This can be as mundane as keeping control of an Internet Relay Chat (IRC) channel, or it could be used to send spam email or participate in distributed denial-of-service attack attacks. LEGAL BOTNETS The term botnet is widely used when several IRC bots have been linked and may possibly set channel modes on other bots and users while keeping IRC channels free from unwanted users. ILLEGAL BOTNETS Botnets sometimes compromise computers whose security defenses have been breached and control conceded to a third party. Each such compromised device, known as a "bot", is created when a computer is penetrated by software from a malware (malicious software) distribution. The controller of a botnet is able to direct the activities of these compromised computers through communication channels formed by standards-based network protocols such as IRC and Hypertext Transfer Protocol (HTTP).

SPYBOT SEARCH & DESTROY is a spyware and adware removal computer program compatible with Microsoft Windows 95 and later. It scans the computer hard disk and/or RAM for malicious software.

SPYBOT FEATURES In addition to spyware and adware detection and disinfection, Spybot-S&D can repair the registry, winsock LSPs, ActiveX objects, browser hijackers and BHOs, PUPS, computer cookies, trackerware, heavy duty, homepage hijackers, keyloggers, LSP, tracks, trojans, spybots, revision, and other kinds of malware. It can also delete tracking cookies. Some programs are supplied with attached spyware or adware and refuse to run when they are not present; newer versions of Spybot replace the spyware binaries with inert dummies (designed to fool programs which simply check for the presence of the spyware's file).