COIT20267: Computer Forensics - NAB Phishing Attack Analysis

Verified

Added on 2022/09/16

AI Summary

This presentation provides a comprehensive computer forensics analysis of a phishing attack on National Australia Bank (NAB) in 2018. It begins with an introduction to the case, outlining the attack's context and the individuals involved. The presentation then delves into the specifics of the phishing attack, including the type of attack (social engineering/phishing), the methods used to steal user data, and the evidence collected, such as employee information, bank accounts, and payroll data. The presentation also examines the forensic tools employed, specifically email analysis, and the impact of the attack on victims. Furthermore, it discusses the recommendations for the manager and staffs of banks of Australia, such as protecting passwords, avoiding suspicious links, and understanding phishing emails. The presentation concludes by emphasizing the importance of securing login credentials, managing data security, and promoting cybersecurity awareness within the bank. References from research papers are also provided to support the analysis.

Computer Forensics
PHISHING ATTACK ON NATIONAL AUSTRALIA BANK , 2018

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Introduction:
 In this presentation, a case of the cyber-attack on Australian banks is
portrayed. Specifically, the case of National Australia Bank is described here.
 Further, the individuals connected to this event is demonstrated along with the
reason behind this happening. Apart from this the type of evidence utilized for
the criminal investigation is assessed along with finding the kind of attack.
 Next, an evaluation is done on the forensic tool along with measures in which
the victims are affected.
 Further, the ultimate fate of the case is investigated. Moreover, the forensic
tool utilized is demonstrated. The ways they have been affecting the victims
and the results are analyzed. Then, the presentation discusses the aspects to
be considered in handling the case.

Background of the case:
 The National Australia Bank or NAB is a popular Australian public bank.
 Furthermore, they are involved in developing different activities at the
land.
 Again, phishing is rousingly famous among the cybercriminals. This has
been easier to track any person to click the links that are malicious. It is
within the legitimate phishing email apart from breaking the defenses
present in computers (San Zaw and Vasupongayya 2019).

 Banks of Australia has been found to coming up with the recent tertiary
institution to disclose the breach in data.
 It has involved sensitive information related to staffs in accessing them
for the side of the unknown type of attackers. The event took place in
2019, on March 22.
 In the happening different email accounts of the staffs and various
systems has been witnessed to be getting compromised (Peng et al.
2019).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

 Apart from this, the phishing email compromised of the links accessing
towards the page of fake login. This permitted the intruders to intercept
to intrude the employee’s credentials.
 With the logins, the intruders have been able to gain different access
information for the staffs (Ding et al. 2019).
 Nonetheless, specifically the total number of staffs facing the
challenges because of the mishap is still not been reported.
 Further, banks of Australia has been contacting each related to the
breach.

Aspects of the crime:
 The Australian intelligence community is found to be considering China
to be the main suspect.
 The attack is sophisticated in nature.

Causes behind the mishap:
 The motive is to gain the credentials of the employee login.
 They also intended to have access to the calendars of the bank
accounts and emails of the employees.

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Kind of evidence used:
There were already significant numbers extending back to about nineteen
years before for the following:
 Manager
 Personal employees
 Visitor information

According to the data provided to banks of Australia, it has included the following:
 Names
 Phone numbers
 Addresses
 Personal email
 Emergency contact numbers
 Bank accounts
 Date of Birth
 Passport Details
 Bank accounts
 Payroll data

 As per the report from ACCC, the data is copied and is not changed.
 ACCC has further reported that banks of Australia has revealed that
none of them was involved and no research information is being
considered from their end (Musuva, Getao and Chepken 2019).

Paraphrase This Document

Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser

Kind of attack:
 In this place, social engineering attack happened.
 Particularly, this is the phishing utilized to steal the user’s data.
 It included the credentials of login and various numbers of credit cards
(Yaokai 2019).

 It has been besides declining the trust of consumers, market share and
reputation.
 According to the scope, the phishing attempt is escalated to security
incident from the business to consider complex in recovering (van
Rensburg and Kennedy 2018).