News Archives

[Colloquium] Gathering Evidence of Large-Scale Internet Frauds

January 27, 2011

Watch Colloquium: 

M4V file (965 MB)

  • Date: Thursday, January 27, 2011 
  • Time: 11:00 am — 11:50 am 
  • Place: Mechanical Engineering 218

Tyler Moore
Harvard University Center for Research on Computation and Society

During the past several years online crime has organized and industrialized substantially. Profit-motivated criminals have identified many new ways to leverage the Internet’s openness and scale to perpetrate high-volume, globally distributed frauds that have proven difficult to eradicate. In this talk I discuss three instances of such fraud that I have studied closely: phishing attacks impersonating banks, online-advertising fraud carried out by typosquatting, and fake-online pharmacies promoted by search-engine manipulation. While these activities may appear rather different on the surface, in fact all share many similarities upon closer inspection. Each fraud exploits a lack of coordination between the Internet’s defenders, compensates for low individual profits through automation, and avoids detection by spreading the harm across many victims. Furthermore, in all three cases, I present evidence that the vast bulk of the harm is carried out by a few fraudsters. Along the way, I will demonstrate several general techniques for gathering evidence of Internet frauds and analyzing their dynamics.

Bio: Tyler Moore is a postdoctoral fellow at Harvard University’s Center for Research on Computation and Society. His research interests include the economics of information security, the study of electronic crime, and the development of policy for strengthening security. Moore completed his PhD in Computer Science at the University of Cambridge, supervised by Professor Ross Anderson. His PhD thesis investigated cooperative attack and defense in the design of decentralized wireless networks and through empirical analysis of phishing attacks on the Internet. Moore has also written reports for the European Union and US National Academy of Sciences detailing policy recommendations for improving cyber security. As an undergraduate, he studied at the University of Tulsa, identifying several vulnerabilities in the public telephone network’s underlying signaling protocols. He is a 2004 Marshall Scholar.