Information Security Videos

Phishing Scams in Plain English

Excellent awareness video.

A short guide to recognizing and avoiding phishing scams.

The Emergence of Cyber Crime Toolkits

CBC News Today host Nancy Wilson speaks with Jesse Hirsh about the emergence of Cyber Crime Toolkits and the related genre of online crime and computer security.

It's getting easier for anyone to hack. Financial gains driving black market.

Cyber Crime Booming in Times of Slowdown

Good report illustrating cybercrime trends.

The recession is turning out to be a time of increasing cyber crime as people laid off and unemployed have nothing to do.

Learn How Cyber Criminals Steal Money

Learn how you can prevent today's most significant data security vulnerabilities—the kind that leave businesses open to fraud that ranges from capturing tens of millions of credit card numbers to stealing money from bank accounts to constructing next-generation botnets.

We'll review how cross-site request forgery, cross-site script inclusion and SQL injection attacks work and discuss their impact on Web 2.0, AJAX, mashup and social networking applications.

We'll present industry-wide statistics on security vulnerabilities, cover emerging security trends and discuss the current state of security education. Then we'll tell you how to defend against security attacks and how to modify your software development process to achieve security, and we'll recommend certification programs, books and organizations that can help you secure your applications.

Cyber Crime Growing Global Threat

Good case study into hacking via unprotected wireless home networks.

The Internet is often referred to as the Information Superhighway. But there are often shady characters loitering at every exit.

As technology grows at increasing speed, "cyber criminals" are keeping law enforcement agencies very busy, as VOA's Robert Raffaele explains.

Spam, Phishing, and Online Scams: A View from the Network-Level

The Internet is overrun with spam: Recent estimates suggest that spam constitutes about 95% of all email traffic. Beyond simply being a nuisance, spam exhausts network resources and can also serve as a vector for other types of attacks, including phishing attacks and online scams.

Conventional approaches to stopping these types of
attacks typically rely on a combination of the reputation of a
sender's IP address and the contents of the message.

Unfortunately, these features are brittle. Spammers can easily change the IP addresses from which they send spam and the content that they use as the "cover medium" for the email message itself.

In this talk, I will describe a new, complementary approach to stopping unwanted email traffic on the Internet: Rather than classifying spam based on either the content of the message or the identity of the sender, we classify email messages based on how the spam is being sent and the properties of the spamming infrastructure.

I will first summarize the highlights of a 13-month study of the network-level behavior of spammers using data from a large spam trap. I will then describe a new approach to spammer classification called "behavioral blacklisting" and present a
detailed study of network-level features that can be used to identify spammers. Often these features can classify a spammer on the first packet received from that sender, without even receiving the message.

I will conclude by describing our plans to incorporate these
algorithms into a next-generation sender reputation system, as well as our ongoing study of the online scam hosting infrastructure, whose properties may also ultimately prove useful for identifying unwanted traffic.