HTTP://COEIA.EDU.

SA
1
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪2‬‬
‫‪3‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫ﺍﻻﺻﻄﻴﺎﺩ ﺍﻹﻟﻜﺘﺮﻭﱐ‬

‫ﺍﻷﺳﺎﻟﻴﺐ ﻭﺍﻹﺟﺮﺍﺀﺍﺕ ﺍﳌﻀﺎﺩﺓ‬

‫


‬
‫
‬ ‫د‪"#
$%
&'
K‬ن
א (‬
‫م‪"#
K‬ن
‪&01‬א‪
-.-/‬א‪

*+,‬‬

‫‪


2.&3‬‬
‫د‪
K‬ز‪.‬د
‪"1
$%‬ن
א‪

435‬‬
‫و 


א
د
ون
א
وא د‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪4‬‬

‫ﺣﻘﻮﻕ ﺍﻟﻄﺒﻊ ﻭﺍﻟﻨﺴﺦ ﳏﻔﻮﻇﺔ ‪1429‬ﻫـ ‪2008 -‬ﻡ‬ ‫ﺡ‬

‫ﻓﻬﺭﺴﺔ ﻤﻜﺘﺒﺔ ﺍﻝﻤﻠﻙ ﻓﻬﺩ ﺍﻝﻭﻁﻨﻴﺔ ﺃﺜﻨﺎﺀ ﺍﻝﻨﺸﺭ‬

‫א‪ 



،‬ن



‬
‫












א‪ "#$‬د
א)('و&‪
W%‬א ‪
0‬وא)
‪/‬א‪.‬א‪
-‬א‪ ,‬د‪

L+‬‬
‫













 ن
‪34‬א‪
2‬א
–
א‪ 6/‬ض‪


781429
،‬‬
‫
‪
000
2‬ص؛
‪

<24
C
17‬‬ ‫

‬
‫
=د
‪

978-603-00-1453-8
W‬‬ ‫

‬
‫
‪
?

J1‬א ‪
?

J2


-‬א@א‪

0‬‬ ‫


‬
‫



?‪ 

K‬ن
‪34‬א‪
B6B‬א‪

KH




EE= 
FF
C‬א‪I‬אن

‬ ‫




‬
‫


‬
‫
‪

1429L5884‬‬ ‫

‬ ‫
د‪



005,8
J6‬‬ ‫

‬

‫


‬ ‫

‬

‫













=‪
<L‬א)‪6‬אع
‪

1429L5884
W‬‬
‫
=د
‪

978-603-00-1453-8
W‬‬ ‫

‬

‫>;
=‪83‬ق
א‪

*789:
;0‬‬
‫א‪
*/0‬אو?


‬
‫‪2009
-
@A1429‬م

‬
 5

‫
א
وאאא
אد‬W
‫אد
א و‬

‫ ا ــ‬

‫    ن ا‬.‫*

د‬

M
N6=7O
7P8
,4‫ 
א
د
و‬Q
- ‫

א‬B‫
א‬B /
/6
ً  S
6

U774
‫ ن‬77V‫
א‬77
776‫
א‬M
E= 77W
77L
‫
و‬،77 X 
- 77‫
و
א‬077 @‫م
א‬774
77

E= 7W
K
7#
‫(
و‬S
- Y

+
= Z
8
‫
و‬،+=‫ 
و
אزא‬X‫\
א(
و
א‬Z

K
7]^‫
א‬- 7YX‫
א‬7
‫د‬74
M
7Y4
_‫א‬/7W)‫
وא‬، 7Y`O‫

و‬7I‫
א‬- 7‫אد
א=א‬4a
M

773O/
d77
‫د‬77
77‫
א‬77

77
- 7 ‫<
א‬77c&
M
N6= 7 (3‫
א‬77
=‫
د‬U774
77bS

- 76$‫
א‬M
7Z
‫_




=ج‬/‫
א‬3O/
d
f‫
و
א =א‬gZ
‫<
א‬h
،_/‫א‬

+77i‫
א‬- 776$‫
א‬77
- 77‫
א‬77?
M
‫'אع‬77 ‫
א‬+.‫א‬/77
U774
77bS
،77(6/‫
א‬+77i‫א‬

+=
‫دא‬a‫
و‬- 77‫
א‬77?
‫ ل‬77k
M
77 4
77bbl
-‫ دא‬Y77W
U774
77bS
77
77(6/‫א‬

M
077O ‫
و‬،- 77‫
א‬77?
M
77bb^‫
א‬77‫
א‬- 77]‫
א‬77
776‫
א‬m77
Kd6= 77‫א‬

77?
‫ ل‬77k
M
7736=‫
א‬-‫و=א‬77‫
و
א‬-‫א‬/77n o‫
א‬77
776‫<
א‬77`6
‫
و‬،6‫د‬77Z‫
א‬Fi77b‫א‬


K- ‫א‬

 ‫  ن ا ا‬.‫*

د‬

7&‫('و‬$‫
א‬-p 7‫
א‬q 7&/
U7r
7(@‫
א‬7 (‫
א‬+ 7IL
‫وع‬/
/6
ً  S
6

-$ 77bO$‫ 
?א‬/77
- 7‫
א‬77I`O
‫ ع‬7"L
M
77 (‫
א‬77c&?
g37

ً ` 77
7(@‫א‬

7
7
- ‫<
א‬c&
M
gZ
‫س
وא‬6= (3‫
א‬t
=‫
د‬U4
# S
K?6‫د‬Z‫א‬

+‫ د‬Y7W
U74

ً 7,6?
7# S
K
‫ ض‬76/ 

‫د‬7
‫ 
א‬Q
- ‫
وא‬0 @‫م
א‬4

vS 
8‫
و‬EProject Management ProfessionalF
d6= ‫
א‬+=‫دא‬a
M
 4
bbl
K‫ 
א
د‬Q
- ‫

א‬B‫
א‬B /
M
‫ ون‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪6‬‬

‫ا  س‬
‫ﻣﻘﺪﻣﺔ ‪9.....................................................................................................‬‬
‫ﺍﻟﻔﺼﻞ ﺍﻷﻭﻝ‪ :‬ﻧﻈﺎﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ‪14...........................................................‬‬
‫‪1.1‬ﻣﻜﻮﻧﺎﺕ ﻧﻈﺎﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ‪15.................................................................‬‬
‫‪1.1.1‬ﻋﻤﻴﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ )‪15 ................................... (E-Mail Client‬‬
‫‪2.1.1‬ﺧﺎﺩﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ )‪16 ..................................... (E-Mail Server‬‬
‫‪2.1‬ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﺒﲏ ﻋﻠﻰ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺎﳌﻴﺔ ‪17.....................................................‬‬
‫‪3.1‬ﺑﺮﻭﺗﻮﻛﻮﻻﺕ ﺗﺮﺍﺳﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ‪18..........................................................‬‬
‫‪1.3.1‬ﺑﺮﻭﺗﻮﻛﻮﻝ ﻧﻘﻞ ﺍﻟﱪﻳﺪ ﺍﻟﺒﺴﻴﻂ ‪18 ...............................................‬‬
‫‪2.3.1‬ﺑﺮﺗﻮﻛﻮﻝ ﻣﻜﺘﺐ ﺍﻟﱪﻳﺪ ‪18 ......................................................‬‬
‫‪4.1‬ﺍﺳﺘﺨﺪﺍﻡ ﻧﻈﺎﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ ﰲ ﻧﻈﺎﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ‪19.....................................‬‬
‫‪5.1‬ﺳﺠﻼﺕ ﺗﺒﺎﺩﻝ ﺍﻟﺮﺳﺎﺋﻞ ‪21...........................................................................‬‬
‫‪6.1‬ﻫﻴﻜﻠﻴﺔ ﺭﺳﺎﻟﺔ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ‪22..................................................................‬‬
‫ﺍﻟﻔﺼﻞ ﺍﻟﺜﺎﱐ‪ :‬ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ )‪24................................ (Spam‬‬
‫‪1.2‬ﻣﻘﺪﻣﺔ ﻋﻦ ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ ‪26..............................................‬‬
‫‪2.2‬ﺃﺳﺎﻟﻴﺐ ﺍﻟﺮﺳﺎﺋﻞ ﺍﻟﱪﻳﺪﻳﺔ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ ‪31.............................................‬‬
‫‪1.2.2‬ﺍﻷﺳﻠﻮﺏ ﺍﻷﻭﻝ‪ :‬ﺑﺮﻳﺪ ﺍﻧﺘﺤﺎﻝ ﺍﻟﺸﺨﺼﻴﺔ )‪31 ................... (E-Mail Spoofing‬‬
‫‪2.2.2‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﱐ‪ :‬ﺧﺎﺩﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﻔﺘﻮﺡ )‪31 ............ (Open Mail Rely‬‬
‫‪32‬‬ ‫ﺍﻟﺼﻮﺭ)‪(Image-based Spam‬‬ ‫‪3.2.2‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﻟﺚ‪ :‬ﺍﻟﺮﺳﺎﺋﻞ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ ﺍﳌﻌﺘﻤﺪﺓ ﻋﻠﻰ‬
‫‪4.2.2‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺮﺍﺑﻊ‪ :‬ﻫﺠﻤﺔ ﺍﻟﻘﺎﻣﻮﺱ )‪34 ........................ (Dictionary Attack‬‬
‫‪3.2‬ﺍﻻﺟﺮﺍﺀﺍﺕ ﺍﳌﻀﺎﺩﺓ ﻟﺮﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ ‪34...................................‬‬
‫‪1.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻷﻭﻝ‪ :‬ﺍﻟﺘﺼﻔﻴﺔ )‪34 ................................... (Filtration‬‬
‫‪2.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﱐ‪ :‬ﺍﻟﻘﻮﺍﺋﻢ ﺍﻟﺒﻴﻀﺎﺀ ﻭﺍﻟﻘﻮﺍﺋﻢ ﺍﻟﺴﻮﺩﺍﺀ )‪35(Black lists / White lists‬‬
 ‫‪7‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫‪3.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﻟﺚ‪ :‬ﺍﻟﻘﻮﺍﺋﻢ ﺍﻟﺒﻴﻀﺎﺀ ﺍﻟﺘﺠﺎﺭﻳﺔ )‪37 ...... (Commercial Whitelists‬‬
‫‪4.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺮﺍﺑﻊ‪ :‬ﺍﻟﺘﺤﻘﻖ ﻣﻦ ﺍﻟﺘﻜﺎﻣﻠﻴﺔ )‪37 ................ (Integrity Check‬‬
‫‪5.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﳋﺎﻣﺲ‪ :‬ﲢﻮﻳﺮ ﺍﻟﻌﻨﻮﺍﻥ‪38 ........................................‬‬
‫‪6.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺴﺎﺩﺱ‪ :‬ﻋﺪﻡ ﺍﻟﺮﺩ ﻋﻠﻰ ﺍﻟﺮﺳﺎﺋﻞ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ‪38 ..................‬‬
‫‪7.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺴﺎﺑﻊ‪ :‬ﺍﻹﺑﻼﻍ ﻋﻦ ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ )‪39 . (Spam Reportin‬‬
‫‪8.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﻣﻦ‪ :‬ﺍﻟﺘﻘﻴﺪ ﺑﻮﺛﻴﻘﺔ ﻃﻠﺐ ﺍﻟﺘﻌﻠﻴﻘﺎﺕ ﻟﱪﺗﻮﻛﻮﻝ ﻧﻘﻞ ﺍﻟﱪﻳﺪ ﺍﻟﺒﺴﻴﻂ‬
‫)‪41 ...................................................................(SMTP RFC‬‬
‫‪9.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺘﺎﺳﻊ‪ :‬ﺳﺠﻼﺕ ﺗﺒﺎﺩﻝ ﺍﻟﺮﺳﺎﺋﻞ ﺍﳌﺰﻳﻔﺔ )‪41 .... (Fake MX Records‬‬
‫‪10.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﻌﺎﺷﺮ‪ :‬ﺗﺄﺧﲑ ﺍﻟﺘﺮﺣﻴﺐ )‪43 ..................... (Greeting delay‬‬
‫ﺍﻟﻔﺼﻞ ﺍﻟﺜﺎﻟﺚ‪ :‬ﺍﻻﺻﻄﻴﺎﺩ ﺍﻹﻟﻜﺘﺮﻭﱐ )‪45............................................... (Phishing‬‬
‫ﺍﻟﻔﺼﻞ ﺍﻟﺮﺍﺑﻊ‪ :‬ﺃﺳﺎﻟﻴﺐ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻹﻟﻜﺘﺮﻭﱐ )‪65...................... (Phishing Techniques‬‬
‫‪1.4‬ﺍﻷﺳﻠﻮﺏ ﺍﻷﻭﻝ‪ :‬ﺗﺴﻤﻴﻢ ﺧﺎﺩﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ )‪67 ................. (DNS Poisoning‬‬
‫‪2.4‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﱐ‪ :‬ﺗﺴﻤﻴﻢ ﻣﻠﻒ ﺍﳋﻮﺍﺩﻡ ﺍﳌﻀﻴﻔﺔ )‪70 ............ (Hosts File Poisoning‬‬
‫ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﻟﺚ‪ :‬ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﺑﻮﺍﺳﻄﺔ ﺣﻘﻦ ﺍﶈﺘﻮﻯ )‪71(Content Injection‬‬ ‫‪3.4‬‬

‫‪73 .‬‬ ‫ﺍﻟﻮﺳﻂ)‪(Man-in-the-Middle Attack – MITM‬‬ ‫ﺍﻷﺳﻠﻮﺏ ﺍﻟﺮﺍﺑﻊ‪ :‬ﻫﺠﻤﺔ ﺍﻟﺮﺟﻞ ﰲ‬ ‫‪4.4‬‬

‫ﺍﻷﺳﻠﻮﺏ ﺍﳋﺎﻣﺲ‪ :‬ﺗﺸﻮﻳﺶ ﺍﻟﻌﻨﻮﺍﻥ)‪76 ..................... (Address Obfuscation‬‬ ‫‪5.4‬‬

‫‪6.4‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺴﺎﺩﺱ‪ :‬ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳﻖ ﺍﻟﱪﺍﻣﺞ ﺍﳋﺒﻴﺜﺔ)‪80(Malware Attack‬‬

‫‪(Search Engine‬‬ ‫‪7.4‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺴﺎﺑﻊ‪ :‬ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳﻖ ﳏﺮﻛﺎﺕ ﺍﻟﺒﺤـﺚ‬
‫)‪80 ....................................................................... Phishing‬‬
‫‪8.4‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﻣﻦ‪ :‬ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳﻖ ﺍﻟﻨﻮﺍﻓﺬ ﺍﳌﻨﺒﺜﻘﺔ )‪81(The Popup Attack‬‬
‫‪9.4‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺘﺎﺳﻊ‪ :‬ﺷﺮﻳﻂ ﺍﻟﻌﻨﻮﺍﻥ ﺍﳌﺰﻳﻒ )‪83 ................... (Fake Address Bar‬‬
‫‪(Phishing‬‬ ‫ـﺮﻭﱐ‬
‫ـﻄﻴﺎﺩ ﺍﻹﻟﻜﺘـ‬
‫ـﺎﺩﺓ ﻟﻼﺻـ‬
‫ـﺮﺍﺀﺍﺕ ﺍﳌﻀـ‬
‫ـﺎﻣﺲ‪ :‬ﺍﻹﺟـ‬
‫ـﻞ ﺍﳋـ‬
‫ﺍﻟﻔﺼـ‬
‫)‪91................................................................................... Countermeasures‬‬
‫‪1.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻷﻭﻝ‪ :‬ﻣﻨﻊ ﻫﺠﻤﺎﺕ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻗﺒﻞ ﺣﺪﻭﺛﻬﺎ ‪92 ...........‬‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪8‬‬
‫‪1.1.5‬ﺇﻧﺸﺎﺀ ﺣﺴﺎﺏ ﺑﺮﻳﺪ ﺇﻟﻜﺘﺮﻭﱐ ﻟﻠﺒﻼﻏﺎﺕ ‪92 ........................................‬‬
‫‪2.1.5‬ﻣﺮﺍﻗﺒﺔ ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﺮﺗﺪﺓ )‪92 ...................... (Bounced E-Mails‬‬
‫‪3.1.5‬ﻣﺮﺍﻗﺒﺔ ﻣﺮﺍﻛﺰ ﺧﺪﻣﺔ ﺍﻟﻌﻤﻼﺀ ‪93 ..................................................‬‬
‫‪4.1.5‬ﻣﺮﺍﻗﺒﺔ ﺣﺴﺎﺑﺎﺕ ﺍﻟﻌﻤﻼﺀ ‪94 ......................................................‬‬
‫‪5.1.5‬ﻣﺮﺍﻗﺒﺔ ﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﺼﻮﺭ ﺍﶈﺘﻮﻳﺔ ﻟﺸﻌﺎﺭ ﺃﻭ ﺭﻣﺰ ﺍﳌﻨﻈﻤﺔ ‪94 ............................‬‬
‫‪2.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﱐ‪ :‬ﺍﻟﺘﺼﻔﻴﺔ )‪98 ..................................... (Filteration‬‬
‫‪3.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﻟﺚ‪ :‬ﺍﻟﺘﺤـﺪﻳﺜﺎﺕ ﺍﻷﻣﻨﻴﺔ )‪ (Security Patches‬ﻭ ﺟـﺪﺭﺍﻥ ﺍﳊﻤﺎﻳـﺔ‬
‫)‪99 ...................................................................... (Firewalls‬‬
‫‪4.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺮﺍﺑﻊ‪ :‬ﺗﺼﻔﻴﺔ ﺍﻷﻛﻮﺍﺩ ﺍﻟﱪﳎﻴﺔ ﺍﳋﺒﻴﺜﺔ )‪100 ..(Cross-Site Script - XSS‬‬
‫‪5.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﳋﺎﻣﺲ‪ :‬ﻟﻮﺣﺔ ﺍﳌﻔﺎﺗﻴﺢ ﺍﳌﺮﺋﻴﺔ )‪101 ............... (Visual Keyboard‬‬
‫‪6.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺴﺎﺩﺱ‪ :‬ﺍﻟﺘﺼﺪﻳﻖ ﺍﻟﺜﻨﺎﺋﻲ )‪102 ......... (Two-Factor Authentication‬‬
‫‪7.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺴﺎﺑﻊ‪ :‬ﺍﻟﺘﺼﺪﻳﻖ ﺍﳌﺘﺒﺎﺩﻝ )‪104 .............. (Mutual Authentication‬‬
‫‪(Anti-Phishing‬‬‫‪8.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﻣﻦ‪ :‬ﺃﺷﺮﻃﺔ ﺃﺩﻭﺍﺕ ﻣﻜﺎﻓﺤﺔ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ‬
‫)‪105 ..................................................................... Toolbars‬‬
‫‪9.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺘﺎﺳﻊ‪ :‬ﺑﺮﺍﻣﺞ ﻣﻜﺎﻓﺤﺔ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ )‪110(Anti-Phishing Software‬‬
‫ﻣﻌﺠﻢ ﺍﳌﻔﺮﺩﺍﺕ ‪111.....................................................................................‬‬
‫ﺍﳌﺮﺍﺟﻊ ‪117................................................................................................‬‬
‫‪9‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪10‬‬
‫‪?
xI‬ن
?
‪
/b4‬א)&'&‪/L
73L
w‬א‪
7`4
7‬و&‪
7
F7b‬א‪ 7B‬ن
وא‪^7‬א ‪
YO‬‬
‫‪BO‬א‪/7"
(7
6‬د‪?
za


،‬ن
?‪
y37#‬א‪^7‬אم
א)&'&‪/7?
w7‬אً

‪
- 7Z
m7I
7
$‬‬
‫و(‪
7
g‬א‪/7r‬אد
‪

K‬و?‪

ً 736/L
y37#‬א‪7‬م
א‪7(6
Jx7‬ن
‪
m7r‬א‪^7‬אم
א)&'&‪

ً 7B
w7‬‬
‫‪
- Z‬وא‪/r‬אد
‪
7
g7
x]I‬א‪ 74‬ل
‪
K‬و ‪ 7
7‬ن
‪
d7O‬א‪
M
+= 7V‬א`‪/7‬ون
‬
‫א ‪B
ً 33
n‬א‪
6‬א`‪/‬א‪
I#‬و‪ "L‬ع
א"‪/‬ق‪{r
،‬ن
‪BO‬א‪
6‬א^אم
א)&'&‪
ً 33
y3#?
w‬‬
‫‪B‬א‪/L
6‬א‪8?
_p 
YI#‬א‪
<Yr‬و? ‪
،<Y3‬و
‪33Z6‬ن
‪


K= " ?

m‬‬
‫و‪x8‬א
א( ‪ I6
H‬ول
?‪
S‬א " =
א@‪
6‬و‪
%78‬א‪ "7#$‬د
א)('و&‪
%7‬א‪
Jx7‬‬
‫‪
F
M
03Z6
L‬א ‪
-‬א^‪

b‬א=‪ L‬م
א‪
-  Zi
6/Z‬א‪
،(I3‬و
‬
‫‪7`r

Y4
0O'6‬אن
א‪7‬אل
‪
7O
7‬א@‪
K
-  7Z‬و‪/7Z6‬ض
‪x78‬א
א(‪
7O
H 7‬‬
‫א(
(
‪7&?
/Y7W?
ً I3
،/Z‬אع
א‪

0 7‬א‪
7Y36
t7‬א‪ 7o‬ن
‪ "7#p‬د
‪
،‬‬
‫و‪
ً in‬א)
‪/‬א‪.‬א‪
-‬א‪
O

6 L
Z‬א‪
K- VC‬و‪}
L‬و ~‪
r‬א] ن
‪
M‬א ‪
= 7‬‬
‫‪n‬ع
א( ‪

Km8
H‬‬
‫و‪a‬ذ
?&‪/h
a
U774
3O 77(
/(77 
f77‬אƒ‪
\77i
77Y‬א‪x778
M
%77/‬א
א‚‪ 77‬ل
‬
‫א@‪ 77Z‬س‪?
U77I…?
„&{77r
،‬ن
‪x778
<Y77Z6‬א
א(‪
%^77Z
774O
M
H 77‬א)&'&‪
77
w77‬‬
‫א " =
و‪

K 8= h†
`O‬‬

‫د‪ .‬زد  ن ا ‬

‫و 


א
د
ون
א
وא د‬
‫‪11‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫‬
‫?‪
Ui77n‬א‪
776‬א)('و&‪
77
(E-Mail)
%77‬و‪
ƒ 77‬א‪ 77bO$‬ل
א@‪
776‬وא‡ ‪
+x77‬‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪12‬‬
‫ ‪
= &$‬א"‪/‬د
‪/
d‬و=
א‪ 6‬م‪
،‬א‪
\Z
U4
.‬א‪/r‬אد
?و
א‪
<7c
%]r
K- cI‬‬
‫‪
-$ k‬א‪ 4‬ل
‪
S‬א‪
6‬א)('و&‪
‰
%‬א‪Š
EFaxF
ˆ I‬دא‪
+‬א‪ bO‬ل
? ‪

K‬‬
‫א‪
6‬א)('و&‪
m]b
%‬و
‪/O‬א‪
J?
7
m7
7‬و‪/O
7‬א‪
،
\/7 ?
7‬‬
‫א‪'(a
w&
.‬و&
?م
‪
‹
L
m&{r
،$‬א‪
6/Œ
4
.%
(
Cp‬א‪^7‬א‪
Y‬‬
‫‪8‬א_
‪
g‬א‪8‬א_
א 
א‪ c&
Y4
„}
t‬م
א‪
6‬א)('و&‪

K%‬‬
‫‪x8
L I6‬א
א( ‪
FŽ
H‬א ‪
0‬א‪
M
^Z‬א‪p‬ل
א‪
6‬א)('و&‪
%‬‬
‫(
‪

،.%‬وא)
‪/‬א‪.‬א‪
-‬א‪ ,‬د‪ C
+‬؛
و‪
<7Z`O
‹
L‬א(‪7br
7Z
za
H 7‬ل
‪
K‬‬
‫א]‪
b‬אول
‪ c&
‘/6‬م
א‪
76‬א)('و&‪
،%7‬وא]‪
7b‬א‪
ƒ 7=
L 7I6
%& 7‬א‪
76‬‬
‫א)('و&‪
g77
%77‬א‪
،ESpamF
77/‬و}‪77n
77`
77’6‬ع
א(‪
H 77‬א‪
Nƒ/77‬و‪
778‬‬
‫א‪ "#$‬د
א)('و&‪
EPhishingF
%7‬وא‪(7
Jx7‬ن
‪7n‬ع
א]‪7b‬ل
‪
7‬א ‪
za
v7‬‬
‫א“ ‪


KN‬‬
‫‪3O‬و
?‪x8
8‬א
א( ‪ 
m&
M
H‬د‪
 
64O
+‬א‪
%^7Z

7Y

/‬‬
‫א@ ‪
0‬وא‪
(3‬א 
‪
EInternetF‬א‪

7
6x‬א'א‪
74
7‬א‪
76‬א)('و&‪

7S?
%7‬‬
‫?&‪
<Y"77‬א‪
77•
M
77‬א‪
”`I77‬א@‪ 77‬د
‪
\77i‬א‪ 77k
M
%77/‬ل
‪
<77Y‬و‪ 77ZS‬س
‬
‫ ‪ V‬ل
?
א ‪

K-‬‬
‫

‬
‫‪13‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪14‬‬

‫ا  اول‬
‫‪"#‬م ا  ا و‬
‫• ﻣﻜﻮﻧﺎﺕ ﻧﻈﺎﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬
‫• ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﻌﺘﻤﺪ ﻋﻠﻰ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺎﳌﻴﺔ‬
‫• ﺑﺮﺗﻮﻛﻮﻻﺕ ﺗﺮﺍﺳﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬
‫• ﺍﺳﺘﺨﺪﺍﻡ ﻧﻈﺎﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ ﰲ ﻧﻈﺎﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬
‫• ﻫﻴﻜﻠﻴﺔ ﺭﺳﺎﻟﺔ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬
15

‫
א
وאאא
אد‬W
‫אد
א و‬

7`6/Œ‫
و‬،
m7O &(
v7S
7
%&‫
א)('و‬6‫ م
א‬c&
8 
b]‫א
א‬x8
‘/6

(37‫
א‬74
%7&‫
א)('و‬76‫
א‬7‫א‬/O
7]

ً 7,6?
‘/76‫
و‬K–
d
Y,
Y4

M
- 7L "I‫
א‬. ˜?
‫ م‬c&
=‫
ودو‬،‫
א'א‬M
’ ^Z— ‫
א‬-$ O‫
א‬vS

 ‫א‬

76‫ 
א‬7=
7(C
‘/7W
7b]‫א
א‬x78
/7 †
M‫

و‬K
%7&‫
א)('و‬76‫א
א‬/O
4


K%&‫א)('و‬



‫ﻣﻜﻮﻧﺎﺕ ﻧﻈﺎﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬ 1.1

EData NetworkF
- 7& 3‫(
א‬37W
U74
I3‫
א‬EApplicationsF
- `3"‫(ن
א‬O

U74
„37
73"O
%7&‫
א)('و‬76‫
?ن
א‬7™‫

و‬KEserverF
‫ دم‬7 ‫ و‬،EclientF
74


‫ دم‬77 ‫
و‬EE-Mail ClientF
%77&‫
א)('و‬776‫
א‬774
77
‫ن‬77(6
77Yr

- 77& 3‫(
א‬377W

KEE-Mail ServerF
%&‫
א)('و‬6‫א‬
(E-Mail Client) ‫ ﻋﻤﻴﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬1.1.1

m7Y
‫
אא‬78‫
و‬،EMail User Agent-MUA)

‫^م‬7Z‫
א‬76/
7 ‫ ً

و‬7,6?
UZ6


KEE-Mail ServerF %&‫
א)('و‬6‫
و دم
א‬،‫^م‬Z‫

א‬I3‫א‬


W%8
%&‫
א)('و‬6‫
א‬4
Fƒ •‫و‬

‫^אم‬7 
EE-Mail ServerF
‫ دم‬7“‫
א‬M
76‫

א‬H 7ZS
7
76‫'
ع
א‬7‫•

א‬


KEPOP3F
6‫
א‬0(
‫ ل‬O‫و‬/


K‫
›= ل‬+‫
א‬-  `‫
א‬za
ً‫ دא‬I‫ ƒ
א‬/‫š
א‬3n

•

76‫ ل
&`
א‬O/
‫
 ^אم‬EE-Mail ServerF
‫
א“ دم‬za
ƒ /‫<
א‬ZO


•
KESMTPF
šZ3‫א‬
K%&‫
א)('و‬6‫ م
א‬c&
M
%&‫
א)('و‬6‫
א‬4
dL
E1-1F
(‫
א‬yn6


‫
א
وאאא
אد‬W
‫אد
א و‬ 16
Microsoft ?
q 777&/
%777&‫
א)('و‬7776‫
א‬7774
q‫א‬/777
U7774
777‫
א‬777
.?wr‫و‬/(6 ?
 /W

E1F?Outlook

(E-Mail Server) ‫ ﺧﺎﺩﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬2.1.1

Jx7‫
א‬78‫ و‬KEMail Transfer Agent–MTAF

76‫
א‬7`&
7 ‫ ً

و‬7,6?
U7Z6‫و‬

%7&‫
א)('و‬76‫אدم

א‬7
za
‫
و‬7
%&‫
א)('و‬6‫ ل
و
א= ل
א‬3`‫`م

א‬6

KEInternetF
 ‫(
א‬3‫
א‬U4
\/ ‫א‬
Microsoft Exchange ?
q &/
%&‫
א)('و‬6‫אدم
א‬
q‫א‬/
U4
‫
א‬



K?wr‫و‬/(6 ?
 /W

E2F?Server

776‫ م
א‬77c&
M
%77&‫
א)('و‬776‫ دم
א‬77
d77L
E1
J1F
(77‫ ً
א‬7 ,6?
y77n6



K%&‫א)('و‬

‫( ﻧﻈﺎﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬1-1 )‫ﺍﺷﻜﻞ‬

Ewww.microsoft.com/outlook/F
 ‫(
א‬3‫
א‬U4
q &‫
א‬dL

E1F

Ewww.microsoft.com/exchange/default.mspxF
 ‫(
א‬3‫
א‬U4
q &‫
א‬dL

E2F
‫‪17‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﺒﲏ ﻋﻠﻰ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺎﳌﻴﺔ

‬ ‫‪2.1‬‬

‫)‪(Web-based E-Mail – webmail‬‬
‫‪'(a
6/

%8‬و&‪ 7bOp
+7
%7‬ل
‪p7
7‬ل
‪
y]7b‬א‪
(37‬א ‪
7‬‬
‫‪
y]b
Yr
œ6}
،EInternetF‬א‪
(3‬א 
دو=
‪
4‬א‪
6‬א)('و&‪

K%‬‬
‫
א
‪
U4‬א‪
6‬א)('و&‪
%‬א
‪
U4‬א‪
(3‬א ‪
?Gmail?
7
7‬‬
‫‪Egoogle.comF
?77

?
 /77W
77
Egmail.comF‬؛
‪
M
y777777n
778
77‬א‪
(777777‬‬
‫‪

KE2-1F‬‬
‫

‬

‫ﺷﻜﻞ ‪ 2-1‬ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﺒﲏ ﻋﻠﻰ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺎﳌﻴﺔ‬



‫
א
وאאא
אد‬W
‫אد
א و‬ 18

‫ﺑﺮﻭﺗﻮﻛﻮﻻﺕ ﺗﺮﺍﺳﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ‬ 3.1

77 L
-p 77O‫و‬/
‫د‬77
‫م
و‬B776
،%77&‫
א)('و‬776‫ م
א‬77c&
M
776‫
א‬77‫'א‬

7
7r
‫ دم
?و‬7“‫
وא‬7‫

א‬.‫
א‬،‫א‬/O
4
M
_/Œ
(
UIZ6
،+œ }


%7 &‫
א)('و‬776‫ ل

א‬3`77‫
א‬77
7 (~ O
}
+‫د‬77‰
-‫א‬77"
‫ ع‬773O‫
א‬77Cp

7 
‫אدم‬77“‫א‬
Km =a‫و‬
‫ ﺑﺮﻭﺗﻮﻛﻮﻝ ﻧﻘﻞ ﺍﻟﱪﻳﺪ ﺍﻟﺒﺴﻴﻂ‬1.3.1
(Simple Mail Transfer Protocol - SMTP)

(377‫
א‬U774
%77&‫
א)('و‬776‫
א‬77‫
'א‬7 ’ —
‫
א‬%77 `‫ل
א‬77 O‫
אو‬778

7`i‫
א‬7`h‫

وא‬1 821
<7L=
ERFCF
- 7`‫
א‬07Œ
`h
m]6/O
‹‫
و‬، ‫א‬


K2 1123
<L=

U74
šZ3‫
א‬6‫ ل
&`
א‬O‫و‬/
-$ bO‫
א‬%&‫
א)('و‬6‫
אدم
א‬3`ZO

<L=
gO
(‫
و
א‬KE3-1F
(‫
א‬M
yn
8

،EPort 25F
25
<L=
x]I‫א‬
K‫
א“ دم‬/6
3L

x]I‫א‬
‫ ﺑﺮﺗﻮﻛﻮﻝ ﻣﻜﺘﺐ ﺍﻟﱪﻳﺪ‬2.3.1


(POP3 – Post Office Protocol)

776‫'
ع
א‬77$
%77&‫
א)('و‬776‫
א‬774
m^77Z6
Jx77‫ل
א‬77 O‫
א‬778

<77L=
- 77`‫
א‬077Œ
77`h
‫ل‬77 O‫א
א‬x778
F776/O
‹
K
‫ دم‬77“‫
א‬77
%77&‫א)('و‬

K
Ehttp://tools.ietf.org/html/rfc821F
`h‫^
א)('و&

א‬ZI‫

א‬E1F

K
Ehttp://tools.ietf.org/html/rfc1123F
`h‫^
א)('و&

א‬ZI‫

א‬E2F
 ‫‪19‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫‪

K1 1939‬‬

‫‪Š
ً 4‬ن
א‪

3
<L/‬א<
א‪ O‬ل
‪
za
g6‬א‪
^7ZI‬א@ ‪
7‬א‪
7
^7Z‬‬
‫‪x8‬א
א‪ O‬ل‪
،‬و‪
%8‬א‪
^ZI‬א ‪

K‬‬
‫‪77
3`77ZO‬אدم
א‪
776‬א)('و&‪
%77‬א‪/
-$ 77bO‬و‪77 O‬ل
(‪
077‬א‪
U774
776‬‬
‫‪
M
y7n
78
7
،
EPort‬א‪
KE3-1F
(7‬و(‪?
7‬ن
‪

g776‬‬ ‫א‪110F110
<7L=
x7]I‬‬

‫‪
/6‬א“ دم
=‪
<L‬א‪

Kx]I‬‬

‫‪POP3‬‬ ‫ﺷﻜﻞ )‪ (3-1‬ﻣﻨﺎﻓﺬ ‪ SMTP‬ﻭ‬

‫‪ 4.1‬ﺍﺳﺘﺨﺪﺍﻡ ﻧﻈﺎﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ ﰲ ﻧﻈﺎﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ
‬

‫א<
א‪ "I‬ق
‪
8‬א‪
.BX‬א‪I4
M
?@?
p4

%OŠ6
Jx‬אن
א‪
76‬א)('و&‪
K
%7‬‬

‫‪

E3F‬א‪
^ZI‬א)('و&

א‪. Ehttp://tools.ietf.org/html/rfc1939F
`h‬‬



‫
א
وאאא
אد‬W
‫אد
א و‬ 20


K?abc.com?
8
?xyz@abc.com?
J6‫אن
א‬I
‫" ق‬I‫ً
א<
א‬pr

- 7&(‫
א‬7S?
78
EDomain Name System - DNSF
- 7L "I‫
א‬. 7˜?
‫ م‬7c&

K
7YI
7r
7 (
(7
7O
‫
אدم‬+4

‫(ن‬6‫
و‬، ‫(
א‬3
 ‫א‬

v7S
،6/7‫
א‬7YI6‫ و‬I4‫
و‬- 7L "I‫
א‬. 7˜?
7
š/7‫
א‬78
‫ م‬cI‫א
א‬x8
- 
<8?

f= 734‫
א‬7(
m7&a

J?
،m7
07Œ ^‫אد
א‬/7‫ دم
א‬7^
J/‫אن
א‬I‫
א‬r/

$

‫د‬7
7‫
א‬7

‫אن‬7I4
‫ ل‬7‫
א‬37
U7r
K
7 ‫(
א‬37
37ZI 
FO C‫د
א‬

- & ‫
و‬،E213.230.10.197F
C
VZ‫
א‬J/‫אن
א‬I‫
א‬Ewww.ksu.edu.saF

7
،- 7L "I‫
א‬. 7˜?
‫אدم‬7
7S?
M
‫م‬pp
S ‫
و‬+‫(ن

د‬O
fx8
š/‫א‬


KE4-1F
(‫
א‬M
yn
8

‫( ﺍﻻﺳﺘﻌﻼﻡ ﻣﻦ ﺧﺎﺩﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ‬4-1) ‫ﺷﻜﻞ‬




‫م‬p7$‫
א‬%78
- 7L "I‫
א‬. 7˜?
‫ م‬7c&
Y7`6
t7‫\
א‬/ ‫
א‬- “‫\
א‬Sa

/7 ?
E 7I8
‫ن‬7(6

7`r
K
‫"
 <
&" ق‬3O/‫
א‬%&‫
א)('و‬6‫
אدم
א‬. ˜?
4
21

‫
א
وאאא
אد‬W
‫אد
א و‬

gr7
7a
7‫
ذ‬.‫
و=א‬037Z‫د
א‬76‫
و‬،7S‫ ق
وא‬7"&
<7)
%7&‫('و‬a
76/
‫ دم‬7


‫אد
م‬7“‫
א‬7
‫ ق‬7"I‫<
א‬7‫
א‬U74

+g7(‫
א‬- 3"‫

א‬d6‫ز‬O
‫ض‬/
+4 Z
‫אدم‬


KE Failover
‫
?و‬،
Backup F
Œ S‫
אدم
א‬gr
‫
?و‬،ELoad BalancingF

. 77˜?
‫ دم‬77
‫{ن‬77r
،%77&‫
א)('و‬776‫אدم
א‬77“
377ZI 
‫م‬p77$‫
א‬77 S
M
Mail exchange Records F
?ƒ /‫ دل
א‬3O
-pV?
77
_/O
-pVZ
‫د‬/6
- L "I‫א‬

.E– MX records



‫ ﺳﺠﻼﺕ ﺗﺒﺎﺩﻝ ﺍﻟﺮﺳﺎﺋﻞ‬5.1
(Mail exchange records – MX records)

<œ 
’7Z
— ‫
א‬76‫و‬B
7‫
وذ‬، 7/‫ ل
א‬7b6
a
7]
ƒ /‫ دل
א‬3O
-pV
‫žد‬
preference F
‫ دم‬7
(
%,]O
<L=
d
œ3œ`Z}
%&‫
א)('و‬6‫
אدم
א‬. ˜Š



KEnumber



 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪22‬‬

‫

‬

‫ﺷﻜﻞ )‪ (5-1‬ﺳﺠﻼﺕ ﺗﺒﺎﺩﻝ ﺍﻟﺮﺳﺎﺋﻞ‬

‫א‪/‬ض

א‪
<L/7‬א]‪
07O/O
78
%7,‬א“‪7‬אدم
‪ 7
7(r

K‬ن
=‪
<7L‬א]‪
7,‬‬
‫‪
7‬‬
‫?‪
w77&
/77#‬א‪
77 S‬א‪
77#O
M
77 ?
‘ 77VI‬א‪
، 77/‬و‪x77C‬א
‪{77r‬ن
א“‪ 77‬دم
א —‪œ /‬‬
‫Ÿ ول
א‪ bO$‬ل
?و‪
d
ً$‬א“ دم
ذ‪
J‬א‪
<L/‬אد&‪{r
،U‬ن
‪
yVI6
 ‬א‪ bO$‬ل
‪
037Z
m7‬‬
‫
‪ Ÿ
m&{r‬ول
‪
d‬א“ دم
א‪
M
yn
8

،m6
Jx‬א(
‪

KE5-1F‬‬

‫‪ 6.1‬ﻫﻴﻜﻠﻴﺔ ﺭﺳﺎﻟﺔ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ

‬

‫‪(6‬ن
א‪
6‬א)('و&‪B
?
+4

%‬א‪

W%8
،.‬‬
‫• ﺗﺮﻭﻳﺴﺔ ﺭﺃﺱ ﺍﻟﺮﺳﺎﻟﺔ )‪(Header‬‬
‫وž‪
U4
J‬א‪
- & 3‬א 

‬
‫‪
،
7‬و‪7(6‬ن
‪
U74‬א‪
W
7b‬‬
‫
‪

WEFromF‬א‪I‬אن
א‪œ /
} 
J76‬‬
‫‪
J‬א —‪œ /‬‬
‫‪Kxsender]@[source domain namez‬‬
 23

‫
א
وאאא
אد‬W
‫אد
א و‬


œ /} 
%&‫
א)('و‬6‫
א‬H ZS
<‫
א‬Wsender


. /‫
א‬mI
-=#
Jx‫" ق
^ دم
א‬I‫
א<
א‬Wsource domain name

ً
7&
‫א‬I4
J7Ÿ
‫
?ن‬7(‫

و‬K3
œ`7Z
} 
J76‫אن
א‬7I‫

א‬:EToF
3œ`Z— ‫
א‬J

777b‫
א‬U7774
3œ`777Z
— ‫אن
א‬777I4
‫ن‬777(6
K3œ`777Z}
7774k
‫
?و‬،ً‫א‬777S‫ً
و‬p3œ`777Z}
K
[receiver]@ [destination domain name]


3œ`Z} 
%&‫
א)('و‬6‫
א‬H ZS
<‫
א‬Wreceiver


.ma
 /‫
} ’=د
א‬Jx‫" ق
^ دم
א‬I‫
א<
א‬Wdestination domain name

%7&‫
א)('و‬76‫ دم
א‬7
7
 7/‫ =
א‬Z
%b]O
‫
 ن‬WERouteF
= Z‫
א‬J

،\/77 ‫"
א‬77‫ “אدم
א‬77
ً‫و=א‬/77
،3œ`77Z— ‫
א‬%77&‫
א)('و‬776‫ دم
א‬77
za
7
œ /— ‫א‬

74
q‫א‬/7
‫ض‬/7O$
+‫ د‬74
.
U74‫
א‬za
]7‫„

א‬B‫
א‬ZZ‫
א‬0ZS
3O/

Y7n/4
‫^œ
م‬7Z
— ‫ ن
א‬7({
7(
،
76‫
א‬d7
ً+/W 3
= Z‫
א‬- & 
%&‫
א)('و‬6‫א‬

= 77Y•a?
= 77^
،
%7 &‫
א)('و‬776‫
א‬774
q‫א‬/77
M
+/r77
-‫ =א‬77
776/Œ
774


ً$ 77
‫ض‬/776
E7-1F
(77‫

وא‬K?77

?
%77&‫
א)('و‬776‫
א‬774
M
?77#‫א‬


K= Z


K /‫ع
א‬n

:(Subject) ‫• ﺍﳌﻮﺿﻮﻉ‬


K /‫

&”
א‬:(Body) ‫ﺺ‬‫• ﺍﻟﻨ‬


%&‫('و‬a
6/
 =
E6-1F
(W
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪24‬‬

‫

‬
‫ﺷﻜﻞ ) ‪ (7-1‬ﻣﺴﺎﺭ ﺭﺳﺎﻟﺔ ﺑﺮﻳﺪ ﺇﻟﻜﺘﺮﻭﱐ‬

‫

‬
‫ﺍﻟﺸﻜﻞ )‪ .(7-1‬ﺑﻴﺎﻧﺎﺕ ﺍﳌﺴﺎﺭ ﰲ ﺭﺳﺎﻟﺔ ﺑﺮﻳﺪ ﺇﻟﻜﺘﺮﻭﱐ ‪.‬‬

‫ا"! ا ‬
‫ر) ا ا('&و  ‪  $‬ا‪#$‬‬
‫)‪(Spam‬‬
‫

‬
‫‪25‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫• ﻣﻘﺪﻣﺔ ﻋﻦ ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ‬

‫• ﺃﺳﺎﻟﻴﺐ ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ‬
‫• ﺍﻹﺟﺮﺍﺀﺍﺕ ﺍﳌﻀﺎﺩﺓ ﻟﺮﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 26

7Y]6/O
v7S
7
7/‫
א‬g7
%&‫
א)('و‬6‫
= ƒ
א‬b]‫א
א‬x8
L I6













K- cI‫אد
وא‬/r‫\
א‬Z
U4
=‫א‬/n?

m33ZO
‫
و‬، Yr‫א‬8?‫و‬

7776‫ ل
א‬777=a
M
^777Z‫
א‬0 777‫
א‬777b]‫א
א‬x7778
L 777I6
777‫
ذ‬777‫و‬


K C
+‫ د‬,‫
א‬-‫א‬.‫א‬/
)‫
وא‬،H/‫
א‬g
%&‫א)('و‬



‫ ﻣﻘﺪﻣﺔ ﻋﻦ ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ‬1.2
(Spam)

‫ م‬77c&
‫^אم‬77‫
א‬+. 77
a
77Y&Š
77/‫
א‬g77
%77&‫

א)('و‬7 6‫ ƒ
א‬77=
_/77O

7
EBulkF
7ƒ 8
<7
‫ ل‬7={
EElectronic Messaging SystemF
7&‫ ƒ
א)('و‬/‫א‬

fx77C
3œ`77Z
— ‫
א‬773L
77
77/‫
?و
א‬77L‫
?و
א‬77"‫
א‬g77‫אƒ
و‬77‫ ƒ
א‬77/‫א‬
Electronic F
%77&‫
א)('و‬776‫ م
א‬77cI
ESpamF
77
‫ ط‬773O=‫ ع
א‬77W
77`‫
و‬Kƒ 77/‫א‬

ƒ 777/
š777‫
و‬J?
U7774
ً 7 7,6?
7773"IO
777Y&a
$a
،EE-MailF
ً‫ =א‬777b ‫
?و
א‬،EMail
W
&‫א)('و‬
K
EBlogsF
- &‫•אو‬
K
ESMSF
+gb`‫
א‬bI‫ ƒ
א‬/‫•א‬
K
EForumsF
- 6I‫•א‬
K
EWeb Search EnginesF
vi3‫
א‬- /‰•


K
EInstant MessagingF
/W 3‫
א'א
א‬L
%&‡‫•א'א
א‬


7Cp
7‫
و‬،J= 7V‫ن
א‬p74)‫
א‬8
ƒ /‫
א‬fx8

‫ض‬/‫(ن
א‬6

ً 3 

F 7(‫אم
א‬7&$

ً‫א‬/7c&
،+78‫

ز‬7](O‫
و‬/7Z
}
‫ون‬76/6
74
‫ن‬p74›
‫ن‬7I‫Š
א‬V6

7&p4)‫
א‬+‫ د‬7‫
א‬B7Y¤
\7
œ — ‫
א‬U4
r
K- &p4)‫
א‬fxY
+‫ د‬4
"3O/‫א
א‬
27

‫
א
وאאא
אد‬W
‫אد
א و‬

K\/ ‫ن
א‬p4)‫
` =&ً
 ƒ
א‬Pn
](
ƒ =
‫ م‬c&
J?
4
8/&‫و‬

 7O
fx8‫
و‬،‫ ل‬S$
ƒ /‫
א‬fx8
Yr
’ ZO}
\/ ?
‫אض‬/?
ً ,6?
E I8

7`6/"‫
א‬fx78
7,O$
v7S ESocial EngineeringF
74 
$‫
א‬7IC‫
א‬H 
wž

3
œ`7Z
}
7I4
J/73‫
א‬%4 7
$‫
א‬07& X‫
א‬7ZO 
=7`
7I`‫
א‬-‫א‬/7
ً$p‫א‬

‫ ن‬7
t7‫
?
א‬76gV&
M
7‫'و‬3‫
א‬-‫ =א‬7$‫ ƒ
?א‬7=
‫ع‬7I‫א
א‬x8
U4
ً$ 

K /‫א‬

M
%78
-‫ =א‬7‫
א‬7
?
7
7 
¥ 73
76i
 7/‫
א‬3œ`Z}
‫ ع‬ILa
YI
_C‫א‬

d7
7r/
F7
y7]
 7/‫
א‬3
œ`7Z
}
‫ ع‬7ILa
7‫
‰ و‬78
/ †
ً$ ‫

و‬K8‫א@``
و‬

M
77I
،67
r
d7"`
‫
?و‬،+=77#
‫
?و‬،
%7b&
F7
F77‫א
א‬x778
‫Šن‬7
m77 Y6{
 7/‫א‬


>KK‫وس‬gr
8
``@‫א‬

ƒ 777/‫
א‬777ir (
J‫د‬777Z‫Œ„
א‬777‫
א‬q 777&‫
א‬8=777#?
1 ƒ 777bSa
M

377Z&
‫
?ن‬377O
،ENational Saudi Anti-Spam ProgramF
E77/‫
א‬g77F
77 iL$‫א‬


J‫ود‬B

Y§
‹
t‫
א‬- ‫
א‬U4
ً‫א‬. I
H/‫
א‬g
%&‫
א)('و‬6‫א‬

K
`67ZO
ƒ 7=
7Yc
‫ ن‬7 ‫
و‬،‫م‬2007
‫ م‬7
٪54
w7
EISPF
 ‫(
א‬3‫א‬
SMS F
77/‫
א‬g77
+g77b`‫
א‬77bI‫ ƒ
א‬77/‫
א‬377Z&
‫ ً
?ن‬7,6?
ƒ 77bS)‫
א‬-/77Y•?‫و‬


w7
J
6‫د‬Z‫
א‬M
‫`© ل‬I‫
א‬FO C‫
א‬%

+‫
אא=د‬- ‫
א‬U4
ً‫א‬. I
ESpam

٪5
،I6‫
د‬٪3
، 
٪2
،P6x
٪20
،6= ¤
YI
٪65
،‫م‬2007
‫
 م‬٪1.7


.\/ ?
‫אض‬/?
-‫
ذא‬٪5‫
و‬،<Y‫
Šאق
א‬O

I`O‫
و‬-$ bO$‫
א‬P8
،?6‫د‬Z‫
א‬/‫
א(
א‬M
 iL$‫ ƒ
א‬/
8‫א‬/‫
א‬dn‫`<
א‬O? E1F

(http://www.spam.gov.sa/Statistics-Arabic.doc) ،‫م‬2008
J781429
،- ‫א‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 28

774
2 ESymantecF
?& 77?
W /77W
mO=77#?
1 J/Y77W
/776/`O
/77Y•?

76‫
א‬37Z&
‫
?ن‬2007
‫ م‬74
7
/76‫א‬r
/Y7
7/‫
א‬g
%&‫
א)('و‬6‫= ƒ
א‬

M‫
و‬K
%7 &‫
א)('و‬776‫ ƒ
א‬77=
% 77§a
77
٪69
77
H77/‫
א‬g77
%77&‫א)('و‬

377ZI‫
א‬fx778
‫
?ن‬/77Y•?
4 ECommtouchF
?77O
‫م‬77 ?
 /77W
mO=77#?
/77 †
3 /776/`O

7
 7=
= 7
140
J?
٪87
w7
2006
‫ م‬74
M‫
و‬٪67
w7
2005
‫ م‬


K2005
‫ م‬4
4
٪30
8=L
+‫ د‬6B
، =
= 
160
% §a

3777ZI 3r
K- 777cI‫אد
وא‬/777rª
‫ ج‬7774‫ز‬a
=777b
777 ‫
א‬3777ZI‫
א‬fx7778
(777O

07& X‫
א‬U7r

K
ƒ 7/‫
א‬fx78
Yh
œ7iO}
‫

?ن‬7(
7I?‫
و‬7 
= " ?
E I8
- cI



W% ‫א‬
K]•‫
א‬3L

Y]bO‫ ƒ
و‬/‫א
א‬x8
+.‫א‬/`
ƒ ,‫
א
א‬- 4 

•

773L
77
77YO.‫א‬/L
77@
ƒ 77/‫א
א‬x778
«77]@
ƒ 77,‫
א‬77I6B^‫
א‬S 77Z‫•

א‬
KEF•‫א‬F
3œ`Z— ‫א‬
E-Mail F
%7&‫
א)('و‬76‫ دم
א‬7
U74
J=‫و‬/7,‫
א‬g
ETrafficF
r‫•


א‬
KcI
EServer
Data Network F

‫ ل‬777bO$‫
א‬+ 777IL
777Z
J=‫و‬/777,‫
א‬g777
EpY777$‫•


א‬

(1) The State of Spam, A Monthly Report – February 2007, Generated by Symantec
Messaging and Web Security
(http://www.symantec.com/avcenter/reference/Symantec_Spam_
Report_-_February_2007.pdf)


ESymantec.comF
- ‫
?
א‬- `3"O
‫ ل‬k
M
bb^
 /W
%8



E2F
(3) 2006 Spam Trends Report: Year of the Zombies, December 27, 2006,
Commtouch® Software Ltd.,
(http://www.commtouch.com/documents/Commtouch_2006_Spam_
Trends_Year_of_the_Zombies.pdf)




%&‫
א)('و‬6
- ‫
?
א‬- k/
M
bb^
 /W
%8



E4F
Ehttp://www.commtouch.comF









29

‫
א
وאאא
אد‬W
‫אد
א و‬

77L‫

و‬KEInternetF
77 ‫(
א‬377‫
א‬774
‫ ل‬77bO$‫
א‬77Z
ً 7,6?‫
و‬،
7cI
EBandwidth

?
7O
‫م‬7 ?
 /7W

74
=‫ د‬7b‫
א‬،2006
‫ م‬7
1 /‫
א‬g
ƒ /‫
א‬/6/`O
/Y•?
F
4 w77776 
3 ‫א‬g7777O
1700
w(Y7777‫ ƒ
א‬7777/‫
א‬fx77778
‫
?ن‬2 ECommtouchF

M
EImagesF
=77b‫^אم
א‬77‫
و?ن
א‬2006
‫ م‬774
M
Ew776 
5 77(
1,700,000,000

- 76 3‫
א‬7
g37
‫د‬74
7
=7b‫
א‬m73"O
7
EpY7$‫
א‬37Z&
dr=
L
ƒ /‫
א‬fx8

KETextF
‫ص‬bI 
&= `
، Y…‫
و‬Yc]@
EBytesF

+77i‫
א‬- 776$ 
77&=]
776$
6/77‫
א‬77PC‫
א‬77YO/
?
6 77‫
د=א‬M

87S‫
و‬7(6/‫
א‬- 7cI‫
א‬w7]
ƒ 7/‫
א‬7
74I‫
א‬fx78
‫
?ن‬-/Y•?
(6/‫א‬

F (O‫ ƒ
و‬,‫
א(]
א)&

א‬fx8
O‫
و‬،2007
‫ م‬4
M
ً‫
 =א‬13

/ ?


Kƒ /‫
א‬fxC
Jb
‫ز‬p‫
وא`\
א 
א‬،- k‫
وא‬-‫אא‬


W„‫
א‬0& X‫
א‬U4‫و‬

76
t7‫(
א‬37‫ ً

א‬7,6?‫
و‬،3œ`Z— ‫ ز
א‬Y

‫ض‬/O
‫ ƒ
?ن‬/‫
א‬fxC
(

•

 7/‫
א‬d7
7`r/‫
א‬- 7]‫
א‬76/Œ
4
- ‫و‬g]‫
א‬- V8
 
‫ ز‬YX‫א
א‬x8
Y4

(1) 2006 Spam Trends Report: Year of the Zombies, December 27, 2006, Commtouch®
Software Ltd.,
(http://www.commtouch.com/documents/Commtouch_2006_Spam_Trends_Year_of_
the_Zombies.pdf)



%&‫
א)('و‬6
- ‫
?
א‬- k/
M
bb^
 /W
%8


E2F
K
Ehttp://www.commtouch.comF








. ‫ن‬1000
„O
ƒ‫  د‬E3F


m
?w?7‫
א‬KEbitF
w
8

‫(ن‬O‫
و‬H @‫
א‬M
- ‫
א‬6Bl
‫ س‬L
+S‫
و‬%8
EbyteF w6 
E4F
K?0?
‫?
?و‬1?
a
‫ ن‬L









. ‫
ن‬1
„O
ƒ‫  د‬E5F
. Ehttp://www.spamlaws.com/state/ca.shtmlF
- bb^‫ ل
وא‬4ª
&=]
=‫

د‬E6F


‫
א
وאאא
אد‬W
‫אد
א و‬ 30

J‫د‬7O
7L
t7‫
وא‬،
 7/ 
I,‫(
א 
א‬3‫
=وאš
א‬6/Œ
4
‫
?و‬،&‫א)('و‬

+‫
دود‬777`6/"‫
א‬fx7778
U7774
ً$ 777‫

و‬Km777ž
‫وس

?و‬g777r
F777
x777]IO
za
8=‫و‬777

y77r
776/Œ
74
+‫ود‬77‫
א‬fx778
-/7&‫
א‬K2004
/6 77I6
M
w]77
‫
א‬t7‫
א‬،?MyDoom?

F7‫Šن
א‬7
 7/‫œ
א‬3`7Z—‫ م
א‬7Y6{
7‫
وذ‬،
%7&‫('و‬a
76/
 7=
d7
7r/‫
א‬F7‫א‬

‫א‬x7C
3`7Z‫
א‬y7r
7I4‫
و‬،?MyDoom?
+‫
دود‬8
``@‫
א‬M‫
و‬/]
%b&
F
r/‫א‬

‫ ل‬7={
 7#)‫
א‬/7h?

7
‫م‬7`r
،
+‫ود‬7‫
א‬fx7Y
ً  b
y3b6
f‫ ز‬Y

‫{ن‬r
r/‫
א‬F‫א‬

K1 i,‫ ز
א‬Y

M
•]‰
\/ ?
&‫('و‬a
6/
6‫ و‬I4
za
 /‫^

א‬Z&

‫ س‬77I 
/76/‫
א‬77
?
7
7Yr
77/‫
א‬g7
ƒ 7/‫^אم
א‬77‫<
א‬76
<ƒ‫א‬/7
•

?
76gV&
M
7‫'و‬3‫
א‬-‫ =א‬7$‫ 
?א‬7/
‫ ل‬7S$‫ ƒ
א‬7=
%8‫
و‬،]Ž
_‫א‬8


K
7`6/r?
H7I

76=Y§
M
%& 7&‫
א‬J/7‫
א‬7`

ً 7,6?
‫
و
א‬K 8/ ‫ 
ذ‬Z‫א‬

¬
7œ O
’
766‫
א‬6‫ و‬7I
‫
א‬7
7ƒ 8
<7(
 7=
‫ن‬7/‚‫
א‬7=?
I4
b`‫
א‬fx8
?3O

78
76‫א
א‬x7C
ƒ‫א‬7‫
א‬3
œ`7Z
— ‫
א‬7
‫ ن‬7 ‫
و‬،2
7&‫א‬/‫
א‬7
_$‡‫
א‬- P
„Q

78‫
و‬،
76 
m7I
H7"‫
א‬x7]&‫
و‬x(‫
א‬m4
w"&‫
א‬Jx‫
وא‬،6 &‫
א‬. 6/h‫
א‬S?

‫ م‬7L
m7#‫
و‬7I4‫
و‬، 7`6/r?
H7I

6=Y§
_ 6=?
SŠ
‫אن
‰د‬I4
za
08x6
‫?ن‬

76]‫א
א‬7Z6
 
7‫
و‬،mS‫א‬/7
‫ق‬p7Œ)
m78?
7
6]
‫א‬3 Œ‫
و‬mr " 
‫ن‬/‚‫א‬


K3 H/‫
א‬g
6‫א
א‬xC
،min
‫( ن‬r
،fL

?F-Secure?
- ‫ 
?
א‬/W

- ‫و‬g]‫
א‬F#‫

و‬E1F

K
Ehttp://www.f-secure.com/v-descs/novarg.shtmlF










K
`6/r?
HI

6=YX
6`I‫
א
א‬%8
ERandF
&‫א‬/‫
א‬E2F
“SA cops, Interpol ?
‫אن‬I
2004\Z6‫\د‬31
­6= 
`6/r?
HIX‫"
א‬24
= 3 ??
+6/

E3F
http://www.news24.com/News24/South_Africa/News/0,,2-7-F
probe murder
. E1442_1641875,00.html
 ‫‪31‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫‪ 2.2‬ﺃﺳﺎﻟﻴﺐ ﺍﻟﺮﺳﺎﺋﻞ ﺍﻟﱪﻳﺪﻳﺔ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ‬

‫‪x778
L 77I6‬א
א‪
F77Ž
.B77X‬א‪
0 77‬א‪ 77=a
M
^77Z‬ل
=‪
ƒ 77‬א‪
776‬‬
‫א)('و&‪
g
%‬א‪K/‬‬

‫‪ 1.2.2‬ﺍﻷﺳﻠﻮﺏ ﺍﻷﻭﻝ‪ :‬ﺑﺮﻳﺪ ﺍﻧﺘﺤﺎﻝ ﺍﻟﺸﺨﺼﻴﺔ )‪(E-Mail Spoofing‬‬

‫‪7777 O/
7777`]6‬ل
&`‪
7777‬א‪
77776‬א‪
7777#
za
ESMTPF

š7777Z3‬א‪

67777b‬‬
‫ ‪ 77() 
m77&a
\?
،7‬ن
‪ 77=a‬ل
=‪77I4
JŠ77
 77‬אن
‪
776/‬‬
‫‪
U774
EAuthenticationF‬א —‪œ /‬‬
‫‪'(a‬و&‪
6/Œ
4
%‬א‪'
04p‬و‪?=
Z6‬س
א‪
،EHeaderF
 /‬وž‪6‬א
 @`
??
‬
‫‪
EFromF‬א‪77I4
77
Jx77‬אن
א —
‪œ /‬‬
‫‪
 77/ r

K77‬א` د‪77I4
77
77‬אن
‪'(a
776/‬و&‪
%77‬‬
‫‪
K77‬و‪x778‬א
א‪
‹
077& X‬א‪ 77=a
M
mp77‬ل
‬
‫‪/77, 
N77(O$‬و=‪
77b^W
77``S
+‬א —‪œ /‬‬
‫א‪
g
6‬א‪
6/Œ
4 H/‬א‪ S$‬ل
‪
،EspoofingF‬و‪
fx8
œ/}
6‬א‪
z
a
ƒ 7/‬‬
‫א  =
‪ I4‬و‪/
6‬א‪
L‬و‪?
_/7b
<7

ƒ 7W‬و
‪/
 /7W‬و‪
،
7r‬وذ‪ 7Y6a
7

7‬م
‬
‫א —‪
6Q
3œ`Z‬א‪
 /‬و?&‪ L
Y‬د

‪h
=b‬ق‪K‬‬
‫و‪ 77Sp‬ط
‪x778
77‬א
א‪77I‬ع
‪
77‬א‪77
y77bI6
ƒ 77/‬م
‪
y77r‬א
]‪
- 77‬א‪
77`r/‬‬
‫‪?
،EAttachmentsF‬و
א‪/‬وאš
‪
ELinksF‬א
د‪
M
+‬א‪a
 /‬ذא
‪
(O
 ‬א‪

K
7L
 /‬‬
‫‪
- ] r‬א‪7(O
L
`r/‬ن
‪gr‬و‪
،
- 7‬وא‪/7‬وאš
‪7O
7L‬د‪gr
7ž
za
J‬و‪?
،
- 7‬و
‬
‫‪
za
`IO‬א‪

K b
dL‬‬
‫

‬
‫‪ 2.2.2‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﱐ‪ :‬ﺧﺎﺩﻡ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﻔﺘﻮﺡ )‪(Open Mail Rely‬‬
‫–

אدم
א‪
6‬א)('و&‪
ƒ =
3`O
%‬א‪
6‬א)('و&‪
=7b
J?

%‬‬
‫ ن
‪
za
8/6/‬אدم
? ‪
،\/‬و‪
fx8‬א"‪
M
7Y
w&
`6/‬א‪ 76‬م
אو‪
(37
z‬‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 32

O
 ‫(
א‬3‫
א‬6‫ د‬4‫אً
`
א‬/c&
%&‫
א)('و‬6‫ ل
= 
א‬b6a
‫ ن‬,
 ‫א‬

‫ دم‬7®
‫ ل‬7bO$‫
א‬U74
=‫ د‬7L
g7
 7/‫
א‬m7I
-=7#
Jx7
‫ دم
א‬7“‫ ن
א‬7
‫{ذא‬r
،‫ م‬6‫א‬

‫ دم‬77
77
0776/L
‘77]
/77 †
‫ دم‬77
za
C 77b6a
m77& ({
77L‫
א‬U774
m77&{r
œ3œ`77Z— ‫א‬

K
/7 †
w7L‫
و‬M
 /‫ ل
א‬b6a
M
‘]‫
^ دم
א‬,r?
#/r
E I8
‫(ن‬r
،œ3œ`Z— ‫א‬

g7
ƒ 7/‫
א‬%
7
œ /
}
73
L
7
Cp7‫
‹
א‬I?
+/h
w(W
‫
א'א‬M
‡‫
א‬fx8

7S]
‫אدم‬7
‫ن‬7(O
76@‫אدم
א‬7“‫
א‬7

ًp7L
ً‫د
א‬74
‫{ن‬7r
x7
ً‫א‬/c&‫؛
و‬/‫א‬

E 7I8
‫
ن‬7S]‫
אدم
א‬7“‫
א‬7
7‫ ƒ
א` د‬7/‫
א‬3`6$
6@‫

א“אدم
א‬6‫وא‬
./
g
ƒ /‫
א‬fx8
‫(ن‬O
‫ ً
Šن‬6L
ً$ S‫א‬

‫ ﺍﻟﺮﺳﺎﺋﻞ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ ﺍﳌﻌﺘﻤﺪﺓ ﻋﻠﻰ ﺍﻟﺼﻮﺭ‬:‫ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﻟﺚ‬ 3.2.2

(Image-based Spam)

J‫ 
] د‬/‫
&”
א‬M
=b‫
א^אم
א‬za
/‫
א‬g
ƒ /‫
א‬
œ /}
ŠV6

7P8
U74
”I7‫
א‬7,O
<76

7Yr‫
و‬،%7bI‫\
א‬7o‫
א‬U74
+7‫]
א‬7b‫
א‬4


K /‫
&’”
א‬M
+=#

‫م‬77 ?
W /77W
mO=77#?
2006
‫ م‬77
1
7 /‫
א‬g77
ƒ 77/‫
א‬/776/`O
/77Y•?

w7
=7b‫
א‬U74
+‫
א‬،/‫
א‬g
ƒ /‫
א‬3Z&
‫
?ن‬2 ECommtouchF
?O

7
% §a

٪70
w(Y‫
א‬Y&?‫
و‬/‫
א‬g
ƒ /‫د
א‬4
% §a

٪35

7/‫
א‬g7
ƒ 7/‫
א‬7
Y7Z‫
א‬EData Traffic BandwidthF
- 7& 3‫

א‬r7O
+ 7IL
(1) 2006 Spam Trends Report: Year of the Zombies, December 27, 2006,
Commtouch® Software Ltd.,
(http://www.commtouch.com/documents/Commtouch_2006_Spam_Trends_
Year_of_the_Zombies.pdf)

%&‫
א)('و‬6
- ‫
?
א‬- k/
M
bb^
 /W
%8

E2F
Ehttp://www.commtouch.comF
 33

‫
א
وאאא
אد‬W
‫אد
א و‬

KEw6  V
1,700,000,000F
w6 
‫א‬gO
1700

W7
+=`‫א‬

‫ ق‬7"&
7
EpY7‫
א‬37Z&
d7r=
ƒ /‫
א‬fx8
M
=b‫
?ن
א^אم
א‬3O
L‫و‬

،
Y7…‫
و‬7Yc]@
EBytesF
- 76 3‫
א‬7
g3
‫د‬4

=b‫
א‬m3"O

- & 3‫
א‬rO



KETextF
‫ص‬bI 
&= `
Optical Character Recognition – F
ƒ7n
_‫و‬/7@‫
א‬U74
_/7‫
א‬4 7Z6
7L

EpatternsF
/8 77c‫
א‬U774
_/77
Eheuristic methodsF
7736/V‫ق
א‬/77"‫وא‬ EOCR

ƒ 7/‫
א‬7
‫ع‬7I‫
א
א‬x78
7
J7b‫
א‬M
‫ ƒ
(
‰ود‬/‫]
א‬bO
M
^Z‫א‬


K
=7#
7P8
U74
‫ص‬7bI‫
…
א‬M
+`
ً$ (W?
x ?
Yc
‫
ن‬،/‫
א‬g


W‫
א ل‬3
Ur
K =
(
<V@‫”
وא‬I‫(
א‬W‫
אن
و‬gO

•
K_‫و‬/@‫
א‬br

•
K/
 =
(
FŽ
‫
ن‬+=b‫
א‬U4
&
d`
dn‫•

و‬


K /i‫=
א‬b‫•

א^אم
א‬

7 ?
‫^אم‬7 r
،/‫
א‬g
ƒ /
Jb
r
wZ
8S‫]
و‬b‫א‬

M
77 r
77V&
%"7
،77/
‫
א‬g7
ƒ 77/
+‫ د‬7,‫
א‬-‫א‬.‫א‬/77
)‫
א‬7
77(¯
=7L


K(¯
=L
L?
za
/‫
א‬g
ƒ /‫א`

א‬

7
،
š7`r
=7b 
”I7‫ج

א‬B7

7I4
7/‫
א‬g7
ƒ 7/‫
א‬%œ/}
FL6$

ƒ 7h‫
א‬- 7]
M
”I7‫
א‬7,
،
\/7 ?
- ]
- P8
¥#
‫
א^אم‬za
\6
Microsoft F
?
wr7‫و‬/(6 ?
7
0(‫
א‬q‫א‬/
- ]
¥#
za
‫
?و‬،EPDFF
o‫א‬


KEXLSF
‫
و‬EDOCF

EOffice



 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪34‬‬
‫‪ 4.2.2‬ﺍﻷﺳﻠﻮﺏ ﺍﻟﺮﺍﺑﻊ‪ :‬ﻫﺠﻤﺔ
ﺍﻟﻘﺎﻣﻮﺱ )‪(Dictionary Attack‬‬
‫ ‪
7‬א‪

g77
776‬א‪
H77/‬א`‪ 77‬س
‪ 77I4
77l
M‬و‪
776/
6‬‬
‫‪^77Z6
77L‬م
}‪œ /‬‬
‫‪'(a‬و&‪
،‬وذ‪
. 7˜?
r 7na
76/Œ
74
7‬ذא‪
+=Y7
- 7L "&
. 7˜
U7I
-‬؛
‬
‫و‪
fxY‬א"‪(6
`6/‬ن
‪ I4‬و‪'(a
6/
6‬و&‪

K‬‬
‫א˜ ‪
.‬א‪ 4
VI‬د‪(O

+‬ن

‪ L‬س
˜‪
. 7‬و
?`‪

K
+=Y7
H 7‬و‪
U7S‬‬
‫‪a‬ن
&‪
<c
w‬א˜ ‪
.‬א‪

g
VI‬د‪
M
+‬אא‪?
$a
dL‬ن
א‚‪Y‬د
‪
iZ6‬א‪x3‬ل
‪
M‬‬
‫‪
l‬و
‪4‬د
‪

L‬א‪ I‬و‪
6‬א‪
Π7Z
za
/cI 7
iib‬א"‪ 7°a
M
7`6/‬د
‪
fx78‬‬
‫א‪ I‬و‪

K6‬‬
‫و )( ن
א‪
U74
_/7‬א‪ 7I‬و‪
6‬א‪
74k
7

"7I‬א‪ 7I‬و‪
6‬א‪
7
7VI‬‬
‫א` س‪
،‬ن
א‪/7‬د
‪
U74‬א‪?
،
 7/‬و
‪
d73O‬א‪/7‬אš
א‪

”7’&
M
7,‬א‪
%7"6
 7/‬‬
‫‪ 7=a
7I4
m^7Z6

7‬ل
‬
‫
‪?
U4‬ن
‪
6/‬א —‪
7°
،
š7&
3œ`Z‬א —
‪œ /‬‬
‫د‪œ /} 
$‬‬
‫א‪

6B‬א‪

K/
g
ƒ /‬‬

‫ﺍﻹﺟﺮﺍﺀﺍﺕ ﺍﳌﻀﺎﺩﺓ ﻟﺮﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ‬ ‫‪3.2‬‬

‫‪x8
L I6‬א
א‪
FŽ

.BX‬א)
‪/7‬א‪.‬א‪
-‬א‪ 7,‬د‪
ƒ 7/
+‬א‪
76‬א)('و&‪
g7
%7‬‬
‫א‪K/‬‬
‫

‬
‫‪ 1.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻷﻭﻝ‪ :‬ﺍﻟﺘﺼﻔﻴﺔ
)‪

(Filtration‬‬
‫‪77(O‬ن
‪
]77bO‬א‪
ƒ 77/‬א‪
776‬א)('و&‪ 77?
U774
%77‬س
?‪B77
?
77S‬א‪
.‬א‪
 77/‬‬
‫א ‪

W‬‬
‫•

?‪/O
- 77&(
77S‬و‪?=
77Z6‬س
א‪
،EHeaderF
 77/‬و‪77I4
77YI‬אن
א —‪
77œ/‬‬
‫‪

K
EFromF‬‬
35

‫
א
وאאא
אد‬W
‫אد
א و‬

K
ESubjectF
 /‫ع
א‬n

•


K
EBodyF
 /‫•

&’”
א‬

7

7r² /± 
— ‫<
א‬7`‫
\
א‬7Sa
d7
‫ دم‬7`‫
א‬76‫ ƒ”
א‬7b
\7Sa
w` "O
‫{ذא‬r


‫
=?س‬77Z6‫
'و‬377ZI 
+‫د‬77‰
<77L
‫
?و‬،
7 &‫('و‬a
776/
6‫ و‬77I
77Y&?
U774
]77b‫א‬

‫{ن‬77r
”’I7‫ع
?و
א‬77n
377ZI 
Eregular expressionsF
77rŠ
-‫א‬g377O
‫ 
?و‬77/‫א‬

K‫
אא=د‬6‫א
א‬x8
‫א=אً

Šن‬/L
x^6
‫א“ دم‬

7YI(
،7/‫

א‬g7
ƒ 7/
J7b
7`3"‫
א‬-‫א‬.‫א‬/
)‫
א‬/ ?
%8
]b‫א‬

7
7#
،
]7b‫
א‬74
7Y4
+7‫א&
א‬7`
-‫ وزא‬7V‫

א‬6
n/4

&‫א‬77L
M
6g377 ‫`
و‬77L‫(&ن
د‬6 77
+‫ د‬774
6x77‫
א‬77/‫
א‬g77
ƒ 77/‫
א‬%77/
K1 ]b‫א‬



Black lists ) ‫ ﺍﻟﻘﻮﺍﺋﻢ ﺍﻟﺒﻴﻀﺎﺀ ﻭﺍﻟﻘﻮﺍﺋﻢ ﺍﻟﺴﻮﺩﺍﺀ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﱐ‬2.3.2
(/ White lists

- 77L "&
. 77˜?
‫
?و‬،
7 &‫('و‬a
776/
6‫ و‬77I4
U774
.‫دא‬77Z‫
א‬77ƒ `‫
א‬J77ž

7776/
‫אدم‬77“EIP addressesF
w777&'&$‫ل
א‬777 O‫و‬/
6‫ و‬777I4
‫
?و‬EDomain NamesF

‫ل‬p7
7
=‫و‬/ 
6‫ و‬I‫
א‬O

‫ ƒ
א)('و&
א` د‬/
y’ Z6}$
،&‫('و‬a

77S?
d77
‫ دم‬77`‫
א‬%77&‫
א)('و‬776‫ ƒ”
א‬77b
\77Sa
w77` "O
‫{ذא‬77r
Kœ3œ`77Z— ‫ دم
א‬77“‫א‬

za
=‫و‬/ 7
m7
y
’ 7Z6}$‫
و‬،
.‫دא‬7Z‫
א‬7ƒ `‫
א‬7
‫(ن‬6
m&{r
L‫
א‬U4
ƒ `‫
א‬/# I4


Kœ3œ`Z— ‫
א‬6/

(1) M. Gupta, C. Shue, "Spoofing and Countermeasures", Book chapter in "Phishing and
Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft",
edited by Jakobsson and Myers, 2006, Wiley.


‫
א
وאאא
אد‬W
‫אد
א و‬ 36

ƒ 7/‫]
א‬7b

3œ`7Z}

37ZI 
%7&‫
א)('و‬76‫ دم
א‬7
‫אد‬4a
‫ )( ن‬

]I7b‫ ƒ
א‬7/‫–
א‬r/
f‫אد‬4a
(
ً ,6?‫
و‬،.‫دא‬Z‫
א`אƒ<
א‬U4
‫ د‬4$ 
‫א` د‬
Junk F
77

+‫ د‬74
_/6
œ3œ`Z— ‫
א‬H ZS
M
‫ ص‬
k
z‫
א‬Y`&
‫
?و‬.‫دא‬Z‫
א` ƒ
א‬

 /‫
א‬. `{
a
œ3œ`Z}
 @‫
א‬fx8
M
=‫א‬/`‫
א‬E/O‫
و‬ESpamF
‫
?و‬EBulkF
‫
?و‬EE-Mail


K YrxS
‫?و‬

776 r

K.‫دא‬77Z‫אƒ<
א‬77`‫
א‬77
ً 7  …
N77(‫
א‬U774
%77Yr
. 77,3‫אƒ<
א‬77`‫
א‬77?

\77Sa
w77` "O
‫ذא‬a
=‫و‬/ 77
m77
y’ 7 Z6}
،
.‫دא‬77Z‫
א‬77ƒ `‫ 
א‬77Œ
‫ن‬a‫
و‬U77S
،‫ دم‬77`‫א‬

7
7 Š‫ ن
א‬7,
7‫
وذ‬،
7L‫
א‬U74

. 7,3‫
א‬7ƒ `‫
א‬/7# I4
7S?
d
mbƒ b

m]IbO
‹
‫ن‬a‫
و‬US
،œ3œ`Z— ‫
א‬6/
H ZS
za
Y
_‫א‬/Œ?

‫
א` دم‬6‫ل
א‬#‫و‬

%
78
. 7,3‫אƒ<
א‬7`‫^אم
א‬77
$
\/7 ?
7`6/Œ

E 7I8‫

و‬K
.‫دא‬77Z‫
א‬7ƒ `‫
א‬7n
7

M
+‫د‬7o‫אدم
א‬7“‫
?و
א‬- 7L "I‫
?و
א‬6‫ و‬7I‫
א‬7
7‫
א` د‬76‫ ƒ
א‬7/
š`r
‘ Z‫א‬

. 7,3‫
א‬7ƒ `‫
א‬7n
7
FI7bO
 
t7‫ ƒ
א‬7/‫
ذ

א‬g‫
و‬،. ,3‫א` ƒ
א‬

7`6/Œ
M
7
،‫^œ
م‬7Z
— ‫
א‬H 7ZS
M
‫ ص‬7“‫
א‬7‚‫
א‬za
C 7b6a
‫
?و‬Y7,r=
<76
m&{r


K.‫دא‬Z‫]
 ^אم
א`אƒ<
א‬b‫א‬

]Ib‫ ƒ
א‬/‫_
א‬xS

J‫
`
^ دم‬-‫אدא‬4{‫
و‬J
‫
א“ دم‬/6
‫{( ن‬

U774
ً‫
א‬. 7I
œ3œ`77Z
— ‫
א‬H 7ZS
M
‫ ص‬7
77k
za
Y7`&
‫
?و‬.‫دא‬7Z‫
א‬77ƒ `‫

א‬7

ً 7 °a

. 7I‫
و‬،
.‫دא‬7Z‫
א‬7ƒ `‫وط
א‬/7
3ZI 
+‫ 
אא=د‬/‫<
א‬±²̀ O}
vS
EscoringF
<`‫א‬

7
=‫
د‬w&
‫ذא‬a
+‫ د‬4‫

و‬K Y`&
‫ 
?و‬/‫_
א‬x³
=‫א‬/`‫
א“ دم
א‬x^6
<`‫
د=

א‬U4

‫
?و‬Y7,r=
<76
m7&{r
، 7/‫
א‬U74
w7`3"&‫
א‬L
‫وط‬/‫<
א‬c
‫ن‬a
J?
، 4
<`‫א‬

7

ًp7L
ً‫د
א‬74
‫
?ن‬J?
،7&œ
}
<7`‫
א‬7
=‫
د‬w&
‫{ذא‬r
KN( 
N(‫

وא‬K YrxS


Kœ3œ`Z— ‫
א‬H ZS
M
‫
א‚
א“ ص‬za
Y`&
<6
m&{r
، /‫
א‬U4
3"&‫
א‬L
‫وط‬/‫א‬
 37

‫
א
وאאא
אد‬W
‫אد
א و‬

g7
ƒ 7/
J7b
7r
g7
87S‫
و‬. 7,3‫אƒ<
א‬7`‫
وא‬.‫دא‬Z‫א`אƒ<
א‬

7`O
7Y&{r
. ,3‫
`אƒ<
א‬3ZI3 r

Kً ƒ bSa
YI
`‫
א‬M
4 ZO
´a
‫
و‬،/‫א‬

ƒ 77/‫<
א‬7c
‫'אض
?ن‬r 7
Efalse positivesF
77‫
א( ذ‬7 °
)‫
א‬qƒ 7I‫
א‬µ‫و‬7S
7

<ƒ‫א‬7`‫^אم

א‬7‫ ً

א‬7,6?‫
و‬،œ
7œ/— ‫

א‬r/± } ‫
و‬+g#
4k

'
/‫א‬

Kƒ /‫]
א‬bO
M
.‫دא‬Z‫ &

א` ƒ
א‬h
S/
. ,3‫א‬

Commercial ) ‫ ﺍﻟﻘﻮﺍﺋﻢ ﺍﻟﺒﻴﻀـﺎﺀ ﺍﻟﺘﺠﺎﺭﻳـﺔ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﻟﺚ‬3.3.2

(Whitelists

776‫
א‬77
‫œم‬7 `
}
77
‫`
?و‬77Z
- 77Y

"77‫ ع
א‬773}O
<ƒ‫א‬77L
77c&?
%778



Kœ3œ`Z— ‫
א‬za
f6/
‫ل‬#‫ ن
و‬,

œ /— ‫
א‬mr6
% 
¥3
 `
%&‫א)('و‬

،EscoringF
<777`‫
א‬%7778
777c&
‫
א‬fx7778
777
M
^777Z‫
א‬0 777‫
א‬777

=77b
77
77Y&Š
 77/‫ ”
א‬/77O
77‫
ذ‬U774
. 77I‫
و‬،
EcertificatesF
-‫ دא‬Y77‫وא‬


Kœ3œ`Z— ‫
א‬6/
za
=‫و‬/ 
yVIO‫
و‬،‫ق‬h

(Integrity Check) ‫ ﺍﻟﺘﺤﻘﻖ ﻣﻦ ﺍﻟﺘﻜﺎﻣﻠﻴﺔ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺮﺍﺑﻊ‬4.3.2

M
‫^’
م‬7Z6
}
Jx7‫
א‬ESMTPF
š7Z3‫
א‬76‫
א‬7`&
‫ل‬7 O/
‫&
 ` ً
?ن‬/ ‫ 
ذ‬

67777b‫
א‬7777#
7777`]6
7777 ‫(
א‬37777‫
א‬U77774
%7777&‫
א)('و‬77776‫
א‬7777‫א‬/O
œ /— ‫אن
א‬77I4
% 77 ‫

و‬،EAuthenticationF

‫ ً
?و‬ii77#
‫ن‬77(6
‫
?ن‬+=‫و‬/77, 
N77

K7

76/
‫אن‬7I4
J?

7œ/
— ‫
א‬7`S
M
d7,6
”^W
J
(r،
œ /— ‫
א‬b^W
N(6

774
77/‫
א‬g77
ƒ 77/‫ ل
א‬77=a
M
Cp77‫
‹
א‬77I‫
א‬+/77‫
א‬fx778‫
و‬،%77&‫('و‬a


.EspoofingF
‫ ل‬S$‫
א‬6/Œ


‫
א
وאאא
אد‬W
‫אد
א و‬ 38

‫
=?س‬7Z6‫و‬/O
7ž
6/Œ
4
 (‫`

א‬i
ƒ /‫”
א‬ir
‫ )( ن‬

d77
EFromF
?77?
777‫
א‬77`S
M
= x77‫
א‬77
œ /— ‫אن
א‬77I4
77&= `‫
و‬،EHeaderF
 77/‫א‬

M
4 77ZO
77`6/"‫
א‬fx778

KEReceivedF
?‫
?وא=د‬77`@‫
א‬M

7 Z6‫و‬/O
M
+‫د‬77
‫
א‬77`‫א‬


K1 /‫
א‬g
ƒ /‫א  _
א‬
‫ ﲢﻮﻳﺮ ﺍﻟﻌﻨﻮﺍﻥ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﳋﺎﻣﺲ‬5.3.2

(377‫
א‬- i]77#
M
w77&
.‫א‬77
،
7  ‫
א‬d77L‫
אא‬M
J776‫אن
א‬77I‫
א‬77 

q‫א‬77
77n/4
Y77°
778g
‫
?و‬،‫ ش‬77`I‫
א‬- 774k
‫
?و‬،77h‫ د‬o‫_
א‬/77
‫
?و‬،77 ‫א‬

g77
776‫ ل
א‬77=a
M
‫^م‬77ZO
t77‫
א‬%77&‫
א)('و‬776‫
א‬6‫ و‬77I
77‡‫
א‬d77V‫א‬

7
7
7Y§
J‫ د‬7]
%7&‫
א)('و‬6‫אن
א‬I4
/6ž
.‫א‬/
a
/Y•
‫א‬xC‫

و‬KH/‫א‬


K ‫
א‬dL‫
אא‬M
J6‫
א‬m&‫א‬I4
 (
”^‫
א‬/"n‫ذא
א‬a
q‫
אא‬fx8

77(‫
?@?
وא‬B/
7 ?at?
W
7(‫אل

א‬377‫
א‬.‫א‬/7
)‫
א‬fx78
U74
7‫
א‬7

،?xyz at abc dot com?
/67i‫
א‬7
y37bO
?xyz@abc.com?
‫ ل‬7
?K?
"`I 
،?dot?

_/7‫
א‬7
%7‡‫
א‬%7&‫
א)('و‬76‫
א‬6‫ و‬7I4
d¤
q‫א‬/
d"ZO$
`6/"‫
א‬fxY‫و‬


K‫אن‬I‫ ل
א‬b6‫
א‬M
‫ض‬/‫
א‬-‫
?د‬L
‫(ن‬O
Y&{r
 ` 
،m4

M
ً
7b&
ً‫
א‬B7=
%&‫
א)('و‬6‫אن
א‬I4
 
.‫א‬/
)‫
א‬fxC
\/ ‫
א
א‬


K‫אن‬I‫
א‬U4
_/‫
א‡
א‬dV‫
א‬q‫א‬/
U4
=x6
%  ‫
و‬،+=#
F

‫ ﻋﺪﻡ ﺍﻟﺮﺩ ﻋﻠﻰ ﺍﻟﺮﺳﺎﺋﻞ ﻏﲑ ﺍﳌﺮﻏﻮﺑﺔ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺴﺎﺩﺱ‬6.3.2

EBulkF
g3
‫
د‬C =a
<6
/‫
א‬g
ƒ /‫{ن
א‬r
F6/‫
א‬M
&/ ‫ 
ذ‬


–7
za
،
/67`O
7L?
U74
7‫
و‬، C#‫
?
و‬U4
ƒ‫
אא‬66‫
א‬6‫ و‬I‫
א‬

(1) Technologies to Combat Spam, Thomas A. Knox, GIAC Security Essentials

Certification (GSEC) Practical Assignment, Version 1.4b, Option 1, June 16, 2003,
SANS Institute 2003.
‫‪39‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫
د‪?
U74
7$‬ن

א‪/7‬د
‪ 7L‬دم
‬
‫‪
fx8‬א‪ I‬و‪
K6‬א‪/‬د
‪
U4‬א‪
g
ƒ /‬א‪
%"6
/‬א —‪œ /‬‬
‫
‪I4‬אن
&š
و‪

K/
g
\/ ?
3`Z
ƒ =
M
mZr
،%``S‬‬
‫‪
N]I‬א"‪{r
`6/‬ن
–
א‪
g
ƒ /‬א‪=
U4
Jž
/‬אš
)زא
‪7I4‬אن
‬
‫
)‪ =a
_ `6‬ل
א‪
ƒ /‬א‪
3`Z‬א ‪
7L
،
\/7‬‬
‫א —‪

œ3œ`Z‬א` ƒ
א‪œ /} 
66‬‬
‫‪(6‬ن
א‪
_C‬א@``‪

%‬و=א‪x8
.‬א
א‪/‬אš
‪a

6ž
8‬ذא
ن
‪I4‬אن
א —‪
ً "&
œ3œ`Z‬‬
‫?م
‪

K$‬‬
‫?‪
ƒ =
d
 
`6/Œ
,r‬א‪
g
6‬א‪74
8
/‬م
‪
7Yir‬وא)‪p7‬غ
‬
‫‪
M
\/I

، YI4‬א)
‪/‬א‪
.‬א‪ ,‬د
א‪

Kd Z‬‬

‫‪ 7.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺴﺎﺑﻊ‪ :‬ﺍﻹﺑﻼﻍ ﻋﻦ ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﻏـﲑ ﺍﳌﺮﻏﻮﺑـﺔ‬

‫)‪(Spam Reporting‬‬
‫‪
4 Z6
L‬א)‪p‬غ
‪
ƒ 7=
4‬א‪
g7
76‬א
‪
M
7/‬א`‪
7YI
7‬وא‪
J7b‬‬
‫‪
<6
K C‬א)‪p‬غ
‪
fx78
74‬א‪ 7bO$ 
ƒ 7/‬ل
™`‪7‬م
‪
7‬א‪
76‬א)('و&‪

7œ/
—
%7‬‬
‫א‪
g
 /‬א‪
7(
K
7/‬א‪7`
U74
_/7‬م
א“‪
7
7‬א‪
<7‬א‪ 7"I‬ق
‪
M‬א‪7I‬אن
‬
‫א‪

Kœ/}
J6‬و 
‹
ذ ‪{7r

ً ` 7
f/7‬ن

א‪
<7‬א‪ 7"I‬ق
‪
78‬א‪
.B7X‬א‪
7
%OŠ76
Jx7‬‬
‫‪77I4
M
?@?
W77p4‬אن
א‪
776‬א)('و& ‪
ًp77r

K
%7‬א‪
<77‬א‪ 77"I‬ق
‪77I‬אن
א‪
J776‬‬
‫?‪ 7() 

?abc.com?
8
?xyz@abc.com‬ن

א@‪7b‬ل
‪
- 7& 
U74‬א‪ 7bO$‬ل
‪
J‬א
‪
<7‬‬
‫&" ق

دم
?‪
 
m§/O
–
1 ?WHOIS‬א‪(6
?
/‬ن؟?
‪x78
،
J‬א
א“‪ 7‬دم
‬
‫Ÿ‪
VZO
- & 
+4 L
J‬א‪

K- L "I‬‬

‫‪ bOp E1F‬ل
‪xY‬א
א“ دم
‪B6‬م
و

د
وא
‪
Y‬א^אم
‪pp
”bŽ
3"O
6/Œ
4
a‬م‪?
،‬و
‪
4‬‬
‫
א‪p$‬م

‪. Ewhois.netF

WdL‬‬ ‫Œ‪
S?
6/‬אא‪
U4
dL‬א‪
(3‬א 
א‪`O
t‬م
‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 40

7 6
Jx7‫
א‬%7&‫
א)('و‬76‫غ
}`œم

א‬pa
8

‫غ‬p›
/ †
\Z
E I8


U7 r
=‫
אز=א‬77S?
”77bl
^77Z‫غ
א‬p77)‫ق
א‬/77Œ
77
Kœ3œ`77Z— ‫
א‬776‫
א‬0S 77#
m77

- 7p
‫ دم‬7“‫
א‬7I4

d7VO
I4
K‫غ‬p›
%&‫
א)('و‬6‫
א‬4
M
‫^œم‬Z— ‫
א‬Y
‫وא‬

‫
?و‬،
 7/‫
=
א‬¹7b
}
‫ دم‬7“‫غ
א‬pa
YI
،#
-‫א‬.‫א‬/
a
x^6
m&{r
mZ]&
6‫
א‬U4
+g



K\/ ?
ƒ =
‫= ل‬a

ًp3`Z
(6
pr
،.‫دא‬Z‫
א` ƒ
א‬M
œ/— ‫אن
א‬I4
dn‫و‬


7œ/}

‘ 76‫
و‬،7

7S
za
7 r
7/‫
א‬g
ƒ /
+‫ د‬,‫`
א‬6/"‫
א‬fx8


K/ †
‫
א^אم
א<
&" ق‬%  ‫
و‬،/ †

‫
`م‬za
‫&` ل‬$‫
א‬Cp


776‫
א‬77
773L
77
77‫
א‬E1
J2F
(77‫
א‬M
1 %& 773‫<
א‬77/‫
א‬y77n6

7773L
‫ دم‬777“‫
א‬za
‫ دم‬777`‫
א‬H777/‫
א‬g777
7776‫
א‬3777Z&
،
2 EGmailF
%777&‫א)('و‬



،]7777777b‫א‬

‫ﻠﹶﻎ ﻋﻨﻪ‬‫( ﻧﺴﺒﺔ ﺍﻟﱪﻳﺪ ﻏﲑ ﺍﳌﺮﻏﻮﺏ ﺍﻟﻘﺎﺩﻡ ﺇﱃ ﺍﳋﺎﺩﻡ ﻗﺒﻞ ﺍﻟﺘﺼﻔﻴﺔ ﻭﻧﺴﺒﺔ ﺍﻟﱪﻳﺪ ﻏﲑ ﺍﳌﺮﻏﻮﺏ ﺍﳌﹸﺒ‬1-2) ‫ﺷﻜﻞ‬
(gmail.com ‫)ﺍﳌﺼﺪﺭ‬

(1) mail uses Google's innovative technology to keep spam out of your inbox”,
gmail.com, (http://www.google.com/mail/help/fightspam/spamexplained.html),
December, 2007.
. Egmail.comF
 ‫(
א‬3‫
א‬U4
„3
%&‫('و‬a
6/

‫

`م‬E2)
‫‪41‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫و&‪
3Z‬א‪
g
6‬א‪
H/‬א‪
3L

mI4
¥3‬א —‪

Kœ3œ`Z‬‬

‫و 
}‪
/Yº c6‬א‪
</‬א‪{r
%& 3‬ن
&‪
3Z‬א‪
g
6‬א‪
H/‬א‪
7L?
(7O
m7I4
¥73‬‬
‫
‪4
% §a

٪1‬د
א‪
g
ƒ /‬א‪

K/‬‬
‫

‬
‫‪ 8.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﻣﻦ‪ :‬ﺍﻟﺘﻘﻴﺪ ﺑﻮﺛﻴﻘﺔ ﻃﻠﺐ ﺍﻟﺘﻌﻠﻴﻘﺎﺕ ﻟﱪﺗﻮﻛﻮﻝ ﻧﻘﻞ‬
‫ﺍﻟﱪﻳﺪ ﺍﻟﺒﺴﻴﻂ
)‪(SMTP RFC‬‬
‫‪’^77Z6}
77L‬م
א‪
77
77`i‬א"‪
- 773‬א]‪
77I‬و‪77 O‬ل
&`‪
77‬א‪
776‬א‪
š77Z3‬‬
‫‪
M
ESMTPF‬א‪
6‬אא=د
`

א‪
g
ƒ /‬א‪
7/‬א` د‪
7
7‬א“‪7‬אدم
א‪
t7‬‬
‫‪
fxY
`O$‬א"‪
K
- 73‬א‪
%
7œ/}
7
76‬א‪
g7
76‬א‪^7Z6
H7/‬ن
‪/7‬א‪
q‬‬
‫=د‪?
،P6‬و
‪
<Y4 " 
N‬א`‪
- 73" 
7‬א
]‪
7I‬و‪7 O‬ل
&`‪
7‬א‪
76‬א‪

š7Z3‬‬
‫‪
`
ESMTPF‬א‪
M
<Y6
<(i‬א“ دم
א‪/6
Jx‬ن
‪
mI‬وא‪ 4
Jx‬د‪(6 7
+‬ن

‪ 7Y‬ز
‬
‫‪
‹
in‬א 'א‪KEHackersF
/Ž
3L

mL‬‬
‫

‬
‫‪Fake MX‬‬ ‫‪ 9.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺘﺎﺳﻊ‪ :‬ﺳﺠﻼﺕ ﺗﺒﺎﺩﻝ ﺍﻟﺮﺳﺎﺋﻞ ﺍﳌﺰﻳﻔـﺔ
)‬
‫‪(Records‬‬
‫?‪

7S‬א)
‪/7‬א‪.‬א‪
-‬א‪ 77,‬د‪
+‬א] ‪
M
7 
±‬א‪
ƒ 77/
J7b‬א‪
76‬א)('و&‪
g77
%7‬‬
‫א‪
8
/‬و‪ 3O
-pV
dn‬دل
= ƒ
‪=
7I4
]6B‬د
‪ 7‬دم
?˜‪
. 7‬א‪
U74
- 7L "I‬‬
‫Œ‪
0‬א‪p‬م
‪
4‬אدم
א‪
6‬א)('و&‪ "&
<$
%‬ق‪

K‬‬
‫و 
ذ ‪ c&?
Wbr
M
&/‬م
א‪
76‬א)('و&‪{7r
?
%7‬ن

‪
d7

ً 7,]O

7L=
E 7I8‬‬
‫ 
‪
M
V‬א‪/‬د‪
،‬و?ن
א‪/‬ض

‪x8‬א
א‪
07O/O
8
<L/‬א“‪7‬אدم
‪ 7
7(r

K‬ن
=‪
<7L‬‬
‫א]‪
w7&
/#?
,‬א‪
7 S‬א‪
7#O
M
7 ?
‘ 7VI‬א‪

K
 7/‬و‪x7C‬א
‪{7r‬ن
א“‪ 7‬دم
‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪42‬‬
‫א —‪ Ÿ
œ/‬ول
א‪ bO$‬ل
?و‪
d
ً$‬א“ دم
ذ‪
J‬א‪
<L/‬אد&‪{r
،U‬ن
‪
yVI6
 ‬א‪ bO$‬ل
‪
m7‬‬
‫‪ Ÿ
m&{r

03Z‬ول
‪
d‬א“ دم
א‪Km6
Jx‬‬
‫‪ 4&
E I8‬ن

א‪
-pVZ‬א‪ 4$ 
]6B‬د
‪
U4‬א‪
<L/‬א]‪

WVZ
%,‬‬
‫

‬
‫• ﺳﺠﻞ ﺗﺒﺎﺩﻝ ﺍﻟﺮﺳﺎﺋﻞ ﺍﻷﺩﱏ ﺍﳌﺰﻳﻒ
‬
‫)‪(Fake Lowest MX Record‬‬
‫‪774Š

7‬אد
‬
‫&‪/7c‬אً

"‪
ƒ 7=
73‬א‪
76‬א)('و&‪
g7
%7‬א‪’ /O
}
7Y&
M
7/‬‬
‫‪ 774{
877‬د‪ ‰
+‬و‪
77‬א‪ 77bO$‬ل
®‪ 77‬دم
א‪
776‬‬
‫ ‪
،+g377‬و‪
077?
M‬א‪ 77S‬ن
‪œ /}
<77Y6
$‬‬
‫א)('و&‪ S
M
%‬ل
‪
r‬א‪ bO$‬ل‪`I6

،‬ن
‪
za‬א‪I‬אن
א‪
J6‬א ‪

K%‬‬
‫‪ 3O
V
,O
\b6‬دل
‪


/#?
%,]O
<L/
F6B‬א‪
M
-pV7Z‬‬
‫א‪/77‬د
‪ 77
773L
77‬دم
?˜‪
. 77‬א‪
077Œ
U774
- 77L "I‬א‪
p77$‬م
‪77
774‬אدم
א‪
776‬‬
‫א)('و&‪ "&
<$
%‬ق
»
(
‪ ± r‬ل
‪
g
ƒ /‬א‪

K/‬‬
‫‪?
0°‬ن
‪ 73O
V7
/W6‬دل
א
‪
ƒ 7/‬אد&‪
U7‬א‪7I4
za

F76B‬אن
‪ 7‬دم
&‪
š
7‬‬
‫‪x77CEPort‬א
א“‪ 77‬دم
`‪ 77,
ً 7‬ن
א‪p77‬م
א‪
ƒ 77/‬‬ ‫‪77(6
v77³‬ن
א‪25F
25
<77L=
x77]I‬‬

‫א‪
4
š`r
/‬א“אدم
א ‪

K\/‬‬
‫

‬
‫• ﺳﺠﻞ ﺗﺒﺎﺩﻝ ﺍﻟﺮﺳﺎﺋﻞ ﺍﻷﻋﻠﻰ ﺍﳌﺰﻳﻒ
‬
‫)‪(Fake Highest MX Record‬‬
‫‪
œ/}
.J36
L‬א‪
g
ƒ /‬א‪ ‰
/‬و
א‪ bO$‬ل
‪
d7‬א“‪ 7‬دم
ذ‪

J‬א‪
<L/7‬‬
‫א]‪
%,‬א‪

ً$
U4‬א“ دم
ذ‪
J‬א‪
<L/‬א]‪
%,‬אد&‪ S$
U‬ل
‪7
78
g37‬ن
‬
‫א“ دم
ذ‪
J‬א‪
<L/‬א]‪
%7,‬א‪
U74‬د‪
ً
7‬א‪/7
d7
ً
7Œ S‬א‪
7ir (
74 r
7L?
q‬‬
 ‫‪43‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫א‪
g
ƒ /‬א‪
d
&= `
/‬א“אدم
א ‪

K\/‬‬

‫‪ 3O
V
,O‬دل
‪


U4?
%,]O
<L/
F6B‬א‪
M
-pVZ‬א‪/7‬د
‪
7‬‬
‫œ‪
3’L‬دم
?˜ ‪
.‬א‪
0Œ
U4
- L "I‬א‪p$‬م
‪
4‬אدم
א‪
6‬א)('و&‪
<7$
%‬‬
‫&" ق
]
 ‪xC
Jb‬א
א‪ =a
M
H‬ل
א‪
g
ƒ /‬א‪

K/‬‬
‫‪ 3O
V‬دل
א‪
ƒ /‬א‪
U4‬א‪(6
L
F6B‬ن
‪?
،_»/
g‬و
‪7I4
za
g6‬אن
‬
‫‪/‬و‪ O‬ل
א&'&‪?
،Edead IP addressF

w‬و
‪I4
za
/W6‬אن
دم
‪
v7³
%``S‬‬
‫‪(6‬ن
א‪
xEPort 25F
25
<L=
x]I‬א“ دم
` ً‪K‬‬
‫‪(6‬ن
‪
p
3"O‬א‪

4I‬א‪
-pVZ‬א‪/7
a
7]6B‬א‪ 7,
.‬دאً

?‪
M
7
،7,r‬‬
‫א(‪

KE2
J2F‬‬

‫

‬
‫ﺷﻜﻞ )‪ (2-2‬ﻣﺜﺎﻝ ﻋﻠﻰ ﺳﺠﻼﺕ ﺗﺒﺎﺩﻝ ﺍﻟﺮﺳﺎﺋﻞ ﺍﳌﺰﻳﻔﺔ‬

‫‪ 10.3.2‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﻌﺎﺷﺮ‪ :‬ﺗﺄﺧﲑ ﺍﻟﺘﺮﺣﻴﺐ
)‪

(Greeting delay‬‬

‫‪ 7
73L
7
+g7bL
+']

/ ŠO
8‬دم
א‪
76‬א)('و&‪
%7‬א —
‪
73L

3œ`7Z‬‬
‫א‪/‬د
‪
0Œ
U4‬א‪ bO$‬ل

دم
‪'(a
6/‬و&‪

K/ †
%‬‬
‫Œ‪
ً 7 `3‬א‪
- ]77#‬א]‪77 O
77I‬ل
&`‪
77‬א‪
776‬א‪
77
m77&{r
،ESMTPF

š77Z3‬‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪44‬‬
‫Œ‪
0‬א‪ bO$‬ل
‪{r‬ن‪
U4
±‬א“‪ 7‬دم
א —
‪

7œ/‬א‪
7@
= 7c&$‬א‪ 3`7‬ل
=‪
 7‬א'‪
7
07S‬‬
‫א“ دم
א —‪ =a
3L
œ3œ`Z‬ل
א‪
6‬א)('و&‪

Kma
%‬‬
‫(
א‪ ]$‬د‪
+'7r

+‬א‪
g7
ƒ 7/
J7b
fx78
/ Š7‬א‪7
،7/‬ن
‬
‫}‪ 4
Yœ/‬د‪/cI6$
+‬ون
= 
א'‪/6

،0S‬ن
‪
0Œ

+/W 3‬א‪ bO$‬ل‪


K‬‬
‫ )( ن
‪4a‬אد
א“‪ 7‬دم
‪
fx78
_ 7 $‬א"‪
،
7`6/‬و‪
d7"L
<7h
7‬א‪ 7bO$‬ل
‪
d7‬‬
‫א“ دم
א —‪

Kœ/‬‬
‫‪45‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫ا"! ا‪-‬‬

‫ا‪ ./0‬د ا('&و ‬
‫)‪(Phishing‬‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 46

،m77r‫א‬8?‫
و‬،
m77]6/O
v77S
77
%77&‫" د
א)('و‬77#$‫
א‬77b]‫א
א‬x778
L 77I6


K- cI‫אد
وא‬/r‫\
א‬Z
U4
m4
3O'‫א=
א‬/n‫وא‬

77b^‫
א‬- 77& 3‫
א‬L/77
WEPhishingF
%77&‫" د
א)('و‬77#$‫ ƒ
א‬77=
„77O

،7b^‫ ل
א‬7i&‫ض
א‬/7
%7&‫
א)('و‬76‫ ƒ
א‬7=
76/Œ
74
 Z@‫
وא‬6/Z‫א‬

i7,‫ م
א‬7Y6a‫
و‬7I
7cI
‫
?و‬،_=
7b‫
א‬7S?
7b^W
‫ ل‬7i&‫
א‬6/Œ
4
‫وذ‬


Km8?‫
و‬0"‫
א‬6Q

Y77
œ /}
‫
ن‬%77&‫('و‬$‫" د
א‬77#$‫ ƒ
א‬77=
ƒ 77/‫
א‬77
‫ع‬77I‫א
א‬x778
%77˜

77
78g‫
و‬6/77Z‫ م
א‬7L=‫" د
א‬7#$
ً 7"

%7&‫
א)('و‬776‫ 
א‬7=
‫^ن‬7Z6


K ‫(
א‬3‫
א‬%^Z
/³

\/ ‫ 
א‬Z@‫
א‬b^‫
א‬- & 3‫א‬

ƒ 77=
‫{ن‬77r
،ESpamF
77/‫
א‬g77
77&‫ ƒ
א)('و‬77/‫
א‬M
‫ ل‬77@‫
א‬%778
77

- `3"O
za
8‫א‬O

،7"`r
%&‫
א)('و‬6‫
א‬U4
/b`O$
%&‫" د
א)('و‬#$‫א‬

‫
?و‬7&‡‫ ƒ
א‬7/‫
وא‬ESMSF
+g7b`‫
א‬7bI‫ ƒ
א‬7/
\/7 ‫א'א
א)('و&
א‬

M
‫ن‬7(6
_p7 $‫
א‬7(‫
و‬،
m7Z]&
U7`36
‫م‬Y]‫
ن
א‬،EInstant MessagingF
+/W 3‫א‬

/7 ‫

א‬%78

%7&‫
א)('و‬6‫
(
= ƒ
א‬Kmp

/X‫
א‬x]IO
<6
Jx‫אš
א‬


K1 %&‫('و‬$‫" د
א‬#$‫
א‬- V8
x]IO
M
ً 4W

?ph?

r/7@‫ن
א‬37Z6 
+‫ د‬74
EHackersF
7 ‫(
א‬37‫

א‬%7L'Ž
ƒ‫ ن
?وא‬

،7 ‫(
א‬37‫
א‬I7#‫א‬/L
d7k
J?
،<Y7k
M
+76

- 
. &)
?f?
_/@ 


- I7ZO
M
EPhishingF
7
-Š7&
K
F7l
7 (‫
א‬7(‫
و‬،
m7Z]&

78

7"I‫ ن
א‬
KZ‫" د
א‬#‫„
א‬O
t‫
א‬EfishingF
(‫

א‬6/‫ن
א‬/`‫א‬
ESpamF
/‫
א‬g
66‫ ƒ
א‬/‫

א‬Y
%&‫" د
א)('و‬#$‫= ƒ
א‬

(1) A. Emigh, "Online Identity Theft: Phishing Technology, Chokepoints and

Countermeasures", Radix Labs, October 3, 2005.
 47

‫
א
وאאא
אد‬W
‫אد
א و‬

M
„77]‫
א‬077& X‫
א‬za
r 77n) 
،%4 77

$‫
א‬077& X‫ن
א‬77Z6
ً 7,6?
Y77
œ /}
‫ن‬77

77IC‫
א‬H 77
w77ž
‫=ج‬77I6
ً ` 77
/77 ‫
ذ‬77
‫א‬x778‫
و‬،i77,‫
א‬U774
‫ ل‬77S$‫
א‬774


KESocial EngineeringF
4 
$‫א‬

،
7``S
- 7cI
8=7b
‫
?ن‬7&‫" د
א)('و‬7#$‫ ƒ
א‬7=

7œ/}
%4±6

،
77b^‫
א‬m77O & 
. 77r)
776‫א
א‬x778
œ3œ`77Z}
‫אع‬77“
77‫
‰ و‬M
77 ‫ =_
א‬77b


B7=‫
و‬،‫^œ
م‬7Z
— ‫<
א‬7
،
7
_/7b
M
%7b^‫
א‬H 7Z@‫
א‬U74
‫
א ل‬- & 3

77& ƒ$‫
א‬EVISAF
‫א‬B77r
77L "3
77& ƒ$‫
א‬- 77L "3‫
א‬- 77& ‫
?و‬،%77b^‫
א‬F776/‫א‬


Kً `S$
i,‫
א‬b^W
‫ ل‬i&‫
وא‬، YL/
‫ض‬/

‫
?ن‬%4
»7O
%7&‫('و‬a
76/
 7=
،%&‫('و‬$‫" د
א‬#$‫ ƒ
א‬/
J`O
‫ ل‬

ESMTPF
š7Z3‫
א‬76‫
א‬7`&
‫ل‬7 O/
‫{ن‬r
ً ` 
/ œ }‫

و 
ذ‬K?‫_
?س‬/b‫
א‬8=b

‫
?ن‬+=‫و‬/77, 
N77

7œ/— ‫אن
א‬77I4
‫ن‬77
،EAuthenticationF
67b‫
א‬77#
7`]6

‫א‬x78
M‫

و‬K
7œ/
— ‫אن
א‬7I4
7`³
074p‫
א‬7(
m&
،œ/— ‫
א‬b^W
``S
N(6

‫ م‬7Y6)
،_/7b‫
א‬x7
‫ ق‬7"I‫<
א‬7 

ً 743
ً `]© 
ً 66/
ً &‫א‬I4
œ/— ‫
א‬d,6
‫א ل‬

g7
76‫ ƒ
א‬7=
‫^אم‬7‫
א‬76/Œ
74‫

و‬K?‫_
?س‬/7b‫
א‬78
8=7b
‫œ
Šن‬3œ`Z— ‫א‬



K&‫
א)('و‬6‫
א‬6‫ و‬I4

ƒ 8
‫ 
د‬/‫
א‬fx8
/O
ESpamF
/‫א‬

- 77& 
. 77r)
œ3œ`77Z
— ‫אع
א‬77“
77`6/"
 77/‫
א‬fx778
\77‰
077(6
_77


7 (
7‫
وذ‬،_/7b‫
א‬x7
%7&‫
א)('و‬dL‫
א‬4
%b^‫
א‬m ZS
za
‫א ل‬

7
.p7
7Y

‫
א‬766‫_
א‬/7b‫ ƒ
א‬7=
EStyleF
šI7
Y 
`6/"
 /‫א‬

f= 7W‫
و‬،ELogoF
_/7b‫
א‬B7=
d7n‫
وو‬،ELook and FeelF
‫ س‬ZS)‫
وא‬/cI‫
א‬vS


KEslogansF

‫Šن‬7
. 74‫
د‬$‫
א‬78
 /‫
 
‰\
א‬M
wœ^}‫
א‬t‫
א“אع
א‬0 ?
S?



‫
א
وאאא
אد‬W
‫אد
א و‬ 48

P3O

$
m&?‫
و‬،-]I‫
א‬L
œ3œ`Z}
%b^‫
א‬H Z@‫
א‬za
‫
א ل‬-$‫‰ و‬

=‫و‬B77
d77L
š‫א‬/77‫א
א‬x778
‫ن‬77(6‫
و‬، 77/ 
‫د‬77
‫אš
א‬/77‫
א‬M
‫د‬77
‫ذج
א‬77I‫א‬

/77cI‫
א‬77,6?
v77S
77
%77#‫_
א‬/77b‫
א‬d77L
<77bO
 77"
<77b
ESpoofedF

7P8

‫ن‬7
،f= 7W‫
و‬fB7=‫_
و‬/7b‫<
א‬7
‫
א‬d7n‫
وو‬،ELook and FeelF
‫ س‬7ZS)‫وא‬

077‫
א‬%77bI‫
א‬B77'‫
א‬77
%778‫
و‬$?
،77&‫
א)('و‬d77L‫
אא‬. 77&)
77 ‫
א‬77‫א‬

d7L‫
אא‬7
=b‫­
א‬Z&
- Y3Œ‫
و‬¤
،EHypertext Markup Language – HTMLF

_7C‫
وא‬،
ًpY7
ً‫א‬/7?
m7 (
%7&‫
א)('و‬dL‫­
א‬Z&
US
‫
?و‬،\/ ‫א)('و&
א‬

7‫
وذ‬،
_/7b‫
א‬x7
74
m7&?
_‫ د‬7#
Jx7‫œ
א‬3œ`Z— ‫
‰ و
אع
א‬8
‫
ذ‬

،
‫^م‬7Z‫<
א‬7‫(ن
א‬O 7
+‫ د‬74
t7‫
א‬%7&‫
א)('و‬H 7Z@‫
א‬za
‫
א ل‬- & 
L/Z



K%b^‫
א‬F6/‫
א‬B=‫و‬

7
07"6‫
و‬،EformF
‫ذج‬I
+‫ود‬B
YZ]&
&‫
א)('و‬6‫(ن
= 
א‬O
L

‫ذج‬77I‫<
א‬77Z
‫
?و‬،77œ/
— ‫
א‬za
\/77 ?
+/77
C 77=‫<
א‬77h
77‫
و‬،m77P3O
œ3œ`77Z— ‫א‬

%7&‫
א)('و‬76‫
א‬7 S
M
7 ‫(
א‬37‫
א‬U74
d7L
‫אن‬I4
za
mr
P3‫
א‬- & 3 


KEWeb-based E-Mail – webmailF
 ‫(
א‬3‫
א‬U4
„3‫א‬

،
i7,‫
א‬Hx7

Jx7‫<
א‬7"‫
א‬w
7² 
±
766‫ 
א‬/‫ 
¼
?ن
א‬Z‫
א ل
א‬M

d7L‫’

א‬7±’
7I
،_/7b‫
א‬7‫\
ذ‬7
ًp4
‫(ن‬6
‫ د_
?ن‬#
m&?
&/ ‫

ذ‬Jx‫وא‬


Km"‫
א‬i,‫" د
א‬#‫
‹
א‬Jx‫
א‬+= Ib‫
א‬Hp —
=‫و‬B‫א‬

‫" د‬77777#$‫ ƒ
א‬77777=
M
^77777Z‫
א‬+=Y77777‫\
א‬/77777 ‫ ƒ
א‬77777‫
א‬77777



W1 %&‫('و‬$‫א‬

7
07"O‫
و‬، 7
_/b
M
œ3œ`Z— ‫
א‬H ZS
M
(
E I8
‫
?ن‬%4»O
 =
J

(1) A. Emigh, "Online Identity Theft: Phishing Technology, Chokepoints and

Countermeasures", Radix Labs, October 3, 2005.
49

‫
א
وאאא
אد‬W
‫אد
א و‬

K /‫
א‬M
‫و=

د‬B
dL
š‫
א(
 ^אم
=א‬yib
dL
+= 6‫œ
ز‬3œ`Z— ‫א‬

m74
‫ض‬/7O‫
و‬،/7"
M
7
_/7b
M

3œ`7Z— ‫
א‬H ZS
‫
?ن‬%4»O
 =
J


K- p $‫
א‬ir (
q &/
M
VZ‫א‬

، 7Y3"
œ3œ`Z— ‫`<
א‬6
 ‫
و‬،]6B
#‫
א‬M
%8‫
و‬،- 3
+=O r
 =
J


KF6B‫
א‬0"‫א
א‬x8
. )
 /‫
א‬M
‫אš

د‬/
œ3œ`Z— ‫ود
א‬B6‫و‬

M/77b‫
א‬H 77Z@‫
א‬U774
d77L
g77
g77O
‫ل‬77b³
F776B
= 77Wa
 77=
J


Kg‫א
א‬x8
M
/cI
š‫א‬/
œ3œ`Z— ‫ود
א‬B6‫
و‬،œ3œ`Z}

U74
‫ض‬/7O‫
و‬،
7
_/7b
M
+76

7 
- 7
‫ول‬B7&
%4»O
 =
J


KL
+']
ً & k
“‫
א‬fx8
U4
‫ل‬b@‫
א‬#/r

ً  S
ًp4
m&
،
œ3œ`Z— ‫א‬

=‫و‬B7
d7L
za
m7
6
 7/‫

א‬3œ`7Z}
‫{ن‬7r
` 7Z‫
א‬-$ @‫ 

א‬S

M

77b^W
‫ ل‬77i&‫
א‬M
ً 7 `S$
?‫ دون‬77b‫
?א‬Y^77Z6
t77‫
وא‬،
6/77Z‫
א‬- 77& 3‫
א‬d77X


K\/ ?
‫
 
?و‬a
- 4
M
i,‫א‬


W ‫
א‬-‫
א“"א‬M
%&‫('و‬$‫" د
א‬#$‫
א‬- V8
= b ‫(
א‬
K%&‫('و‬$‫" د
א‬#$‫
א‬VC
š"^‫
א‬J1
KF6B‫
א‬dL‫
א‬BY¤
J2

77S?
‫^אم‬77 
‫ن‬77(O
77L‫
و‬،77]6B‫ ƒ
א‬77/‫
א‬77
77ƒ 8
77
‫ ل‬77=a
J3
.ESpamF
/‫
א‬g
ƒ /‫
א‬0 ?

š‫א‬/‫
א‬d3O‫
و‬، /‫
א‬y]
‫`ن‬6
+=‫و‬B‫ 
א‬/
œ3œ`Z— ‫د

א‬4
J4

KF6B‫
א‬dL‫
א‬M
"‫
א‬- & 3‫<
 
א‬h
‫
و‬، /‫
א‬M
‫א
د‬

- 77b^W
‫ن‬77iI6
<77h
77‫
و‬،
6/77Z‫
א‬- 77& 3‫ن
א‬L/77Z6
‫ دون‬77b‫
א‬J5
K 6 i,‫א‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪50‬‬
‫‪
777‬א‪
1
7 7‬אא‪
- 777VC
777L‬א‪ "777#$‬د
א‪'($‬و&‪
 777=

%7 7‬א‪
7776‬‬
‫א)('و&‪
M

،%‬א(
‪
،E1-3F‬א‪
t7‬ز‪
<7ZL?
7
7Y&?
Y
7œ/}
<74‬א‪ 7‬ن
?
‪
M‬‬
‫‪
،? 3 ?
_/b‬و?ن
א —‪ 
$
4
œ3œ`Z‬ز
 ˜‪
74?Wf‬א' ‪
?
”7‬وو‪7n‬א
‬
‫=א" ً
‪ `&p‬ل
‪
i]#
za‬א' ”
‪
7O‬وא‪
Jx7‬א‪?
y7,O‬ن
‪
fx78‬א‪
d7L
%78
i]7b‬‬
‫‪
? 3 ?
dL
<b
 "
F6B‬א‪
S &

%#‬א‪
/7cI‬وא)‪ 7ZS‬س
‪look and F‬‬

‫‪
Efeel‬وא‪
،EstyleF
šI‬وو‪
B=
dn‬א‪
M

_/b‬א(
‪

KE2-3F‬‬

‫

‬

‫

‬
‫ﺷﻜﻞ )‪ (1-3‬ﺭﺳﺎﻟﺔ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﺍﳌﻨﺘﺤﻠﺔ ﳌﺼﺮﻑ "ﺳﺎﻣﺒﺎ"‬
‫

‬
‫

‬

‫‪?

E1F‬و‪ @
ž
]L‬د‪
 =
h‬א‪ "#$‬د
א‪'($‬و&‪
%‬א

‪
.p
Y‬א‪
S‬א‪
EI3‬א‪Z‬د‪

،?6‬א‪
+6/

،‬א‪ 6/‬ض
‬
‫א‪Z‬د‪
،6‬א‪

14
w3Z‬ذ‪
J‬א@‪2006
/6 I6
14

J
781426
V‬م
‪

J‬אد
‪

K13718‬‬
 51

‫
א
وאאא
אد‬W
‫אد
א و‬

ً 736/L
m7n‫
و‬za
‫وא‬74
6‫ د‬7b‫
?ن
א‬7¼
_/7b
‫" ق‬I‫
א<
א‬M
I`L‫ذא
د‬a

78‫
א‬7
mr 7 ‫
א‬i7,‫
א‬7‫
א‬U74
0
} 7b6
’
%7
،
yi7b‫" ق
א‬I‫
א<
א‬

‫ ق‬7"I‫<
א‬7‫
ن
א‬I
Esamba.comF
8
3 
_/b
yib‫" ق
א‬I‫
א<
א‬Kz‫אو‬

/7 ‫و=
ذ‬B7‫
א‬d7L
‫ ق‬7"I‫
א<
א‬M
¼
Esambaonlineaccess.comF
8
=‫و‬B‫
א‬dL

%77"6‫
و‬%S6 7¯
،
/7W 3‫ ل
א‬7bO$‫„
א‬77O‫
و‬،
EonlineaccessF
/7 ‫
وذ‬،_/77b‫<
א‬7‫א‬



KdL‫
א‬4/
ً 4 3"&‫א‬

"‫( ﺍﳌﻮﻗﻊ ﺍﳌﺰﻳﻒ ﳌﺼﺮﻑ "ﺳﺎﻣﺒﺎ‬2-3) ‫ﺷﻜﻞ‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 52

=‫و‬B7‫
א‬dL‫

א‬m ‫
و¼
\
א‬،%#‫
א‬3 
dL
8
E3-3F
(‫א‬
K%#‫
א‬dL‫وא‬

"‫( ﺍﳌﻮﻗﻊ ﺍﻷﺻﻠﻲ ﳌﺼﺮﻑ "ﺳﺎﻣﺒﺎ‬3-3) ‫ﺷﻜﻞ‬




d7L‫ ً

?ن
א‬7,6?
«7Sp&‫

و‬K?
‫ ض‬76/‫_
?א‬/7b
d7L
8
=‫و‬B
dL
/ †
‫ ل‬

(7‫
א‬M
7
_/7b
%#‫
א‬dL‫<
" 
א‬#
E4-3F
(‫
א‬M

=‫و‬B‫א‬


K‫ س‬ZS)‫
وא‬/cI‫
وא‬،šI‫
وא‬،= ‫
א‬vS

E5-3F

d7L
‫ ق‬7"I‫<
א‬7‫
وא‬،Eriyadbank.comF
W
78
%#‫
א‬dL
‫" ق‬I‫א<
א‬


KEriyadonlin.net.msF
F6B‫א‬
 ‫‪53‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫‪
0 7??
W
7br
M
L II‬א‪ "7#$‬د
א)('و&‪
0 7?
7b]
(7
?
%7‬‬

‫א‪ 77S$‬ل
‪BO
M‬و‪
/776‬אא‪
d77L‬؛
و‪
.B77

M
L II77‬א)
‪/77‬א‪.‬א‪
-‬א‪ 77,‬د‪
+‬א‪
- 77Œ S$‬‬
‫وא‪
ƒ$‬א^]
‪
_  $‬אא‪
dL‬א‪B‬و=‪

K+‬‬

‫

‬
‫ﺷﻜﻞ )‪ (4-3‬ﺍﳌﻮﻗﻊ ﺍﳌﺰﻳﻒ ﳌﺼﺮﻑ "ﺍﻟﺮﻳﺎﺽ"‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪54‬‬

‫ﺷﻜﻞ )‪ (5-3‬ﺍﳌﻮﻗﻊ ﺍﻷﺻﻠﻲ ﳌﺼﺮﻑ "ﺍﻟﺮﻳﺎﺽ"‬

‫

‬
‫و‪
/Yc6‬א(
‪
/7 †
ً$ 
E6-3F‬א‪
d7L‬א‪ "7#$‬د
א‪'($‬و&‪
،
%7‬و‪x78‬א
א‪ 7‬ل
‬
‫‪

K?H ?
_/b‬א‪
dL‬א‪B‬و=
א<
א‪ 7"I‬ق
‪
Esabb.net.msF‬א‪
<7
$
m 7‬א‪ 7"I‬ق
‬
‫‪
dL‬א‪
M

،Esabb.comF
%#‬א‪
KE7-3F
(7‬و&‪?

ً 7,6?
\/7‬ن
א‪
d7L‬א‪B7‬و=
‬
‫‪
 "
<#‬א‪
dL‬א‪
vS

%#‬א‪
،šI‬وא =‪
،‬وא‪
/cI‬وא)‪ ZS‬س‪

K‬‬
 ‫‪55‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫

‬
‫ﺷﻜﻞ ‪ 6-3‬ﺍﳌﻮﻗﻊ ﺍﳌﺰﻳﻒ ﳌﺼﺮﻑ "ﺳﺎﺏ"

‬

‫

‬
‫ﺷﻜﻞ)‪ (7-3‬ﺍﳌﻮﻗﻊ ﺍﻷﺻﻠﻲ ﳌﺼﺮﻑ "ﺳﺎﺏ"‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 56

(3‫
א‬U4
8#=‫
و‬Echat roomsF
h‫ د‬o‫_
א‬/
3L‫א‬/
w½ 1 ‫
د=א‬M

‫" د‬77#$‫
א‬- 77V8
‫
?ن‬-/77Y•?
،EphishersF
‫ دون‬77b‫
א‬77Yr
77Ÿ
‫ ن‬77
t77‫
א‬77 ‫א‬

- 7VC‫
א‬fx78
.‫
ن
و=א‬a
7
،
7S‫^”
وא‬7W

73’L
œ
7
x]² IO}
$
‫ م‬4
(
%&‫('و‬$‫א‬

EphishersF
6‫ د‬77b‫
א‬77
77
+4 77Z
77
‫ ل‬77k
M
”77b^
77
/77
‫^ ص‬77W?

77O
B776BO
M
EhackersF
/¹ 7 ^‫
وא‬،EspammersF
77/‫
א‬g77
ƒ 77/‫
א‬%77
œ /}‫و‬

‫ ل‬77‫
א‬77
- 774k
+774
E 77I8
w
77&
m77&?
77‫
א=א‬fx778
-77
‫
و‬K- 77VC‫א‬

7
،EcashersF

7bo‫
وא‬EcollectorsF

7‚‫
وא‬EmailersF

7œ/—
bb^‫א‬


W% ‫
א‬M
_/± 
8

EspammersF
7/‫
א‬g7
ƒ 7/‫œ
א‬/}
a
<8‫
و‬WEMailersF
‫œن‬/— ‫
א‬J

g7
ƒ /‫ ƒ

א‬8
‫د‬4
‫= ل‬a
U4
+=`‫<
א‬Y6
6x‫
א‬،EhackersF
‫ن‬/¹ ^— ‫?و
א‬
KEfraudulent emailsF
‫ ل‬S$‫_
א‬Y
/‫א‬

d77L‫وא
אא‬B77Y

6x77‫
א‬EhackersF
‫
ن‬77/¹ ^‫<
א‬778WECollectorsF
‫ن‬77‚‫
א‬J

7776ž
<7776
t777‫
وא‬،‫ ل‬777S$‫ض
א‬/777
Efraudulent websitesF
777]6B‫
א‬77&‫א)('و‬

d7L‫
אא‬fx78
<YI7
07"O

7
7/‫
א‬g
66‫ ƒ
א‬/‫
א‬3’Lœ

Ya
6 i,‫א‬

K& ƒ$‫
א‬L "3‫<
א‬L=
‫
?و‬،=‫و‬/‫<
א‬L=‫
و‬،‫^م‬Z‫
{<
א‬6/
- & 
6‫و‬BO

،EmailersF

7œ/— ‫
א‬I4
‫=ون‬/(
.p4
<8
¹ ‚‫
א=א
?ن
א‬wcS$‫و‬


K/‫
א‬g
ƒ /‫ ً
)= ل
א‬6‫ ً
 د‬3
‫ن‬r6
<8‫و‬

L‫و‬/7Z‫
א‬6/7Z‫
א‬-
7& 3‫
א‬x Š
‫`ن‬6
6x‫<
א‬8‫
و‬WECashersF
‫ن‬b
¹ o‫
א‬J

(1) Christopher Abad, “The economy of phishing: A survey of the operations of the
phishing market”, First Monday, volume 10, number 9, September 2005,
(http://firstmonday.org/issues/issue10_9/abad/index.html). M. Jakobsson, S. Myers,
“Phishing and Countermeasures: Understanding the Increasing Problem of Electronic
Identity Theft”, Wiley, 2007.
57

‫
א
وאאא
אد‬W
‫אد
א و‬

- 7L "
. 7&{
‫ق‬/7Œ
+7
‫ل‬p7$‫
א‬x]I6
‫
و‬K Cp‫<
א‬h’
‫
و‬،¹ ‚‫
א‬3L


J`I‫
א‬0iZ
‫^م‬ZO
]6B
r/b
-  ZS
- L "
‫
?و‬،]6B
‫
אƒ ن‬-  ZS

.‫א‬/7‫
?و
א‬،EAutomated Teller Machine – ATMF
%7‡‫א_
א‬/
± 7b‫
א‬+B7Y
?

/W 3‫א‬



K Y"‫
א‬d3‫وא‬

. 77`
77‚‫
א‬za
/77W 3‫
א‬J‫ د‬77‫
א‬dr77

77a
‫ن‬77r‫و‬/
‫ن‬77¹bi— ‫
א‬.$778‫و‬


Kbo‫
א‬6`I‫
א‬- L‫و‬/Z‫

א‬3Z&
<Yƒ "4{
‫
?و‬،L‫و‬/Z‫
א‬6/Z‫
א‬- & 3‫א‬

- 7& 3‫
א‬+‫د‬7

U74

7O

37ZI‫
א‬76/Œ
74
‫
?و‬+/W 3
.‫
א‬4r‫
א‬6‫
א د‬¥ 3‫א‬

- 7VC‫
א‬U4
bo‫
א‬+=L
U4
ً ,6?
O‫
و‬،
¹ V— ‫
א‬3’Lœ

Y ‫
و‬+‫ود‬B‫א‬

^77Z‫
א‬-  77ZS
- 77& 3
77`‫
א‬- 77cI‫
א‬F77Ž
U774
+x77]I‫
א‬-$ 77S$‫وא‬


K‚‫א‬


%7&‫('و‬$‫" د
א‬7#$‫
א‬- 77V8
‫
?ن‬wi7n‫
?و‬t7‫
א‬77‫
א=א‬w7b
7I8
za

7Y&?
$a
،
  7‫
א‬M
7‫א‬/
)‫
א‬-  b‫<
א‬cI
` "
cI
-  b4
8.‫
و=א‬F`O

7 ‫(
א‬37‫
א‬  74
J?
،%7&‫
א)('و‬  7‫
א‬M
<76
8x]IO
‫
?ن‬M
š`r
YI4
Fl


KEInternet worldF


ً‫א‬6

ًp 4

‫`م‬O
Y&?
%&‫('و‬$‫" د
א‬#$‫
= ƒ
א‬M
%ƒ I$‫
א‬.%‫א‬

- 77Œ S$‫
א‬M

ً 773 
m778 ¤
‹

77
778‫
و‬،
77&‫
א)('و‬77I‫
א‬- 77VC‫
א‬77‫א‬4

7776 @‫=אن
א‬777Vr
K
J/7773‫
א‬777 ‫
א‬7778‫
و‬$?
،
- 777cI‫
א‬M
777I‫
א‬- 4 r777‫وא‬

،ESecure Socket Layer – SSL CertificatesF
77I‫
א‬-‫ دא‬Y77‫
وא‬،EFirewallsF

78g‫
و‬،(Intrusion Prevention Systems – IPS rules)
‫'אق‬7 $‫
א‬d7I
7c&?
&‫א‬7L‫و‬

%7&‡‫ق
א‬7h‫ل
א‬p7‫
א‬F7LO
‫
?ن‬7($
7](‫
א‬c8 3‫
א‬I‫
א‬6 @‫
و ƒ
א‬

7I4
8=/7n
F7L6$
t‫
وא‬،cI‫(
א 

א
وא‬3‫
א‬4
Eonline trustF


‫
א
وאאא
אد‬W
‫אد
א و‬ 58

M
g37
=/7n
µ‫א‬7Sa
za
8‫א‬6

،š`r
»6/Z‫
وא‬b^‫
א
א‬- & 
H/ZO

%7‡‫د
א‬/7‫ م
א‬7c&
‫
?و‬7 ‫(
א‬37‫
א‬74
.‫
א‬،]^‫ ل
א‬bO$‫`
א
 ƒ
א‬h
K- cI‫ ل

א
وא‬bO$‫<

و ƒ
א‬8g
‫
?و‬،FO C‫
א‬4
The Anti-Phishing F
%7&‫" د
א)('و‬7#$‫ ƒ
א‬7/
J7b‫
א‬74
74k

- 4 I7b‫
א‬F7Ž
\7Z
U74
7 4
§
%8

K1 EWorking Group – APWG

ƒ 7=
74
7¤ I‫
א‬b^‫ ل
א‬i&‫
א“אع
وא‬- 
Jb
&‫&] ذ
א`א‬a
Yr8


K%&‫" د
א)('و‬#$‫א‬

J7b‫
א‬74
4k
mO4?
Jx‫
א‬2007
‫ م‬4

r&
/YW
2 /6/`O
M


W/Y‫
ذ
א‬M
w3`‫
א‬4‚‫
?ن
א‬/Y•?
EAPWGF
%&‫" د
א)('و‬#$‫ ƒ
א‬/
K‫" د‬#‫
= ƒ
א‬4
ً p
28074 •

- 7cI
7&‫('و‬a
d7L‫
א‬4
]6B
&‫('و‬a
dL‫
א‬4
ً p
23630 •
K``S

ƒ 7=
-p7
76
/Œ
74
Ebrand hijackF
Y]6BO
‹
6= ¤
p4
178 •

w7L‫

و‬U7S
،7S‫
وא‬/Y7W
M
V7Z
<7L=
U74?
<L/7‫א
א‬x78‫
و‬K
%7&‫('و‬$‫" د
א‬#$‫א‬
K/Y‫
א‬x
/6/`‫א=
א‬#a

U74
-7S‫
א‬7YI4
¥73‫

א‬%7&‫('و‬$‫" د
א‬7#$‫ع
= ƒ
א‬k

٪34.3 •

‫ ل‬777

KEdomain namesF
- 777L "&
.
7 7˜?
777P8
U7774
777&‫('و‬a
d777L‫š
א‬777‫=وא‬

KExyzbank.comF

(1) The Anti-Phishing Working Group, www.apwg.com.

(2) Phishing Activity Trends, Report for the Month of November, 2007, Anti-Phishing
Working Group (APWG), apwg.org
59

‫
א
وאאא
אد‬W
‫אد
א و‬

U774
-77S‫
א‬77YI4
¥773‫
א‬%77&‫('و‬$‫" د
א‬77#$‫ ƒ
א‬77=
‫ع‬77k
77
٪6 •

KE10.212.21.33F
‫

 ل‬K6/4
6‫ و‬I4
P8
U4
&‫('و‬a
dL‫=وאš
א‬
KmLpa
3L
F6B‫
א‬dL‫
א‬. `
‫
ل‬8
‫ م‬6?
hph •
KF6B
dL
. `
+
‫
?Œل‬%8
ً 6
30•

- 774
M
š77‫ق
אو‬/77‫
א‬M
rY77Z‫
א‬77 ‫
א‬- 77cI‫د
א‬774
‫ د‬776‫• אزد‬
K6= V‫
א‬p‫
א‬F6BO

% 77§a
77٪93.8
m377Z&
77™

ً r‫א‬Y77‫
א‬/77 ‫
א‬77 ‫
א‬- 77cI‫
א‬77cO •
KrYZ‫\
א‬/ ‫
א‬- 4 Ib‫א‬

‫אدم‬7“‫د
א‬74
M
7(6/‫
א‬+7i‫
א‬- 76$‫
א‬b‫
א‬w"l
/Y‫
ذ
א‬M •
٪24.21
m3Z&
™
&‫" د
א)('و‬#$‫
א‬dL‫]
א‬,Z‫א‬


%77&‫('و‬$‫" د
א‬77#$‫
א‬- 77p
‫د‬774
E8-3F
%i77n‫(
א‬77‫
א‬3776 •

‫ م‬77‫
א‬77
m77Z]&
/Y77‫
א‬za
2006
r77&
/Y77W
77
+'77]‫ل
א‬p77
6/Y77W
77Z‫א‬
K2007

%777&‫('و‬$‫" د
א‬777#$‫
א‬d777L‫د
א‬7774

E9-3F
%i777n‫(
א‬777‫
א‬37776 •

‫ م‬7‫
א‬7
m7Z]&
/Y7‫
א‬za
2006
r7&
7
+'7]‫ل
א‬p7
ً 6/YW
](‫
א‬+6X‫א‬
K2007

v77S
77
- 77cI‫אع
א‬77&?
77
‫ع‬77&
77(
377ZI‫
א‬E1-3F
‫ول‬77X‫
א‬3776 •
K C
%&‫('و‬$‫" د
א‬#$‫
א‬- 4
_‫א‬Y‫א‬


K&‫" د
א)('و‬#$‫
א‬dL‫
א‬r ,‫
א‬3Z&
M
z‫
אو‬/‫
אول
א‬E2-3F
‫ول‬X‫
א‬36 •
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪60‬‬

‫

‬
‫ﺷﻜﻞ )‪ (8-3‬ﻋﺪﺩ ﺑﻼﻏﺎﺕ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﺍﳌﺴﺘﻠﻤﺔ ﺷﻬﺮﻳﺎﹰ ﺧﻼﻝ ﺍﻟﻔﺘﺮﺓ ﻣﻦ ﺷﻬﺮ‬
‫ﻧﻮﻓﻤﱪ ‪ 2006‬ﺇﱃ ﺍﻟﺸﻬﺮ ﻧﻔﺴﻪ ﻣﻦ ﺍﻟﻌﺎﻡ ‪2007‬‬

‫

‬
‫ﺷﻜﻞ )‪ (9-3‬ﻋﺪﺩ ﻣﻮﺍﻗﻊ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﺍﳉﺪﻳﺪﺓ ﺍﳌﻜﺘﺸﻔﺔ ﺷﻬﺮﻳﺎﹰ ﺧﻼﻝ ﺍﻟﻔﺘﺮﺓ ﻣﻦ‬
‫ﻧﻮﻓﻤﱪ ‪ 2006‬ﺇﱃ ﺍﻟﺸﻬﺮ ﻧﻔﺴﻪ ﻣﻦ ﺍﻟﻌﺎﻡ ‪2007‬‬
 ‫‪61‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫ﺟﺪﻭﻝ )‪ (1-3‬ﻗﺎﺋﻤﺔ ﺍﻟﻨﺴﺐ ﻟﻜﻞ ﻧﻮﻉ ﻣﻦ ﺃﻧﻮﺍﻉ ﺍﳌﻨﻈﻤﺎﺕ ﻣﻦ ﺣﻴﺚ ﺍﺳﺘﻬﺪﺍﻑ ﻋﻤﻠﻴﺎﺕ‬
‫ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﳍﺎ‬
‫ﺍﻟﻨﺴﺒﺔ )‪

(٪‬‬ ‫ﻧﻮﻉ ﺍﳌﻨﻈﻤﺔ‬
‫‪

93.8‬‬ ‫א“ ‪
-‬א 

‪

EFinancial ServicesF‬‬

‫‪

2.8‬‬ ‫א‪

ERetailF
ƒBV 
d3‬‬

‫‪

2.2‬‬ ‫‪B‬ودو

א‪
(3‬א 
‪

EISPF‬‬
‫‪

1.2‬‬ ‫א@(
و`
א‪
- 4 Ib‬א ‪

EGovernment & MiscellaneousF
\/‬‬

‫ﺟﺪﻭﻝ )‪ (2-3‬ﻗﺎﺋﻤﺔ ﺍﻟﺪﻭﻝ ﺍﻟﻌﺸﺮ ﺍﻷﻭﱃ ﰲ ﻧﺴﺒﺔ ﺍﺳﺘﻀﺎﻓﺔ ﻣﻮﺍﻗﻊ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻹﻟﻜﺘﺮﻭﻧﻴﺔ‬
‫ﺍﻟﻨﺴﺒﺔ )‪

(٪‬‬ ‫ﺍﻟﺪﻭﻟﺔ

‬ ‫ﺍﻟﺘﺮﺗﻴﺐ‬
‫‪

24.21‬‬ ‫א‪

b‬‬ ‫‪

1‬‬
‫‪

23.85‬‬ ‫א‪
- 6$‬א‪
+i‬א‪

(6/‬‬ ‫‪

2‬‬
‫‪

9.39‬‬ ‫א‪

IC‬‬ ‫‪

3‬‬
‫‪

8.06‬‬ ‫=و

‬ ‫‪

4‬‬
‫‪

4.64‬‬ ‫‪

I6 O‬‬ ‫‪

5‬‬
‫‪

3.53‬‬ ‫=و &

‬ ‫‪

6‬‬
‫‪

3.41‬‬ ‫? &

‬ ‫‪

7‬‬
‫‪

2.42‬‬ ‫ =‪
6‬א‪

IX‬‬ ‫‪

8‬‬
‫‪

1.47‬‬ ‫א(
א‪

+i‬‬ ‫‪

9‬‬
‫‪

1.47‬‬ ‫‪

Z&/r‬‬ ‫‪

10‬‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 62

77(6/‫
א‬+77i‫
א‬- 776$‫
א‬M
/ƒ 77Z“‫
?ن
א‬/77Y•?
EGartnerF
77
1 77
M

3.2
za
2007
‫ م‬74
M
b
w]O=‫
א‬L
%&‫('و‬$‫" د
א‬#$‫
א‬- V8

¤ I‫א‬


%7&‫('و‬$‫" د
א‬7#$‫
א‬- 7V8
M
ً 4 ]O=‫ ً
א‬,6?
/6/`‫
א‬/Y•?‫
و‬K%(6/?
=$‫
دو‬6p

- 77L "3‫
א‬-  77Z³
77&= `
،r/77b‫
א‬-  77Z@‫
وא‬776= X‫
א‬- 77L "3‫
א‬-  77ZS
U774

_= 7b‫
א‬7I4
‫ ل‬7S$‫
א‬- 4
_  ‫
א‬c&?
Fn
za
03Z‫
א‬d
/6‫א)ƒ &
و‬


K& ƒ$‫
א‬- L "3‫
א‬- /W
za
3ZI 
YI4

‫ م‬74
7
N"7Z?
/Y7W
M

J/7
?

‫ع‬p"7‫
א‬U74
ً‫
א‬. 7I
m7&?

ً 7,6?
7“‫
א‬/ ‫وذ‬

- 7V8
‫

?ن‬37O
7(6/‫
א‬+7i‫
א‬- 76$‫
א‬M
”^7W
4500

/ 
2007

 777 
777&= `
،
2007
‫ م‬777‫
א‬M
777 ?
ً 7 7S ¼
w777``S
%777&‫('و‬$‫" د
א‬777#$‫א‬

774
‫" د‬7#‫ ƒ
א‬7=
‫א‬3`7‫
א‬6x7‫^ ص
א‬77W‫
א‬7
K٪3,3
37Z&
w7 L
،
` 7Z‫א‬

‫" د‬77#$‫ ƒ
א‬77=
0377Z
77 
/ƒ 77Z“
‫א‬77n/O

<77Y&a
%77&‫
א)('و‬776‫
א‬776/Œ

J?
،
m`377
Jx77‫ م
א‬77‫

א‬M
m77Z]&
.%77
‫א‬77n/O
٪2.3
777
77&= `
،
%77&‫('و‬$‫א‬

Y 77
- 4p"77‫
א‬U774
ً‫א‬. 77I
2005
‫ م‬77‫
א‬77
2.9
777
77,6?
77&= `‫
و‬،2006
.EGartnerF
3L

w6/
?

،77 ‫
א‬- 77“‫ ع
א‬77"L
77
FI77bO
t77‫
وא‬،
2?PayPal?
‫ ً

?ن‬7,6?
77“‫
א‬/7 ‫وذ‬

ً 7n/O
/7 ‫
א‬7&(
O/7‫
א‬7ƒBV 
d73‫" ع
א‬L

FIbO
t‫
وא‬،
3 ?eBay?‫و‬
KEbrand spoofingF
6= V‫
א‬p‫ ل
א‬i&‫
א‬- 

U4
œ — ‫ع
א‬I‫
א‬8
‫
אول‬،%&‫('و‬$‫" د
א‬#$‫
א‬- V8

‫ ن‬4&
E I8

(1) Media Relations, 2008 Press Releases, Gartner, “Gartner Survey Shows Phishing
Attacks Escalated in 2007; More than $3 Billion Lost to These Attacks”, 05-March-
2008, (http://www.gartner.com/it/page.jsp?id=565125).


K&‫
א 
א)('و‬-p6i‫
وא‬- 4r‫
א‬M
bb^
 /W
E2F
K ‫(
א‬3‫
א‬6/Œ
4
ƒBV 
d3‫
א‬M
bb^
 /W


E3F
 63

‫
א
وאאא
אد‬W
‫אد
א و‬

7
J
‫ دون‬7b‫
א‬7Z6
‫ع‬7I‫א
א‬x8
M

KESocial EngineeringF
4 

$‫
א‬IC‫א‬

‫ ل‬7i&‫
א‬76/
‫^אم‬7 

%7&‫('و‬$‫" د
א‬7#$‫
א‬- 74
M
J/73‫
א‬-0& X‫&


א‬/ ‫ذ‬

 7"
7b‫
א‬+=‫و‬B7‫
א‬d7L‫
אא‬za

3œ`7Z— ‫

א‬m7

Espoofed emailF
b^
7777777‫א‬

- 77& 3‫
א‬. 77r)
œ3œ`77Z
— ‫אع
א‬77“
 77/‫
א‬d77
77r/
‫ذج‬77´
77P3O
‫
?و‬،77#?
d77L‫א‬

K6/Z‫
وא‬b^‫א‬

U774
77‫ع
א‬77I‫
א‬778

%7 &‫('و‬$‫" د
א‬77#$‫
א‬- 77V8
77
/77 ‡‫ع
א‬77I‫א‬

q‫א‬/7
‫=ع‬B7
‫ع‬7I‫א
א‬x8
M
‫ دون‬b‫`م
א‬6‫
و‬،Etechnical subterfugeF
I]‫
א‬0 ‫א‬

77b^‫
א‬- 77& 3‫
א‬L/77

7 Cp
77
<77O
6 i77,‫
א‬+B77Y
?
M
ESpywareF
N77Z¤

‫ ل‬77i&‫
א‬- 774
M
ً 7 `S$
Y&^77Z6
v77S
6‫ د‬77b‫
א‬za
C 77=a‫
و‬،6/77Z‫وא‬


K1 b^‫א‬

Anti-Phishing Working Group, apwg.org. E1F

 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪64‬‬
‫‪65‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫ا"! اا‪1‬‬
‫أ ‪ 2‬ا‪ ./0‬د ا('&و ‬
‫)‪(Phishing Techniques‬‬
‫

‬
‫
ﺗﺴﻤﻴﻢ ﺧﺎﺩﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ )‪(DNS Poisoning‬‬ ‫•‬

‫ﺗﺴﻤﻴﻢ ﻣﻠﻒ ﺍﳋﻮﺍﺩﻡ ﺍﳌﻀﻴﻔﺔ )‪(Hosts File Poisoning‬‬ ‫•‬

‫ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﺑﻮﺍﺳﻄﺔ ﺣﻘﻦ ﺍﶈﺘﻮﻯ )‪(Content Injection‬‬ ‫•‬

‫ﻫﺠﻤﺔ ﺍﻟﺮﺟﻞ ﰲ ﺍﻟﻮﺳﻂ )‪(Man-in-the-Middle Attack – MITM‬‬ ‫•‬

‫ﺗﺸﻮﻳﺶ ﺍﻟﻌﻨﻮﺍﻥ )‪(Address Obfuscation‬‬ ‫•‬

‫ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳﻖ ﺍﻟﱪﺍﻣﺞ ﺍﳋﺒﻴﺜﺔ )‪(Malware Attack‬‬ ‫•‬

‫‪Search Engine‬‬ ‫ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳﻖ ﳏﺮﻛﺎﺕ ﺍﻟﺒﺤﺚ )‬ ‫•‬

‫‪(Phishing‬‬
‫‪The Popup‬‬ ‫ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳـﻖ ﺍﻟﻨﻮﺍﻓـﺬ ﺍﳌﻨﺒﺜﻘـﺔ )‬ ‫•‬

‫‪(Attack‬‬
‫ﺷﺮﻳﻂ ﺍﻟﻌﻨﻮﺍﻥ ﺍﳌﺰﻳﻒ )‪(Fake Address Bar‬‬ ‫•‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪66‬‬
‫

‬
 67

‫
א
وאאא
אد‬W
‫אد
א و‬

K%&‫" د
א)('و‬#$‫
א‬M
^Z‫
א‬0 ‫
א‬b]‫א
א‬x8
L I6

(DNS poisoning) ‫ ﺗﺴﻤﻴﻢ ﺧﺎﺩﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ‬:‫ ﺍﻷﺳﻠﻮﺏ ﺍﻷﻭﻝ‬1.4

‫م‬7`6
‫
?ن‬H7‫א
א‬x78
7`6/Œ
K
73“‫
א‬74=B‫
א‬J?
EPharmingF
ً ,6?
UZ6‫و‬
Domain Name Server – F
- 7L "I‫
א‬. 7˜?
‫ دم‬7
U74
‫م‬VC 7
EhackerF
H/7^‫א‬



K-pVZ 
04p‫
وא‬،
EDNS

- 77&(‫
א‬77S?
778
EDNSF

- 77L "I‫
א‬. 77˜?
‫ م‬77c&
‫{ن‬77r
ً ` 77
77&/ ‫
ذ‬77

(7
7O
- 7L "I‫
א‬. 7˜
‫אدم‬7
+74
7
‫(ن‬6‫
و‬، ‫(
א‬3
 ‫א‬

،6/7‫
א‬7YI6‫ و‬I4‫
و‬- L "I‫
א‬. ˜?

š/‫
א‬8
‫ م‬cI‫א
א‬x8
- 
<8?
K (

‫ ن‬77() 
J?
،m77
077Œ ^‫אد
א‬/77‫ دم
א‬77^
J/77‫אن
א‬77I‫
א‬77r/
77
77$
m77&
-4F
(7‫
א‬M
7
،
‫ ل‬7‫
א‬3
Ur
K ‫(
א‬3
3ZI 
FO C‫
د
א‬f= 34‫א‬

7C
V7Z‫
א‬J/7‫אن
א‬7I‫
א‬Ewww.ksu.edu.saF
‫د‬7
‫

א<
&" ق


א‬E1


777S ‫
و‬+‫د‬777


‫ن‬777(O
fx7778
š/777‫
א‬- 777& ‫
و‬،E213.230.10.197F
7778


K- L "I‫
א‬. ˜?
‫
אدم‬S?
M
‫م‬pp

za
+= 7W)‫
א‬za
J‫د‬76
7¯
6/7‫
א‬6‫ و‬I‫
א‬g
-pVZ 
04p‫(ن
א‬6


ً 7Z
‫م‬p7$‫ دم
א‬7
‫ ن‬7
‫{ذא‬7r
،‫د‬7
7‫
 ل


א‬M
(r
K]6B
dL‫א‬

‫
?ن‬7
ً$3r
،‫ 
א
د‬X
J/‫אن
א‬I‫
Ÿ
א‬Jx‫
א‬VZ 
04p‫و‹
א‬

7‫
א‬7

‫ ق‬7"&
<7$
yi7b‫
א‬J/7‫אن
א‬7I‫
א‬- 7L "I‫
א‬. 7˜?
‫ دم‬7
d

’ /6}


K=‫و‬B
dL
za
g6
ً ]Ž
ً 6/4
ً &‫א‬I4
d
g
m&{r
،‫د‬

- L "I‫
א‬. ˜?
U4
3"I6
m&{r
،‫
 ل


א
د‬M

‫א
א@ ل‬x ‫و‬

07"O
t7‫
א‬d7L‫
אא‬7
78g‫ =_
و‬7b
- L "I‫
א‬. ˜?
YIn
‫
و‬،\/ ‫א‬


K6/‫ 
و‬ZS
b^W
- & 
6‫و‬BO


‫
א
وאאא
אد‬W
‫אد
א و‬ 68

‫( ﺍﺳﺘﻌﻼﻡ ﺧﺎﺩﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ‬1-4) ‫ﺷﻜﻞ‬




77778
?‫_
?س‬/7777b
‫ ق‬7777"I‫<
א‬7777‫

?ن
א‬E2-4F
(7777‫
א‬M
7777
‫ض‬/7777]I

‫" ق‬I‫_
?س?
א` 
)<
א‬/b
yib‫
א‬J/‫אن
א‬I‫
و?ن
א‬،Exyzbank.comF

x7
‫ ق‬7"I‫<
א‬7‫^”

א‬W
 
Ir
،E88.33.22.11F
8
Exyzbank.comF

–
”^77‫ ز
א‬77Y

‫`م‬77
EInternet BrowserF
77 ‫(
א‬377‫
א‬y]77b
M
_/77b‫א‬

?‫_
?س‬/
7b
J/77‫אن
א‬77I‫
א‬774
‫م‬p77) 
y]77b‫
א‬q 77&
ًp77¯
–77‫א‬

‫ دم‬7“‫
א‬7‫ ن
ذ‬7 ‫ د_
و‬7#
‫{ذא‬7r

K- L "I‫
א‬. ˜?
‫
دم‬za
‫م‬p$‫
א‬0Œ
‫{= ل‬

(7777‫
و‬،=‫و‬B7777
J/77774
‫אن‬7777I
‫د‬g7777
m7777&{r
E3-4F
(7777‫
א‬M
7777
ً 7777Z

_/7b
%7#‫
א‬d7L‫
א‬7
­7ZIZ
F76B
d7L
za
g76
Jx‫
א‬E92.45.67.89F

m73
Jx7‫
א‬78
_/7b‫ ق
א‬7"&
<‫
ن

?ن
א‬،ً‫
?א‬i,‫
א‬m
/6

Jx‫
א‬،
?‫?س‬

7
‫אن‬7I‫
א‬M
074p‫
א‬7
` 7Z‫
א‬7‫
א‬M
7I6?=
7
N‫
و‬،mI
 Š‫
و‬mZ]I


Kyib‫אن
א‬I 

g3
S
za
ً Y 
m

vS
 ‫‪69‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫

‬
‫ﺷﻜﻞ )‪ (2-4‬ﺍﺳﺘﻌﻼﻡ ﺧﺎﺩﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ‬

‫

‬

‫

‬
‫ﺷﻜﻞ )‪ (3-4‬ﺍﺳﺘﻌﻼﻡ ﺧﺎﺩﻡ ﺃﲰﺎﺀ ﺍﻟﻨﻄﺎﻗﺎﺕ ﰲ ﺣﺎﻟﺔ ﺍﻟﺘﺴﻤﻴﻢ‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 70
(Hosts File Poisoning) ‫ ﺗﺴﻤﻴﻢ ﻣﻠﻒ ﺍﳋﻮﺍﺩﻡ ﺍﳌﻀﻴﻔﺔ‬:‫ ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﱐ‬2.4


H7?
-
7
7S
za-
%&‫('و‬$‫" د
א‬#$‫
א‬0 ?

H‫א
א‬x8
m36

<7Z
EhackersF
‫ن‬7/^‫م
א‬7`6
H7‫א
א‬x78
M
K
- 7L "I‫
א‬. 7˜?
‫<
دم‬ZO


Ki,‫ ز
א‬Y

M
‫
א
د‬Ehosts fileF
],‫
א“אدم
א‬F

m]7b
6/7‫
א‬7YI6‫ و‬I4‫
و‬- 7L "I‫
א‬. 7˜?
7

]7,‫אدم
א‬7“‫
א‬F7
š/6

ElocallyF

ً 7‰
m7
<(i‫]
(
א‬,‫
א“אدم
א‬F
‫
?ن‬$a
‫؛‬- L "I‫
א‬. ˜?
‫ دم‬


K‫^م‬Z‫ ز
א‬Y

3L


‫אن‬77I‫
א‬774
v77i3 
ً$‫م
?و‬77`6
77‫ ز
א‬77Y

‫{ن‬77r
، 77
d77L
077Œ
77I4

7
J/7‫אن
א‬7I‫
א‬74
‫
م‬p7$‫
א‬73L
‫אدم‬7“‫
א‬- 7]
M
‫ دم‬7“‫<
א‬7$
J/‫א‬


K- L "I‫
א‬. ˜?
‫ دم‬

‫ م‬7c&
M

]7,‫אدم

א‬7“‫
א‬F7
M
%ƒ‫א‬7$‫
א‬V7Z‫

א‬E4-4F
(7‫ض
א‬/6


.EMicrosoft WindowsF
‫وز‬I6‫
و‬wr‫و‬/(6 
‫א‬

7
š/7‫
א‬-pV7
‫{
ن‬7r
- 7L "I‫
א‬. 7˜?
‫<
دم‬ZO
H?
M
&/ ‫ 
ذ‬

za
6 i7,‫
א‬m7

/¹ ^‫
א‬3’Lœ

8gO
<6
6/‫
א‬YI6‫ و‬I4‫
و‬- L "I‫
א‬. ˜?

‫م‬7`6
vS
],‫
א“אدم
א‬F
<ZO
H?
M
ً ,6?
mZ]&
‫]؛
وא@ ل‬6B
dL‫א‬

77‫
وذ‬،i77,‫ ز
א‬77Y

M
]77,‫אدم

א‬77“‫
א‬F77
<77Z
m77Z]&
.%77 
‫ن‬77/^‫א‬


KF6B
dL
J/4
‫אن‬I

‫š
א<
&" ق‬/
6

V
dn

i7,‫
א‬m7
O
<
H/¹ ^‫
א‬3’Lœ

_ ,‫
א‬VZ‫

א‬E5-4F
(‫ض
א‬/6

m7&‫א‬I4
‫
?ن‬I7n'r‫
א‬Jx7‫
وא‬%7#‫
א‬d7L‫
א‬7

ً$7
E92.45.67.89F
F6B‫
א‬dL‫
א‬za


KE88.33.22.11F



 71

‫
א
وאאא
אد‬W
‫אد
א و‬

localhost 127.0.0.1

‫( ﻣﻠﻒ ﺍﳋﻮﺍﺩﻡ ﺍﳌﻀﻴﻔﺔ‬4-4) ‫ﺷﻜﻞ‬

xyzbank.com 92.45.67.89

‫( ﻣﻠﻒ ﺍﳋﻮﺍﺩﻡ ﺍﳌﻀﻴﻔﺔ ﺑﻌﺪ ﺍﻟﻌﺒﺚ ﺑﻪ‬5-4) ‫ﺷﻜﻞ‬

Content ) ‫ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﺑﻮﺍﺳﻄﺔ ﺣﻘﻦ ﺍﶈﺘﻮﻯ‬:‫ ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﻟﺚ‬3.4

(Injection

Emalicious contentF
v73
\7‰
r 7n{
‫ دون‬7b‫م
א‬7`6
H‫א
א‬x8
M




v773“‫\
א‬77o‫א
א‬x778
‫م‬77`6
‫
?ن‬77(

KElegitimate siteF
yi77#
d77L
M77I`S
‫?و‬

W%  


K\/ ?
dL‫
א‬za
yib‫
א‬dL‫
א‬/ƒ‫
زא‬m
O
+‫ د‬4a
J


KdL‫
א‬/ƒ‫ ز
زא‬Y

M
EmalwareF
3
q‫א‬/
0 /O
J


K%&‫('و‬$‫" د
א‬#$‫
دم
א‬za
dL‫
א‬M
 ‫
א‬- & 3‫
א‬m
O
+‫ د‬4a
J


W\o‫`
א‬S
"‫" د
א‬#p
 ?
‫
?&אع‬hph
E I8

EhackersF
‫ن‬7/
¹ ^‫م
א‬7`r
،7 ‫(
א‬37‫ دم
א‬7
M
I?
+/h
‫ل‬p‫

א‬J


KEmalicious contentF
v3
\i™
Elegitimate contentF
%#‫\
א‬o‫אل
א‬3 

EhackersF
/
¹ 7^
y7ZO

7 ‫(
א‬37‫
دم
א‬M
I?
+/h
‫ل‬p‫

א‬J
Cross-Site Script – F
77
+/7‫
א‬fx78
_/7O
K
‫אدم‬7“‫
א‬fx78
M
73
k/
‫`
? אد‬S

73’L
œ
7
_ 7,
\7‰
7
q}7I6’
EProgramming FlawF
%7k/
7
%78‫
و‬،EXSS


‫
א
وאאא
אد‬W
‫אد
א و‬ 72

<7`O
‫
?و‬،EblogsF
- &‫و‬7‫
א‬M
=‫وא‬B7‫
א‬- 7`O
،‫ ل‬7‫
א‬3
U4

K%
=
=b

‫
?و‬،Ediscussion boardsF

‫ ش‬7`I‫
א‬- `S
M
 =
‫
?و‬،Euser reviewF

qI
=‫وא‬B‫א‬

U74
7‫
א‬%7&‫
א)('و‬76‫
א‬M
+‫
?و
= 
وא=د‬،vi3‫
א‬- /‰
M
v³
- 



KEweb-based emailF
 ‫(
א‬3‫א‬

7L
` 7Z‫
א‬7‫
א‬M
7
7
=
=‫ د‬7b
3L

_ ,‫\
א‬o‫א
א‬x8


73L

‫وض‬/]
8

Y]bO
<6
 
3
k/
‫(
? אد‬W
U4
\‰
‫(ن‬6


m7I4
q7I6
7¯
،
=‫وא‬B7‫
א‬73L

- r na
3`O
t‫
א‬dL‫
אא‬fx8

],Z‫א“אدم
א‬



KdL‫
א‬i]#
‫ض‬/4
I4
6 i,‫
א‬y]b
U4
3“‫
א אد
א‬fx8
4

1 ECNET News.comF
= 73 ?
M
‫ و=د‬7
‫ع‬7I‫א
א‬x78
U74
L‫
א
אא‬

<YL77
M
77I?
+/77h
yi77bO
774
‫ن‬p4) 77
gY77‫
א‬2?PayPal?
d77L
‫ م‬77L
77I4

+‫ د‬74a
za
J‫د‬76
<YL7
M
v73
dL
`S
‹‫
و‬، ‫(
א‬3‫
א‬U4
%&‫א)('و‬


KF6B
dL
za
& ƒ$‫
א‬L "3‫
א‬- & 
‫د ل‬a
i]#
0Œ
I4
i,‫
א‬m
O


78
\7o‫
א‬7`S
"7‫
א‬%
7&‫('و‬$‫" د
א‬7#$‫אع
א‬7&?
7
v7 ‫ع
א‬I‫
א‬J

773 /‫م
א‬p77$‫
א‬7
776/Œ
74
77`@‫
א‬+/77h
U7ZO
d77L‫
א‬M
7I?
+/77h
‫ل‬p7‫א‬

- 77& 3‫
א‬+774 L
M
/77?
x77]IO
<776
77`6/"‫
א‬fx778
M
KESQL injection vulnerabilityF

+74 L
M
06/7ZO
mI4
qI6
L‫
و‬،dL
F,Z‫
א“ دم
א‬M
Edatabase commandF

K- & 3‫א‬

73“‫
א‬7k‫`
א אد
א‬S

Y
3 /‫م
א‬p$‫

א‬6/Œ
4
`@‫א‬

73L
7
‫وض‬/7]
78
7
Y]7bO
‫ ل‬78)
7V&
78
Ecross-site script – XSSF

(1) “PayPal fixes phishing hole”, by Joris Evers, Staff Writer, CNET News.com, Published:
June 16, 2006 4:12 PM PDT, (http://www.news.com/PayPal-fixes-phishing-hole/2100-
7349_3-6084974.html).
K ‫(
א‬3‫
א‬U4
ƒBV 
d
dL (2)
73

‫
א
وאאא
אد‬W
‫אد
א و‬

K- r na
3`O
t‫
א‬dL‫
אא‬fx8

],Z‫א“אدم
א‬

74
7`@‫"
א‬7‫

א‬%7&‫('و‬$‫" د
א‬7#$‫
א‬H7
L‫
אא‬1 ‫
א‬S?

 /7W
d7L
µ7S 
78
ESQL injection vulnerabilityF
3 /‫م
א‬p$‫

א‬6/Œ

B
77S
%77"l
d77L‫
زوא=
א‬77S?
‫" ع‬77‫
א‬77I4
Eknorr.comF
?=77I ?
77 ‫
א‬776x‫א‬

d77L‫
א‬M
77I?
+/77h
‫ل‬p77‫
א‬776/Œ
774
Elogin authenticationF
‫ل‬ 77‫
א‬677bO

7I‫
א‬+/7‫ل
א‬p7‫ ن
א‬7
Π7Z3
K
73 /‫م
א‬p7$‫
 @`
א"

א‬wi˜

<7
'O
73 /‫م
א‬p7$‫
א‬7
M
7Œ`I‫
א‬7# ]‫
وא‬،?;?
Œ`I
# r
r n{
fx8

y7n‫ض
א‬/7
š`r
‫د‬b`
Yr
،x]I‫
א‬M
m
8?
$
O
8
%OŠ6 
‫
?ن‬za
true logical F
ii77#
77`"I
+= 7734
EHackerF
‫'ق‬77^‫
א‬d77,6
‫
?ن‬%77](6‫
و‬K/77 ?
$

‫م‬p77777777777
$‫
א‬777V&
‫ن‬777(
‫م‬p777$‫
א‬M
777Œ`I‫
א‬777# ]‫
א‬7773L


Eexpression

7
7
7`S
M
Eor ‘x’=‘x’F
7`"I‫
א‬+= 3‫
א‬dn‫
א ل
و‬3777777777
U4
،ii#


K6b‫
א‬B
S
%"^
 @‫
א‬O
M
]
=‫و‬/‫^م
و 
א‬Z‫א<
א‬



Man-in-the-Middle ) ‫ ﻫﺠﻤﺔ ﺍﻟﺮﺟـﻞ ﰲ ﺍﻟﻮﺳـﻂ‬:‫ ﺍﻷﺳﻠﻮﺏ ﺍﻟﺮﺍﺑﻊ‬4.4
(Attack – MITM

r/7"‫
א‬7
7
7b^W
‫ ل‬7i&‫ 
وא‬7 

‫ د‬7b‫م
א‬7`6
H‫א
א‬x8
M

M
77
،
d7L‫^œ
م
وא‬7Z
— ‫
א‬7
7 ‫(
א‬37‫
א‬U74

/7W 3‫ ل
א‬7bO$‫
א‬74
‫ل‬p7

+/7W 3
‫ دم‬7“‫
وא‬7‫
א‬7
7‫<
א'א‬76
‫

?ن‬%78
ii7b‫
א‬7 @‫
א‬KE6-4F
(‫א‬


K
E7
J4F
(‫
א‬M

،r/"‫
א‬p(
‫ل‬Yk
š‫
و‬J?
‫ون‬

(1) “Knorr.de SQL Injection and XSS Vulnerabilities”, Sebastian Bauer, 01/12/07,
(http://blog.gjl-network.net/blog/index.php?/archives/78-Knorr.de-SQL-Injection-and-
XSS-Vulnerabilities.html)
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪74‬‬
‫‪
<776‬א‪
773L
77
 77‬א‪ 77b‬د
‪
. 77&a
776/Œ
774‬א‪ 77bO‬ل
‪
77
77(
77b]I‬‬
‫א —‪œ^77Z‬م
وא‪
d77L‬א‪/77‬אد
א‪ 77bO$‬ل
‪
،m77‬و
‪77(6‬ن
א‪ 77b‬د
‪
M‬א‪
77
F77bI‬א‪^77Z‬م
‬
‫وא‪ b
y6

،dL‬د
א`‪ 3‬ل
א‪
- & 3‬א‪ b‬د=‪

+‬א‪^Z‬م
‪
za‬א‪
74
M
d7L‬‬
‫א‪ bO$‬ل
א‪
،EInstant MessagingF
/W 3‬و
‪
<7h‬א‪
،
7Y
074p‬و‪
74a‬د‪
+/7
C 7=a
+‬‬
‫? ‪
za
\/‬א‪
dL‬א‪

Jx‬زאل
‪?
c6‬ن
א‪
- & 3‬אא=د‪ L
ma
+‬د

א‪^Z‬م‪

K‬و 
‬
‫‪
 S
M‬א)= ل
‪
 S
M
x‬א‪/‬د
‪{r‬ن
א‪ b‬د
?‪`6
ً ,6‬م
 `‪
C 3‬و
‪ 74a
<7h‬د‪
+‬‬
‫‪
za
C =a‬א‪^Z‬م

‪
M‬א(
‪

KE8-4F‬‬
‫‪x8
M‬א
א‪?
/Yc6
H‬ن
א‪ bO$‬ل
‪
$?
r/7Œ
7
<6‬و‪ 7Y

78‬ز
א‪^7Z‬م
‬
‫‪?F‬و
א‪
،E‬و
‪ Y‬ز
א‪?F
dL‬و
א“ دم‪
M
<8
(

KE‬א@``
‪'6‬א‪7‬ن
א‪
74
- 7& 3‬‬
‫
‪ Y‬ز
† ‪
/‬وš
‪?
7
_/6‬א‪
M

/‬אš?
‪

KEMan-in-the-MiddleF‬‬
‫

‬

‫

‬
‫ﺷﻜﻞ)‪ (6-4‬ﺍﻟﺘﺮﺍﺳﻞ ﰲ ﻭﺟﻮﺩ "ﺍﻟﺮﺟﻞ ﰲ ﺍﻟﻮﺳﻂ"‬
‫

‬

‫

‬
‫ﺷﻜﻞ )‪ (7-4‬ﺍﻟﺘﺮﺍﺳﻞ ﺍﳌﻔﺘﺮﺽ ﺑﲔ ﺍﳌﺴﺘﺨﺪﻡ ﻭﺍﳌﻮﻗﻊ‬
 75

‫
א
وאאא
אد‬W
‫אد
א و‬

‫( ﺍﻟﺘﺮﺍﺳﻞ ﰲ ﺣﺎﻟﺔ ﻭﺟﻮﺩ ﺍﻟﺮﺟﻞ ﰲ ﺍﻟﻮﺳﻂ‬8-4) ‫ﺷﻜﻞ‬




‫^œ
م‬7Z
— ‫
א‬7
7‫
א'א‬4
‫ل‬p

š‫
א‬M

/‫
א‬V8
 r
‫(ن‬O
L



K‫
א'א‬4

‫
?و‬،dL‫وא‬

?š
7I‫م
א‬7V8?

77
7
U7ZO‫
و‬،7‫
א'א‬74
‫ل‬p7
7VC‫
א‬74 r
‫(ن‬O

‫^œم‬77Z
— ‫
א‬77
- 77& 3‫
א‬r77O
‫ل‬p77 EcontentF
\77o‫
א‬g77

،EActive AttackF

76i‫ض
א‬/7
m74‫_
و‬/7b
7
7‫
א'א‬7 S
M
‫ ل‬7‫
א‬37
Ur
،dL‫وא‬

H 7Z@‫<
א‬7L=
EHackerF

‫'ق‬7^‫ د
א‬7b‫
א‬/
7¹6
}
7L
E9-4F
(W
-  Z@‫

א‬% ‫א‬

Jx7‫
א‬H 7Z@‫
א‬7

ً$7
E4444
<7L=
H 7Z@‫
א‬za
pF
،ma
‫
אאل‬6ž
‫אد‬/—‫א‬


‫ل‬73`
–

š7‫
א‬M
7
/‫
א‬d7
7‫'א‬6
\x7‫_
–
א‬/7b‫م
א‬7`r
،
7‫
א‬d
f‫د‬S


K‫ د‬b‫
א‬f‫د‬S
Jx‫
א‬H Z@‫
א‬za
% ‫
א‬6i‫
א‬x]I6‫
و‬0"‫א‬

‫م‬7VC‫
?
?و
?א‬7Sp‫م
א‬V8?
7 7
UZO‫
و‬،‫
א'א‬4

4 ]‫(ن
א‬O

<7{
،
6/7Z‫
א‬- 7& 3‫ ط
א‬7`‫
א‬7
‫ د‬7b‫
א‬7(…
7

،EPassive AttackF
?
¾7Z‫א‬

،d7L‫
א‬za
‫^œ
م‬7Z
— ‫
א‬73L

C =a
‫ ل‬S
M

%b^‫
א‬F6/‫
א‬B=‫
و‬،‫^œم‬Z— ‫א‬


K‫^œم‬Z— ‫
א‬b^W
‫ ل‬i&‫
א‬M
ً `S$
Y‫وא^א‬



 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪76‬‬

‫

‬
‫ﺷﻜﻞ )‪ (9-4‬ﺗﻐﻴﲑ ﺭﻗﻢ ﺍﳊﺴﺎﺏ ﺍﶈﻮﻝ ﺇﻟﻴﻪ ﻣﻦ ﻗ‪‬ﺒ‪‬ﻞ ﺍﻟﺮﺟﻞ ﰲ ﺍﻟﻮﺳﻂ‪.‬‬
‫

‬
‫‪
\77Sa‬א"‪/77‬ق
"‪
77V8?
773‬א‪
M
77
/‬א‪ 77
<77ZO
%778
?š77‬دم
?˜‪
. 77‬‬
‫א‪
6/Œ
4
EDNS PoisoningF
- L "I‬א‪
g7
-pVZ 
04p‬א‪ 7I‬و‪
6‬א‪
6/7‬‬
‫ ‪
za
gO
%‬א‪
U74
ً$ 7
K
7]6B
d7L‬ذ‪
07Œ

7‬א‪p7$‬م
‪
74‬א‪7I‬אن
א‪
J/7‬‬
‫‪?
_/b‬س?
‪{r‬ذא
ن
دم
א‪p$‬م
‪
،ً Z‬و‹
א‪
VZ 
04p‬א‪
7Ÿ
Jx‬‬
‫
‪ 7
d‬دم
?˜‪
. 7‬א
‪
- 7L "I‬א‪7I‬אن
‬
‫א‪I‬אن
א‪
x
J/‬א‪?

ً$3r
،_/b‬ن
}‪œ /6‬‬
‫
‪I4
d‬א&‪
g76

ً 7]Ž

ً 6/74

ً 7‬‬
‫א‪
J/‬א‪ "&
<$
yib‬ق

א‪?
_/b‬س?
‪œ /}
m&{r‬‬
‫‪B
dL
za‬و=
‪
4‬א‪
dL‬א‪?
_/b
%#‬س?‪


K‬‬
‫‪x8
d`6‬א
א‪
dL‬א‪
+/"7
wž
F6B‬א‪ 7b‬د

… ‪B76
7Ir

Kً
7‬ود
‪
74‬א‪
_/7b‬‬
‫‪F‬א‪
dL
Ei,‬א‪
< 
F6B‬א‪^Z‬م‪
،‬و=‪

B7‬א‪
F76/‬א^‪

%7b‬وذ‪ 7
7‬ل
‬
‫‪
(776
،m 77ZS
za‬א‪ 77b‬د
‪
fx778
77r/
77‬א‪
- 77& 3‬א‪
،6/77Z‬و‪77`6
<77h
77‬م
א‪ 77b‬د
‬
‫ ^ Œ‪
d
0‬א‪
dL‬א‪?
_/b
%#‬س?
‪
b^W
x
ًpiI‬א
א‪

Ki,‬‬
‫

‬
‫‪ 5.4‬ﺍﻷﺳﻠﻮﺏ ﺍﳋﺎﻣﺲ‪ :‬ﺗﺸﻮﻳﺶ ﺍﻟﻌﻨﻮﺍﻥ )‪(Address Obfuscation‬‬
‫‪`6‬م
א‪ b‬دون
‪x8
M‬א
א‪
، 
dL
F6B
H‬وو‪
w7ž
m7n‬א‪ 7"&
<7‬ق
‬
‫‪
m36‬א<
&" ق
א‪
dL‬א‪

KU#‬‬
‫‪
6‬א‪ b‬دون
‪x8
M‬א
א‪?
za
H‬ن
‪(6‬ن
א<
&" ق
א‪
d7L‬א‪
ً
736/L
F76B‬‬
77

‫
א
وאאא
אد‬W
‫אد
א و‬

Kz‫
אو‬8‫

א‬mr  ‫
א‬i,‫
א‬U4
0b6
%
yib‫" ق
א‬I‫
א<
א‬

%S776
U77Z™
‫ن‬77(6
‫
?ن‬778
F776B‫
א‬d77L‫ ق
א‬77"&
<77$
/77 †
= 77 ‫
א‬E 77I8‫و‬


KdL‫
א‬4/
ً 4 3"&‫
א‬%"6‫و‬

‫ ل‬7
78
%7#‫
א‬d7L‫ ق
א‬7"&
< 
m3W
F6B
dL
‫
א<
&" ق‬U4
ً$ 

‫ ق‬77"I‫<
א‬77$
ً "77Z
ً‫אدא‬77‫ د
א‬77b‫ _
א‬77n?
77L‫
و‬،f/77 ‫ 
ذ‬77Z‫?
א‬H 77?
_/77b

،Esabb.comF
%7#‫
א‬d7L
‫ ق‬7"&
<$
m ‫
א‬،Esabb.net.msF
y3b
yib‫א‬

 7"
<7#
=‫و‬B7‫
א‬d7L‫ ً

?ن
א‬7,6?
\/7&‫

و‬KE11-4F
،
E10-4F
(‫
א‬M



K‫ س‬ZS)‫
وא‬/cI‫
وא‬،= ‫
وא‬،šI‫
א‬vS

%#‫
א‬dL‫א‬

(77‫
א‬M
y77n‫
وא‬،f/77 ‫ 
ذ‬77Z‫
א‬،? 3 77?
_/77b
‫ ل‬77
M
77
77,6?‫و‬

%S776
F776B‫
א‬d77L
ً 7 ˜‫
א‬77h‫
א@ د‬77O
M
‫ د‬77b‫ =
א‬77 ‫
א‬،E13-4F‫
و‬E12-4F

M
/7 ‫
ذ‬7L
m&?
¼
KEsambaonlineaccess.comF
8‫
و‬$?
dL‫
א‬4/
ً 4 3"&‫
א‬%"6‫و‬

%S6 77¯
/77W 3‫ ل
א‬77bO$‫„
א‬77O‫
و‬،
EonlineaccessF
77 ‫
و‬،_/77b‫ ق
א‬77"I‫<
א‬77‫א‬

778
? 3 77?
_/77b
yi77b‫ ق
א‬77"I‫<
א‬77‫
א‬77I
،d77L‫
א‬4/77
ً 7 4 3"&‫
א‬%77"6‫و‬


7
%7#‫
א‬d7L‫ 
א‬7"
<7#
=‫و‬B7‫
א‬d7L‫
?ن
א‬,6?
\/&‫
و‬KEsambaonline.comF

K‫ س‬ZS)‫
وא‬/cI‫
وא‬،= ‫
وא‬،šI‫
א‬vS
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪78‬‬

‫

‬
‫ﺷﻜﻞ )‪ (10-4‬ﺍﳌﻮﻗﻊ ﺍﳌﺰﻳﻒ ﳌﺼﺮﻑ "ﺳﺎﺏ"‬

‫

‬
‫ﺷﻜﻞ)‪ (11-4‬ﺍﳌﻮﻗﻊ ﺍﻷﺻﻠﻲ ﳌﺼﺮﻑ "ﺳﺎﺏ"‬
 ‫‪79‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫

‬
‫ﺷﻜﻞ)‪ (12-4‬ﺍﳌﻮﻗﻊ ﺍﳌﺰﻳﻒ ﳌﺼﺮﻑ "ﺳﺎﻣﺒﺎ"‬

‫

‬
‫ﺷﻜﻞ )‪ (13-4‬ﺍﳌﻮﻗﻊ ﺍﻷﺻﻠﻲ ﳌﺼﺮﻑ "ﺳﺎﻣﺒﺎ"‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 80
‫ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳـﻖ ﺍﻟـﱪﺍﻣﺞ ﺍﳋﺒﻴﺜـﺔ‬:‫ ﺍﻷﺳﻠﻮﺏ ﺍﻟﺴﺎﺩﺱ‬6.4
(Malware Attack)

‫ل‬p77
77
H77‫א
א‬x778
M
Ei77,‫א‬F
‫^م‬77Z‫
א‬- 774
d77§
y377bO

q‫א‬77‫
א‬za
‫د‬776
F77(‫א
א‬x778
0377
K
6‫ د‬77b
r77(
77 ‫(
א‬377‫
א‬y]77b


K‫^م‬Z‫ ز
א‬Y

M
4‫=و‬B‫
א‬EmalwareF
3“‫א‬

‫ل‬p7
7
+x]I‫
א‬- ‫
א‬d§
3L‫א‬/™
‫ د‬b
3“‫
א‬q‫
אא‬fx8
yZO

‫ ل‬7bO‫
א‬7I4
‫ ل‬7‫
א‬37
U7r
K(
i7,‫^م
)א‬7Z‫
א‬73L

 ‫(
א‬3‫
א‬y]b

،
‫^م‬7Z‫<
א‬7
$
‫^م‬7Z‫
א‬76‫و‬BO
7I4‫
و‬، 7
_/7b
%&‫
א)('و‬dL 
‫^م‬Z‫א‬

fx78
7
‫د‬7
‫
و‬7 S
%7]r
،M/b‫
א‬m ZS
U4
‫
 ل‬%b^‫
א‬F6/‫
א‬B=‫و‬

‫ د‬7b‫
א‬za
C 7=a‫
و‬،
6/7Z‫
א‬- 7& 3‫
א‬fx78
‫ ط‬7`a
<7Zr
i,‫ ز
א‬Y

M
q‫אא‬

_/7b
%&‫
א)('و‬dL‫
א‬d
 ‫
א‬M
‫^م‬Z‫
א‬b^W
f=‫
و‬iI


Jx‫א‬


K%``@‫
א
א‬m&?
U4
‫ د‬b‫
א‬d

 
Jx‫א‬

77S
-‫א‬/77`&
V77Z
077 /O
%778
H77‫א
א‬x77C
+=Y77‫ق
א‬/77"‫\
א‬77Sa

V77Z
‫م‬77`6
m77˜‫
א‬77
Jx77‫
وא‬،i77,‫ ز
א‬77Y

M
EKeystroke LoggerF
yO 77]‫א‬

f=‫و‬7

‫م‬7`6
Jx‫
وא‬،‫ د‬b‫
א‬za
C ={
‫`م‬6
<h
‫
و‬،yO `‫
א‬S
U4
-‫א‬/`I‫א‬

Ki,‫
א‬b^W
‫ ل‬i&$
- & 3‫ص
א‬p^‫
وא‬، Yi



‫ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳﻖ ﳏﺮﻛـﺎﺕ ﺍﻟﺒﺤـﺚ‬:‫ ﺍﻷﺳﻠﻮﺏ ﺍﻟﺴﺎﺑﻊ‬7.4
(Search Engine Phishing)

7ƒBV 
d73
7&‫('و‬a
d7L‫
א‬. 7&a
%78‫
و‬،
‫" د‬7#p
\/ ?
`6/Œ

O


‫אع‬77
778
d77L‫
אא‬fx778
77
‫ض‬/77‫
א‬K778‫
و‬- 77VI
77 ‫(
א‬377‫
א‬U774
ERetailF
81

‫
א
وאאא
אد‬W
‫אد
א و‬

K.‫א‬/
 ‫(
א‬3‫
א‬U4
I
- VI
4
S 3‫א‬

<6‫
و‬، ‫(
א‬3‫
א‬U4
vi3‫
א‬- /‰
M
/Y]
dL‫
אא‬fx8
‫د ل‬a
<6

S 3‫
א‬HxX
‫ق‬Z
Zr I
= Š‫
و‬،]Ž
- VI™
ً ,6?
dL‫
אא‬fx8


P3O


K- VI‫
א‬fx8

4

t7‫
א‬v7i3‫
א‬- 7 /‰
S?
6/Œ
4

qI
4

”^W
vi36
I4

d7L‫
א‬7‫{ن
ذ‬7r
،
%7&‫('و‬$‫" د
א‬7#$‫
א‬Y7n/
7ƒBV 
d
dL‫
א‬/Yr
Yr
‹


KH"‫
א‬qI‫
א‬fI4

6
‫ذא
ن‬a

-vi3
V& -

Z‫ض
א‬/

74
‫ م‬7…
a
‫ض‬/7
m7&{r
7
qI
.‫א‬/
dL‫
אא‬fx8
^Z‫
א‬+= 6‫
ز‬I4

M
H 7ZS
. 7&)
7a
7‫
وذ‬،6/
- & 3
%&‫('و‬a
‫
´ذج‬P3O
mI
0"6
.‫א‬/‫א‬

m7O & 
mƒ 7r{
d7L‫

א‬x7
i7n
J'7‫
א‬d7`r
،% 7‫
א‬6i
‫
?و‬،dL‫ذ
א‬


Kmb^W
‫ ل‬i&‫
א‬M
ً `S$
‫^م‬ZO
L
t‫
א‬6/Z‫א‬



The ) ‫ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻋﻦ ﻃﺮﻳﻖ ﺍﻟﻨﻮﺍﻓـﺬ ﺍﳌﻨﺒﺜﻘـﺔ‬:‫ ﺍﻷﺳﻠﻮﺏ ﺍﻟﺜﺎﻣﻦ‬8.4
(Popup Attack

x7r‫א‬I‫
א‬d7&‫אً

د
א‬/c&
،µ‫
א@و‬+=‫ د‬I‫
א‬0 ‫

א‬H‫א
א‬x8
6

‫א‬x7‫
و‬،7 ‫(
א‬37‫
א‬- i]7b
<7c
M
% ?
(
EPopup BlockerF
`3I‫א‬

‫ ن‬7
H7‫א
א‬x78
‫
?ن‬$a
K
+g7 ‫
א‬7&‫
א‡و‬M
H‫א
א‬x8
‘ ¼
-$
w©L
`r


K- i]b‫
א‬M
d&‫
אא‬fx8

‫
و
د‬3L
، 
S
za
،ً$ r

+x77r &
%778
،E14-4F
(77‫
א‬M
77
،
H77‫א
א‬x77C
776`‫
א‬77`6/"‫א‬

+x7r I‫
א‬fx78
M‫

و‬K
_/7b

d7L
،yi7#
d7L
+7(
+x7r &
‫ م‬7?
73IO
+/b

،‫^œ
م‬7Z
— ‫<
א‬7

6/7
- 7& 3
m7P3O
،‫^œ
م‬7Z
— ‫
א‬7
07"6
‫ذج‬7´
7
6
`3I‫א‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪82‬‬
‫و 
א‪/‬و=‪
،‬وذ
‪

`i‬א‪I‬אن
א‪?
،J6‬و
‪
g‬ذ
‪
7‬א‪

7¯
،
H 37‬‬
‫}‪^Z
ً `"I
ً 33
%"6‬م
‪
P3‬א‪I‬ذج‪


K‬‬
‫א‪
_C‬א@``‪

%‬א‪
+xr I‬א(‪
F
+‬א‪
+xr I‬א‪
. 7"4
a
78
7`3I‬א —
‪
œ^7Z‬م‪
،‬‬
‫?و
‪
774‬א‪
_/77b‬א‪=77W
i77,‬אً
‪
4/77‬א"‪
،077‬وذ‪ 77S
M
77‬ل
‪ 77#‬د_
&‪
m77‬‬
‫‪
x
ًp4‬א‪

K_/b‬‬

‫ﺷﻜﻞ )‪ (14-4‬ﺍﻟﻨﺎﻓﺬﺓ ﺍﳌﻨﺒﺜﻘﺔ‬

83

‫
א
وאאא
אد‬W
‫אد
א و‬

(Fake Address Bar) ‫ ﺷﺮﻳﻂ ﺍﻟﻌﻨﻮﺍﻥ ﺍﳌﺰﻳﻒ‬:‫ﺍﻷﺳﻠﻮﺏ ﺍﻟﺘﺎﺳﻊ‬ 9.4

m7p
7
<6‫
و‬،%&‫('و‬$‫" د
א‬#$‫
א‬0 ?
/" ?

H‫א
א‬x8
’ 6}

(377‫
א‬y]77b
+x7r &
77
U774‫
א‬.B7X‫
א‬M
‫אن‬77I‫š
א‬6/77

F76B
š6/77W
‫אل‬37‫א‬

7&‫('و‬a
i]7#
‫ض‬/74
7
‫ د‬7b‫
א‬H7‫א

א‬x78
7(
K
Eweb browserF
7 ‫א‬

Kii#
Y&?
U4
i]b‫
א‬/ƒ‫א‬B
‫و‬3O
I
، ( 
]6B

Java F
?w/(
r
?

]Ž
- I`O
‫
{^אم‬H7777‫א
א‬x8
x]IO
<6

KEJava AppletF
?w?
r

?
‫
و‬،EScript

7
+‫د‬7‰
-‫אدא‬74{

،7 ‫(
א‬37‫
א‬y]7b
M
‫אن‬I‫š
א‬6/W
. ] a
(

‫א‬x77C
?
w/(77
77r
?
‫ز‬77=
r 77n{
77‫<
ذ‬776‫
و‬،%77&‫
א)('و‬d77L‫
א‬i]77#
773L

/7bI‫
א‬76ž‫
و‬،?window.open?
EfunctionF
7]•‫^אم
א‬7‫אً

א‬76ž‫
و‬،‫ض‬/7‫א‬


K?no?
` 
?location?

76/Œ
74
،-
‫ ل‬7‫
א‬37
U74-


‫^م‬7Z‫
א‬76ž
I4
H‫א
א‬x8
3"6

y]7b‫
&ع
א‬U4
dL‫_
א‬/6‫
و‬،F6B‫
א‬dL‫
א‬za
-
%&‫('و‬a
6/
 =
M
š‫=א‬

y]7b‫
א‬M
%7``@‫אن
א‬7I‫š

א‬6/7W
. 7] a
<h
‫
و‬،+/W 3
/ƒ‫א‬B‫
א‬3’Lœ

‫^’م‬Z— ‫א‬

7r
?
7
7]Ž
- 7I`O
-
7&/ ‫
ذ‬7 -
‫^אم‬7 
‫
وذ‬،m
F6B
/ †
‫אل‬3‫وא‬

+=7#
d7n‫
(
و‬US
‫
?و‬،EJava AppletF
?w?
r
?
‫
?و‬EJava ScriptF
?w/(


K‫אن‬I‫š
א‬6/W
‫

د‬/ƒ‫א‬B‫
“אع
א‬EimageF

M
0
7 ~ =
»}
+=7#
7P8
U74
F76B
‫אن‬7I4

š6/7W
E15
J4F
(7‫
א‬yn6

EInternet ExplorerF
1 ?==3Z a
w&'&a?
 ‫(
א‬3‫
א‬y]b

i]b‫
א‬U4?

F77Ž
d77L
za
Ewww.nike.com/main.htmlF
‫אن‬77I‫
א‬g776‫
و‬،77``S
77Y&Š
‫و‬773

1 http://www.microsoft.com/ie


‫
א
وאאא
אد‬W
‫אد
א و‬ 84
www.contentverification.com/graphic-F
77777777777777n‫و‬/‫
א‬i]77777777777777b‫
א‬777777777777774

KEattacks/demo/adbarframeset.html

/7 †
y]7b
‫^אم‬7

7(‫
و‬،mZ]&
 Z‫
א ل
א‬E16-4F
(‫ض
א‬/6

774
F77(IO
v77S
،9.23
<77L=
^77ZI‫
א‬،EOperaF
1 ?‫א‬/77‫
??و‬77 ‫(
א‬377

‫אن‬77I‫ض
א‬/774
%778‫
و‬،
‫א‬/77‫
?و‬y]77b‫
א‬M
+‫د‬77
‫
א‬77# “‫
א‬0377Z
‫אن‬77I‫
א‬F776BO

M

ً 7,6?‫
و‬K
7n‫و‬/‫
א‬i]7b‫
א‬73L
7
‫אن‬I‫š
א‬6/W
. ] a
‫ ل‬S
M
dL
%``@‫א‬

‫אن‬77I‫š
א‬6/77W
‫\
?ن‬/77&‫
و‬،F776B‫אن
א‬77I‫š
א‬6/77W
”ƒ 77b
‫ض‬/774
m77Z]&
(77‫א‬



KEgifF
‫אد‬$ 
EimageF
+=#
8
F6B‫א‬

‫( ﺷﺮﻳﻂ ﻋﻨﻮﺍﻥ ﻣﺰﻳﻒ ﻋﻠﻰ ﻫﻴﺌﺔ ﺻﻮﺭﺓ‬15-4) ‫ﺷﻜﻞ‬

(1) opera.com.
 85

‫
א
وאאא
אد‬W
‫אد
א و‬

"‫( ﺷﺮﻳﻂ ﺍﻟﻌﻨﻮﺍﻥ ﺍﳌﺰﻳﻒ ﰲ ﺍﳌﺘﺼﻔﺢ "ﺃﻭﺑﺮﺍ‬16-4) ‫ﺷﻜﻞ‬




t7?
_/7b
1
µ7S 
8
F6B‫אن
א‬I‫š
א‬6/W
H?
U4
/ †
‫ ل‬

777iI
777&‫('و‬a
7776/
 777=
w777=?
777I4
،%777(6/‫
א‬ECitibankF
2 ?777I

777778
77777œ/— ‫אن
א‬77777I4
‫ ن‬77777 ‫
و‬،E17-4F
(77777‫
א‬M
77777
_/77777b‫
א‬77777b^W

‫
و‬،?
7I
t7
d7
%&‫
א)('و‬E6/

`ž?
W‫אن‬I‫

وא‬support@citibank.com

(1) http://www.antiphishing.org/phishing_archive/Citibank_3-31-04.htm
(2) www.citibank.com


‫
א
وאאא
אد‬W
‫אد
א و‬ 86

6‫א
א‬x8
0"6
K?I
t?
W_/b
.p4
<8
6‫א
א‬x8
3L

rYZ‫
א‬P]‫א‬

‫אن‬7I4

777`i‫
א‬4
‫ 
)  ل‬/ 
‫אš
א
د‬/‫
א‬U4
š,‫
א‬mœ3œ`Z}


_‫א‬/7b‫
א‬7L "
<7L=
mI
0"6
‫
´ذج‬/ƒ‫א‬B
/Yc6
š‫א‬/‫
א‬d3O
I4
K%&‫
א)('و‬f6/
PIN – Personal F
%77b^‫
א‬F776/‫
א‬B77=‫
و‬EATM/Debit card numberF
%77‡‫א‬

fx78
7`i‫
א‬74
7
‫ض‬/7‫ 
?ن
א‬7/‫
א‬O
w4‫
وאد‬،EIdentification Number

7
7$
7‫
ذ‬7
?
7
m7&?‫
و‬،
766‫<
א‬YI6‫ و‬7I
‫א‬7b6
 
.p7‫–
א‬7
‫
?ن‬8
K?I
t?
_/b
F6B‫
א‬dL
+=#
‫ض‬/6
E18-4F
(‫
א‬،>>`i‫א‬

N77(6$
%77&‫
א)('و‬776‫ 
א‬77=
M
77
œ /— ‫אن
א‬77I4
‫ن‬a

ً ` 77
77&/ ‫
ذ‬77

7`³

074p‫
א‬7(
v7S
، Z‫ 
א ل
א‬S
M

،œ/— ‫
א‬b^W
+=‫و‬/, 


Kmr
L
J?
dn‫
وو‬،EFromF
œ/— ‫א‬


K?I
t?
_/b
yib‫
א‬dL‫
א‬+=#
E19-4F
(‫ض
א‬/6

07"‫
א‬4/7W
U74
‫ل‬76

f/8 7•
š7‫
=א‬U74
 Z‫
א ل
א‬M
 /‫
א‬-S‫א‬

777Yƒ‫א‬S$ Ehttps://web.da-us.citibank.com/signin/citifi/scripts/E-Mail_verify.jspF

d7L‫
א‬za
g7O
7``@‫
א‬M
7YI(
،_/7b‫
א<
א‬%8‫?
و‬citibank?
(‫
א‬U4
š‫א‬/‫א‬

7777
‫ن
?ن‬7777
،Ehttp://69.56.202.82/~citisecu/scripts/E-Mail_verify.htmF
F77776B‫א‬

7Cp
7
‘ 76
EHypertext Markup Language – HTMLF
07‫
א‬%7bI‫
א‬B7'‫א‬

773L
77
+/77‫
א‬fx778
‫ل‬p77‫
‹
א‬77L‫
و‬،‫אن‬77I‫
א‬774
F77Ž
”I77
š‫א‬/77‫ض
א‬/774


K 6 i,‫
אع
א‬M
6‫ د‬b‫א‬









 ‫‪87‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫

‬
‫

‬

‫ﺍﺷﻜﻞ)‪ (17-4‬ﻧﺴﺨﺔ ﻣﻦ ﺭﺳﺎﻟﺔ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﻨﺘﺤﻠﺔ ﻟﺸﺨﺼﻴﺔ ﻣﺼﺮﻑ "ﺳﻴﱵ ﺑﻨﻚ"

‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 88

"‫( ﺍﳌﻮﻗﻊ ﺍﳌﺰﻳﻒ ﳌﺼﺮﻑ "ﺳﻴﱵ ﺑﻨﻚ‬18-4) ‫ﺷﻜﻞ‬




?
<ƒ 77@‫
א‬%77bI‫š
א‬6/77‫
?א‬U77Z6
F776B‫אن
א‬77I‫š
א‬6/77

1
/7 †
H77?

‫ ن‬77(
M
. 77,
77]®
EText FieldF
%77b&
77`S
d77n‫
و‬778‫
و‬Ehovering text boxF

7
Yr 7 ‫
א‬0b6‫
و‬E19-4F
(‫
א‬M

،y]b‫
א‬M
%``@‫אن
א‬I‫š
א‬6/W

Kz‫
אو‬8‫א‬

(1) http://www.fraudwatchinternational.com/phishing-fraud/phishing-web-site-methods/
 ‫‪89‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫‪
%"6‬א(
‪
،/± `}
+/c&
E20-4F‬وذ‪/74
7I4
7‬ض
‪
”ƒ 7b‬א‪
i]7b‬‬

‫‪/776
v7S‬ض
‪7I4‬אن
א‪
i]77b‬א@``‪
،%7‬و‪
+x77r &
76/ž
77I4‬א“‪
š6/77W
za
”ƒ 7b‬‬
‫א‪I‬אن
‪
/Yc6‬א@`
א‪

K‘n
%bI‬‬
‫

‬
‫

‬

‫

‬
‫ﺷﻜﻞ )‪ (19-4‬ﺷﺮﻳﻂ ﻋﻨﻮﺍﻥ ﻣﺰﻳﻒ ﻋﻠﻰ ﻫﻴﺌﺔ ﺣﻘﻞ ﻧﺼﻲ‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪90‬‬

‫

‬
‫ﺷﻜﻞ )‪ (20-4‬ﻧﺎﻓﺬﺓ ﺍﳋﺼﺎﺋﺺ ﺗﻮﺿﺢ ﺣﻘﻞ ﺍﻟﻨﺼﻲ‬
 ‫‪91‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫ا"! ا‪456‬‬

‫ا(‪9‬اءات ا<دة ‪ ./:‬د ا('&و ‬
‫)‪(Phishing Countermeasures‬‬

‫ﻣﻨﻊ ﻫﺠﻤﺎﺕ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻗﺒﻞ ﺣﺪﻭﺛﻬﺎ‬ ‫•‬

‫ﺍﻟﺘﺼﻔﻴﺔ )‪(Filteration‬‬ ‫•‬

‫ﺍﻟﺘﺤﺪﻳﺜﺎﺕ ﺍﻷﻣﻨﻴﺔ )‪ (Security Patches‬ﻭ ﺟﺪﺭﺍﻥ ﺍﳉﻤﺎﻳﺔ )‪(Firewall‬‬ ‫•‬

‫ﺗﺼﻔﻴﺔ ﺍﻷﻛﻮﺍﺩ ﺍﻟﱪﳎﻴﺔ ﺍﳋﺒﻴﺜﺔ )‪(Cross-Site Script - XSS‬‬ ‫•‬

‫ﻟﻮﺣﺔ ﺍﳌﻔﺎﺗﻴﺢ ﺍﳌﺮﺋﻴﺔ )‪(Visual Keyboard‬‬ ‫•‬

‫ﺍﻟﺘﺼﺪﻳﻖ ﺍﻟﺜﻨﺎﺋﻲ )‪(Two-Factor Authentication‬‬ ‫•‬

‫ﺍﻟﺘﺼﺪﻳﻖ ﺍﳌﺘﺒﺎﺩﻝ )‪(Mutual Authentication‬‬ ‫•‬

‫‪Anti-Phishing‬‬ ‫ﺃﺷﺮﻃﺔ ﺃﺩﻭﺍﺕ ﻣﻜﺎﻓﺤـﺔ ﺍﻻﺻـﻄﻴﺎﺩ ﺍﻻﻟﻜﺘـﺮﻭﱐ )‬ ‫•‬

‫‪(Toolbars‬‬
‫ﺑﺮﺍﻣﺞ ﻣﻜﺎﻓﺤﺔ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ )‪(Anti-Phishing Softwares‬‬ ‫•‬

‫‪x8
L I6‬א
א]‪
FŽ
b‬א)

‪/‬א‪.‬א‪
-‬א‪ ,‬د‪
- VC
+‬א‪ "#$‬د
א)('و&‪

K%‬‬
‫

‬

‫‪87‬‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 92
1 ‫ ﻣﻨﻊ ﻫﺠﻤﺎﺕ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﻗﺒﻞ ﺣﺪﻭﺛﻬﺎ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻷﻭﻝ‬1,5


%7&‫('و‬$‫" د
א‬7#$‫
א‬- 7V8
73L
7
Yr‫א‬Y7‫
א‬o‫
א‬- cI‫{( ن
א‬

‫" د‬777#$‫
א‬- 777VC
- 777cI‫
א‬fx7778

7 7‫
` و‬777Zž
Y&Š777W
777
-‫א‬.‫א‬/777
a
‫ ذ‬7 7l‫א‬

‫" د‬77#$‫
א‬- 77V8
77
q77IO
77L
t77‫
א‬/ƒ 77Z“‫
א‬77`O‫
و‬، 77Y4L‫
و‬773L
%77&‫('و‬$‫א‬


K%&‫('و‬$‫א‬


W% ‫
א‬-‫א‬.‫א‬/
)‫
א‬fx8
O‫و‬
‫ ﺇﻧﺸﺎﺀ ﺣﺴﺎﺏ ﺑﺮﻳﺪ ﺇﻟﻜﺘﺮﻭﱐ ﻟﻠﺒﻼﻏﺎﺕ‬1.1.5

ƒ 7/‫
א‬74
‫غ‬p7)‫<
א‬C
UIZ
%&‫('و‬a
6/
‫אن‬I
cI‫
א‬.p4
6‫و‬BO


ƒ 77/‫
א‬fx778
w77&
‫ذא‬a
77
/776/`
H 77Z@‫א
א‬x778
y77Z6
K77cI‫
א‬77b^
77iI‫א‬


K6=

‫" د‬#‫
א‬- V8
4
ً‫א=א‬x&a
ً ,6?
%"6‫
و‬،$
‫
?م‬ii#
(Bounced E-Mails) ‫ ﻣﺮﺍﻗﺒﺔ ﺭﺳﺎﺋﻞ ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﺮﺗﺪﺓ‬2.1.5

U774
77
77cI
77b^
77iI‫
א‬%77&‫('و‬$‫" د
א‬77#$‫ ƒ
א‬77=
J77ž
77L


3œ`7Z
— ‫ دم
א‬7
7`i6

I4

KdL‫
אא‬M
+‫

د‬g
 ]
&‫('و‬a
6/
6‫ و‬I4

= 7Wa
d7

7œ/
— ‫ دم
א‬7“‫
א‬za
7Y
gr
،m76
V7Z
g
Y&?
°
6‫ و‬I‫
א‬fx8





Km6
VZ
g
m&
œ3œ`Z— ‫
א‬za
bO
 
 /‫
א‬fx8
‫Šن‬

7b
+7O/‫ ƒ
א‬/‫{ن
א‬r

cI
b^W
iI
w² =—?
ƒ /‫™
?ن
א‬

- 74
za
g7O
+7O/‫
א‬766‫ ƒ
א‬/‫
א‬+/
K Yb^W
iI‫
א‬cI‫
دم
א‬za


K6=

‫" د‬#‫א‬

1
<77L=
+77"“‫
א‬M
،Ebouncing emailF
77O/‫
א‬776‫
א‬E1-5F
(77‫
א‬y77n6

77iI‫ د
א‬77b‫
א‬7 3’Lœ
77
7 

’ /
— ‫
א‬%77&‫
א)('و‬776‫م
א‬p77 
œ3œ`77Z— ‫ دم
א‬77
‫م‬77`6

(1) A. Emigh, "Online Identity Theft: Phishing Technology, Chokepoints and

Countermeasures", Radix Labs, October 3, 2005.
 ‫‪93‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫^‪
7b‬א‪

v7S
?xyz.com?
7cI‬و‪
d7n‬א‪ 7b‬د
א‪
<7‬א‪ 7"I‬ق
‪
M
7cI‬א‪
K
 77/‬‬

‫
‪`6‬م
دم
א —‪

`i 
œ3œ`Z‬א<
א —‪œ^Z‬م
?‪
V7Z
g7
m&?
°
،?ahmed‬‬
‫‪
za
J?
،77‬‬
‫‪
M
m776‬א‪ 77cI‬م‪77`r
،‬م
‪
M
77‬א“"‪ 77
={
2
<77L=
+77‬ع
א‪
za
 77/‬א —‪œ /‬‬
‫א‪I‬אن

א
د
‪
M‬א@`
‪

EFromF‬א‪

K /‬‬
‫

‬

‫

‬
‫ﺷﻜﻞ )‪ (1-5‬ﺍﻟﱪﻳﺪ ﺍﻹﻟﻜﺘﺮﻭﱐ ﺍﳌﺮﺗﺪ )‪(Bouncing Email‬‬
‫‪ 3.1.5‬ﻣﺮﺍﻗﺒﺔ ﻣﺮﺍﻛﺰ ﺧﺪﻣﺔ ﺍﻟﻌﻤﻼﺀ‬
‫‪/‬א‪
77
773L‬א‪
-$ 77bO$‬وŒ‪
773‬א‪= 77Z]$‬א‪
-‬א‪77‬א=د‪/
za
+‬א ‪
77
B77‬‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 94

d7L‫
א‬74
‫ ل‬7‫–
א‬7r=
7
-‫ =א‬7Z]$‫
א‬7
+‫د‬7o‫אع
א‬7&‫–
א‬37r

K.p‫א‬


K‫" د‬#‫
א‬- V8
‫

د‬%SO
L
%&‫א)('و‬
‫ ﻣﺮﺍﻗﺒﺔ ﺣﺴﺎﺑﺎﺕ ﺍﻟﻌﻤﻼﺀ‬4.1.5

-$‫ و‬77‰
77
d77L
g77
‫د‬77
،-  77Z@‫
א‬U774
- 77‫
א‬F77Ž
773L‫א‬/

‫
?و‬-p6777i‫
?و
א‬،%777b^‫
א‬F7776/‫

א‬B7 7=
g777O

‫
?و‬،-  777Z@‫
א‬za
‫ ل‬777‫א‬


K ‫ =_
א‬b‫ 
א‬S
M
- iZ‫א‬
‫ ﻣﺮﺍﻗﺒﺔ ﺍﺳﺘﺨﺪﺍﻡ ﺍﻟﺼﻮﺭ ﺍﶈﺘﻮﻳﺔ ﻋﻠﻰ ﺷﻌﺎﺭ ﺍﳌﻨﻈﻤﺔ ﺃﻭ ﺭﻣﺰﻫﺎ‬5.1.5


r ,Z‫ز
א‬/‫
وא‬-‫=
א =א‬#
- ]
‫ & ً
א^אم‬S?
‫ دون‬b‫
א‬6

M
7‰
=7#
- 7]
‫^אم‬7‫
א‬7

ً$7
،
7]6B‫<
א‬YL‫
א‬M
rYZ‫
א‬cI‫
א‬3L



K]6B‫<
א‬YO i]b
],Z‫
א“אدم
א‬M
‫
?و‬،<Y‫אد‬

F77,Z‫
א‬7 ‫(
א‬377‫ دم
א‬7
773L
7
-$ 77@‫
א‬fx78
77
_ 7 ‫

א‬7(

8= 7W‫
و‬cI‫
א‬B=
=#
- ]
%  
F,Z‫
وא‬،cI
%&‫
א)('و‬dL

7`I‫ل
א‬7 O‫و‬/
07Œ
d7
‫ دم‬7`‫
א‬EreferrerF
?
/7W‫
?א‬7`S
7
7`i‫
א‬76/Œ
4

،
+=7b‫
א‬F7
7i
EHTTP – Hypertext Transfer ProtocolF
07‫
א‬%7bI‫א‬

77`S
‫ ن‬77
‫ذא‬a

K
+=77b‫ض
א‬/77
t77‫
א‬77&‫
א)('و‬i]77b‫אن
א‬77I4
‫(ن‬77
Jx77‫א‬

07Œ
–r/76
‫ دم‬7“‫{ن
א‬7r
‫ل‬7Yk
‫אن‬I4
za
‫
?و‬،cI‫אن
א‬I4
g
za
g6
?/W‫?א‬

+=77#
-/77 †
ًp7S
7 ’ 6}
77–

‫ دم‬77“‫ض
א‬/776
77L
‫
?و‬،+=77b‫
א‬F77
77i
HTTP


K"‫
א‬+=b‫ً

א‬$
،m3I
6/6xž

‫ل‬7 O‫
و‬1
- 7`‫
א‬07Œ
7`h‫
و‬0Zir

K 
S
za
‫ ل‬± r
.‫א‬/
)‫א
א‬x8

،
‫ دم‬7“‫
א‬+7ƒ ]
d7n‫
و‬EreferrerF
?/W‫`
?א‬S
‫{ن‬r
،EHTTPF
0‫
א‬%bI‫`
א‬I‫א‬

KEhttp://tools.ietf.org/html/rfc2616F
`h‫^
א)('و&

א‬ZI‫
א‬E1F

95

‫
א
وאאא
אد‬W
‫אد
א و‬

،
7`@‫
א‬7‫
ذ‬7L
g7O
7‫ ن
א‬7({
‫م
?ن‬p7(‫
ذ
א‬UI

KJ=  ‫`
א‬S
m&?‫و‬

J?
7Yr
d7n
O
7L
``@‫
א‬i]b‫
א‬za
gO
‫ً

?ن‬$3r

K6 i‫( &
א‬a
%  ‫و‬


KEblankF
= r
E'O
‫
?و‬،L

7‫
ذ‬7L
7
7`i‫

א‬+‫] د‬$‫
א‬dI…$
?/W‫`
?א‬S
M
6 i‫( &
א‬a

–377r

K
%7 &‫('و‬$‫" د
א‬77#$‫
א‬- 77VC
J77b
ً‫ دא‬77,
.‫א‬/77
a
77
77
77`@‫א‬

077&‫א‬X‫
א‬M
ًp8 77
‫
و‬،
%7 &‫('و‬$‫" د
א‬77#$‫
א‬  774
M
ً ƒ773
‫ن‬77(6
77L
6‫ د‬77b‫א‬

7
M
ً 6k
?/W‫`
?א‬S

`i‫(ن
א‬r
،‫ ل‬S$‫א
א‬x8

w]6
pr
،I]‫א‬
K-$ @‫
א‬fx8

?
/7W‫`
?א‬S
L

`i‫\

א‬b`‫
א‬+‫] د‬p
\/ ?
- S‫'א‬L‫
א‬E I8

7

ً 7,6?
`i 7
،
%7&‫
('و‬$‫" د
א‬7#$‫
א‬- VC
Jb
ً‫ دא‬,
¿.‫א‬/
a
m]#

‫ ن‬7,

+=7b‫
א‬F
za
r n) 
،‫
ذ
א‬3L


F
0Œ
‹
L
m&?

‫ن‬7(6
7‫
א‬F7‫
א‬7‫
ذ‬،7Lh
i]7#
7
‫ دم‬7L
+=7b‫
א‬F7
7ž
07Œ
‫?ن‬

K
78B=‫

و‬7cI‫ =
א‬7W
=7#
- 7]
7i
7Lh‫
א‬- i]7b‫`š
\
א‬r
ً 

‫ ن‬7({
‫{ن‬7r
6‫ د‬7b‫
א‬73L
7
?/W‫`
?א‬S
M
6 i‫ن
‹
א‬a‫
و‬US
`6/"‫
א‬fxY‫و‬

‹
7L
‫ذא‬a
‫
و‬M n)‫`
א‬i‫
א‬6/Œ
4
+=b‫
א‬F
0Œ
=b

 Š‫א“ دم
א‬

VI‫
א‬w&
‫ذא‬a
‫؟‬$
‫
?م‬mZ]&
+=b‫
א‬F
0 Œ
=b‫
א

א‬F‫
ذ
א‬0Œ

07 "
‫ دم‬7“‫د
א‬/76
7&/
‫
ذ‬7
‫
?و‬،+=b‫
א‬F
ž
0Œ
–r/6
‫{ن
א“ دم‬r
?$?


K‫ د‬b‫­
ذ
א‬r
M
‫ع‬L‫

א‬/6xi
Y3IO
+=b
+=b‫
א‬F

76o‫=
א‬7b‫^אم
א‬7‫
א‬73L‫א‬/?
J?
،‫ د‬7,
— ‫
א‬.‫א‬/7
)‫א
א‬x78
y7n
1 ‫ ل‬

77S?
‫ م‬77L
77I4
،2 ?N77O?
_/77b
µ77S 
778
،? 778B=
‫
?و‬77cI‫ =

א‬77W

(1) F-Secure (http://www.f-secure.com/weblog/archives/archive-042006.html)

(2) http://www.chase.com/


‫
א
وאאא
אد‬W
‫אد
א و‬ 96


77#‫_
א‬/77b‫ =
א‬77W
+=77#
‫^אم‬77‫ د
א‬774?‫
و‬F776B
d77L
. 77&{
6‫ د‬77b‫א‬


KE2-5F(‫
א‬M

_/b‫
دم
א‬3L

r ,Z‫א‬

?N77O?
_/77b
%77``@‫
א‬d77L
+=77#
‫ض‬/776
E5-5F
(77‫ض
א‬/76


K?NO?
_/b
= 
+=#
‫ض‬/6
E3-5F
(‫وא‬

?
78B=
‫
?و‬cI‫ =
א‬W
6o‫=
א‬b‫
א^אم
א‬3L‫א‬/?
‫ د‬,— ‫
א‬.‫א‬/
)‫
א‬3"O

77
`i 77r

K77O
%77&‫('و‬$‫" د
א‬77#$‫
א‬77V8
77
_/77b‫
א‬77‫
ذ‬%77i
‫ ن‬77

‫" د‬77#$‫
א‬774
F77(
‫ ن‬77
_/77b‫ =
א‬77W
+=77#
F77
77ž
077Œ
=‫ د‬77b

(7‫
א‬M
7
/6x7i
7Y3IO
+=7b
‫د‬/ 
C ra

_/b‫
و(©
א‬%&‫('و‬$‫א‬

M
d7`6
‫
?ن‬73L
i7,‫
א‬/7ƒ‫א‬B‫

א‬m73I
‫
وذ‬cI‫ =
א‬W
F™
‫د‬/‫ً

א‬$
E4-5F


K%&‫('و‬$‫" د
א‬#$‫­
א‬r



‫ ل‬7‫א
א‬x78
M
E4-5F
(7‫
א‬M
-‫
و=د‬t7‫
א‬76/6xi‫
א‬m73I‫ 
א‬7=
\‰

<7L=
d7n‫
و‹
و‬،?KKK
77
7bO‫
א‬J/7Z‫
א‬7L=
07(O
pr، 7/‫
א‬fx8
w6?=
‫ذא‬a?

8


K‫ ل‬bOp
 ‫‪97‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫

‬
‫ﺷﻜﻞ )‪ (2-5‬ﺍﳌﻮﻗﻊ ﺍﳌﺰﻳﻒ ﳌﺼﺮﻑ "ﺗﺸﻴﺲ"‬

‫

‬
‫ﺷﻜﻞ )‪ (3-5‬ﺷﻌﺎﺭ ﻣﺼﺮﻑ "ﺗﺸﻴﺲ"‬

‫

‬
‫ﺷﻜﻞ )‪ (4-5‬ﺭﺳﺎﻟﺔ ﺍﻟﺘﻨﺒﻴﻪ ﺍﻟﺘﺤﺬﻳﺮﻳﺔ‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪98‬‬
‫

‬

‫

‬
‫ﺷﻜﻞ )‪ (5-5‬ﻣﻮﻗﻊ ﻣﺼﺮﻑ "ﺗﺸﻴﺲ"‬
‫

‬
‫‪ 2.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﱐ‪ :‬ﺍﻟﺘﺼﻔﻴﺔ )‪(Filteration‬‬
‫}‪
ƒ 77=
]77bO
7 ’ O‬א‪
776‬א)('و&‪
%77‬א‪
M
YS/77W
377
t77‬א]‪
77b‬א‪
%& 77‬‬
‫‪/7
a
Y]7b‬א‪ 77,
.‬دאً

‪
g77
ƒ 7/‬א‪ 77,

7Y&
M
77 r

ً 7,6?


ESpamF
7/‬دאً

‬
‫‪
- 7VC‬א‪ "77#$‬د
א‪'($‬و&‪
%77‬א‪
ƒ 77=
U774
+7‬א‪
76‬א)('و&‪
M
%77‬א“‪77‬אع
‬
‫‪


KEdeception-based phishing emilsF‬‬
‫

‬
 99

‫
א
وאאא
אد‬W
‫אد
א و‬

(Security Patches ) ‫ ﺍﻟﺘﺤـﺪﻳﺜﺎﺕ ﺍﻷﻣﻨﻴـﺔ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﻟـﺚ‬3.5

(Firewalls) ‫ﻭﺟﺪﺭﺍﻥ ﺍﳉﻤﺎﻳﺔ‬

- 77I`‫
א‬U774
77‫ع
א‬77I‫
א‬778
%77&‫('و‬$‫" د
א‬77#$‫
א‬- 77V8
‫אع‬77&?
77S?

‫ ز‬7Y

M
7I‫
א‬-‫א‬/7‫ل
א‬p7‫

א‬m7p
7

<76‫
و‬،Etechnical subterfugeF
7I]‫א‬

KEmalwareF
3“‫
א‬q‫
אא‬0 /O‫
و‬،ESpywareF
NZV‫
א‬q‫א‬/
‫=ع‬B
i,‫א‬

،Eoperating systemsF
7‫
א‬7c&
7I‫
א‬- 67i‫
א‬/7 †

07 /O
’ 6}

‫=אن‬7

F7
+B7Y
‫
א‬76 ‫
و‬،EInternet BrowsersF
7 ‫(
א‬37‫
א‬- i]b‫و‬

‫ل‬p7‫
א‬U74
+7‫

א‬%7&‫('و‬$‫" د
א‬7#$‫
א‬- 7VC
ً$
7¹ r
ً‫ دא‬7,
¿.‫א‬/
a
6 X‫א‬


KI‫
א‬-‫א‬/‫א‬

 ‫(
א‬37777‫
א‬- 777i]b
M
I‫
א‬-‫א‬/‫ل
א‬p‫
א‬U4
1 ‫
א‬

EMozilla FirefoxF
?N7777 r/6 r
p6‫ز‬77?
y77]b
M
77I‫
א‬+/77‫" د
א‬77#‫
א‬774

Unified Resource Locator - F
‫אن‬7I‫
א‬F76BO‫
و‬074p‫
א‬wS O?
t‫
א‬،1.0
^ZI‫א‬

‫^م‬7Z‫
א‬7ž
‫ ل‬7S
M
73IO
t7‫
א‬Edownload windowF
7i‫
א‬+x7r &
M
EURL

K 
dL

F

77i‫
א‬+x77r &
‫ن‬77
،y]77b‫<
א‬77bO
M
Š77"
0377Z
wh77S
+/77‫
א‬fx778


K
/7"^

œ^7Z— ‫ض
א‬/
¹ 7O
}
7L
+/7‫
א‬fx8
K.%Œ
(
6"‫
א‬6‫ و‬I‫ض
א‬/O

76/Œ
74
%78
+/7‫
א‬fx78
‫ل‬p7‫
א‬7V&
i7n
^7Z‫ع
א‬7L
`6/Œ
H/L?

<7h
7‫
و‬،
F76B
d7L
za
g76
Jx7‫
وא‬7&‫('و‬a
6/
 =
M
š‫
=א‬U4
š,‫א‬

Y&?
U4
i,‫^م
א‬Z
/YcO
‫א‬xY‫
و‬،F6B‫
א‬dL‫

ذ
א‬3
q‫א‬/
ž

(1) “Firefox flaw raises phishing fears”, by Ingrid Marson, Published: January 7, 2005
11:06 AM PST , (http://www.news.com/Firefox-flaw-raises-phishing-fears/2100-
1002_3-5517149.html)


‫
א
وאאא
אد‬W
‫אد
א و‬ 100


Kyi#
dL

ž

’Zœ
‫ز‬p‫
א‬- 6i‫?
א‬N r/6 r
p6‫
?ز‬-=#?
+/‫
א‬fx8
_  ‫
א‬

‫ع‬7L‫
א‬/7"
J‫ د‬7]
m76ž
y]7b‫
א‬%^7Z
d7§
U74
07
‫
وو‬،+/‫
א‬fx8


K+/‫
א‬fx8
‫ل‬p$
in



Cross-Site Script ) ‫ ﺗﺼﻔﻴﺔ ﺍﻷﻛﻮﺍﺩ ﺍﻟﱪﳎﻴﺔ ﺍﳋﺒﻴﺜﺔ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺮﺍﺑﻊ‬4.5
(- XSS

7
Emalicious content injectionF
v73“‫\
א‬o‫`
א‬S
H?
M
&/ ‫ 
ذ‬

v73
\7‰
7`S
‫
?و‬r n{
‫`ن‬6
6‫ د‬b‫
?ن
א‬،%&‫('و‬$‫" د
א‬#$‫
א‬0 ?

\7o‫א
א‬x78
‫م‬7`6
‫
?ن‬7(

KElegitimate siteF
yi#
dL
za Emalicious contentF


W%  






v3“‫א‬


K\/ ?
dL‫
א‬za
yib‫
א‬dL‫
א‬/ƒ‫
زא‬m
O
+‫ د‬4a
J


KdL‫
א‬/ƒ‫ ز
زא‬Y

M
EmalwareF
3
q‫א‬/
0 /O
J


K%&‫('و‬$‫" د
א‬#$‫
دم
א‬za
dL‫
א‬M
 ‫
א‬- & 3‫
א‬m
O
+‫ د‬4a
J

M
7I?
+/7h
‫ل‬p7‫
א‬76/Œ
74
\7o‫
א‬7`³
H7‫(
ž`
ذ
א‬

fx78
M
73
7k/
‫אد‬7 ?

7`S
EhackersF
/
¹ 7^
y6

 ‫(
א‬3‫ دم
א‬

%77k/
77
%778‫
و‬،Ecross-site script - XSSF
777
+/77‫
א‬fx778
_/77O
K‫אدم‬77“‫א‬

37
U74

K%
=
7
=7b
73L
7
_ ,
\‰

qI6
Eprogramming flawF

،Euser reviewF
7
q7I
=‫وא‬B7‫`<
א‬O
‫
?و‬،EblogsF
- &‫
אو‬M
=‫وא‬B‫
א‬- `O
‫א ل‬

- 77 /‰
M
v77³
- 77
‫
?و‬،Ediscussion boardsF
‫ ش‬77`I‫
א‬- 77`S
M
 77=
‫?و‬

7777 ‫(
א‬3777777
‫
א‬U774
77‫
א‬%77&‫
א)('و‬776‫
א‬M
+‫ 
وא=د‬77777777=
‫
?و‬،v77i3‫א‬

101

‫
א
وאאא
אد‬W
‫אد
א و‬

KEweb-based emailF

H77Š
%77&‫('و‬$‫" د
א‬77#$‫
א‬i77n
‫ع‬77L‫
א‬/77"
J‫ د‬77]
U77‫
א‬77`6/"‫א‬

‫ دم‬77“‫
א‬M
77Yc]S
773L
778‫ د‬a‫אد

و‬77 ‫
א‬fx778
]77bO
778
،v773“‫\
א‬77o‫
א‬77`S


K=‫وא‬B‫
א‬- i]b
U4
Yn/4
‫م‬4
‫ ن‬n
%  ‫و‬



(Visual Keyboard) ‫ ﻟﻮﺣﺔ ﺍﳌﻔﺎﺗﻴﺢ ﺍﳌﺮﺋﻴﺔ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﳋﺎﻣﺲ‬5.5


<76‫
و‬،
76`‫
א‬7`6/"‫
א‬74
6/7Z‫
א‬- 7& 3‫ ل
א‬7 ‫
)د‬76
`6/Œ
fx8
O

= 77À‫
و‬،77&‫ ل
א)('و‬77‫
א‬i]77#
M
77ƒ/
yO 77]
77S
776/Œ
774
77C ‫د‬a

yO 7]‫
א‬7S
7
H7"‫ ‘
א‬7]‫
א‬U74
/`I‫
وא‬+=Š]‫
א‬6/ž
"‫
א‬YI
‫^م‬Z‫א‬


KW ‫
א‬U4
ƒ/‫א‬

776/Œ
774
6/77Z‫
א‬- 77& 3‫
א‬L/77Z
ً‫ دא‬77,
¿.‫א‬/77
a
77ƒ/‫
א‬yO 77]‫
א‬77S
773"O

‫ ز‬7Y

7
Ekey loggingF
yO ]‫
א‬S
-‫א‬/`&
VZO
t‫
א‬EmalwareF
3“‫
א‬q‫אא‬

‫ص‬p^7‫
وא‬،
Y7i
‫م‬7`6
Jx7‫
א‬،‫ د‬7b‫
א‬za
C 7={
‫م‬7`O
<7h
‫
و‬،i,‫א‬


Ki,‫
א‬b^W
‫ ل‬i&$
- & 3‫א‬

^77Z‫ =_
א‬77b‫
א‬77S
77ƒ/‫
א‬yO 77]‫
א‬77S
E6-5F
(77‫ض
א‬/776


Km ZS
za
‫
 ل‬6/Z‫
א
א‬- & 
‫)د ل‬

/67"O

‫
א‡ن‬U7S

6‫ د‬7b

7Z6
<r
، 
S
za
 ± r
ƒ/‫
א‬yO ]‫
א‬S

‫^אم‬7‫
א‬7©L
7•
M
7ƒ/‫
א‬yO 7]‫
א‬S

43"‫
א‬- & 3‫` ط
א‬$
3
q‫א‬/



K&‫
א)('و‬dL‫
אא‬M
ƒ/‫
א‬yO ]‫
א‬S

- 77& 3‫
א‬U774
_/77
773
q‫א‬/77
/677"O
77
ً 7`S$
‫ن‬77/¹ ^‫(
א‬776
77L


Kƒ/‫
א‬yO ]‫
א‬S
"‫א(
א‬
 ‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬ ‫‪102‬‬
‫

‬
‫

‬

‫

‬
‫ﺷﻜﻞ )‪ (6-5‬ﻟﻮﺣﺔ ﺍﳌﻔﺎﺗﻴﺢ ﺍﳌﺮﺋﻴﺔ ﰲ ﺻﻔﺤﺔ ﺍﻟﺪﺧﻮﻝ ﻷﺣﺪ ﺍﳌﺼﺎﺭﻑ‬

‫‪Two-Factor‬‬ ‫‪ 6.5‬ﺍﻹﺟــﺮﺍﺀ ﺍﳌﻀــﺎﺩ ﺍﻟﺴــﺎﺩﺱ‪ :‬ﺍﻟﺘﺼــﺪﻳﻖ ﺍﻟﺜﻨــﺎﺋﻲ )‬

‫‪(Authentication‬‬
‫‪?

77
ً
7,6?

_/76‬א‪
67b‬א`‪
x78
M

KEStrong AuthenticationF
?
J7‬א
א)
‪/7‬א‪
.‬‬
‫‪
<6‬א^אم
Œ‪/Œ

`6/‬ق
א‪ ,
6b‬ن
د=

?‪

U4‬א‪

K6b‬‬
‫‪/Œ
-ph
E I8‬ق
‪

W6b‬‬
103

‫
א
وאאא
אد‬W
‫אد
א و‬

K=‫و‬/‫
و 
א‬،‫^م‬Z‫
<
א‬W?what you know??
‫_؟‬/O
‫
 ذא‬J

Esmart cardF
 x‫
א‬L "3
W?what you have??
‫
 ذא
…؟‬J

d37#)‫
א‬7b3
،
76@‫
א‬- ]7b‫
א‬%78‫
و‬W،?what you are??
‫؟‬w7&?

7
J


KEfingerprintF

7Yr
<76‫
و‬،‫ع
אول‬I‫
א‬%8
،6b‫
א‬4
M
^Z‫
א‬6`‫`
א‬6/"‫א‬

،‫ ل‬7bO$‫
א‬4
M
r/"‫
(

א‬r‫و‬/‫
و‬L
- & 3
6b‫
א‬0 Œ
6‫و‬BO


K=‫و‬/‫
و 
א‬،‫^م‬Z‫ <
א‬

76‫و‬B
،fp74?
+= x7‫אع
א‬7&‫

א‬4&
‫<
א^אم‬6
%ƒ I‫
א‬6b‫
א‬M


K x‫
א‬L "3‫
?و
א^אم
א‬،d3#‫
א‬b‫
و‬،=‫و‬/‫
و 
א‬،‫^م‬Z‫א<
א‬

‫^م‬77ZO
t77‫
وא‬،EATM cardF
_‫א‬/77b‫
א‬77L "
%ƒ 77I‫
א‬677b‫
א‬U774
‫ ل‬77

7‫م
א‬7`6
J7`I‫
א‬0i7Z‫
א‬74
M

K
%7‡‫_
א‬/b‫
א‬+BY
?

J`I‫
א‬0iZ

7
‫ ً
{د ل‬,6?
‫`م‬6‫
و‬،?‫
? ذא
…؟‬%& ‫ع
א‬I‫

א‬O
t‫
وא‬،L "3‫{د ل
א‬


K?‫_؟‬/O
‫ع
אول
? ذא‬I‫

א‬6
Jx‫و=
א‬/‫א‬

77
77
،6/77Z‫
א‬- 77& 3‫ق

א‬/7ZO
%77&‫('و‬$‫" د
א‬77#$‫
א‬- 774
M
+‫ د‬74

\/7 ?
- 7& 
07Œ
<76
x
،?‫_؟‬/O
‫ع
אول
? ذא‬I‫

א‬F»IbO
t‫
א‬،=‫و‬/‫א‬

67b‫אع
א‬7&?
7
6/7 ‡‫
א‬4I‫
א‬za
%IO
- & 3
،6b‫
א‬4
M
r na


K?‫؟‬w&?
?
‫
?و‬،?‫? ذא
…؟‬

74

%7&‫('و‬$‫" د
א‬7#$‫
א‬- VC
ً‫ دא‬,
ً‫א‬.‫א‬/
a
‫^م‬Z6

%ƒ I‫
א‬6b‫א‬

‫" د‬7777#$‫
وא‬،EMan-in-the-middle AttackF
š7777‫
א‬M

7 77
/‫
א‬7777V8
77776/Œ

KEIdentity AttackF
b^‫ ل
א‬i&‫
وא‬،dL‫
אא‬F6BO
6/Œ
4
%&‫('و‬$‫א‬



‫
א
وאאא
אد‬W
‫אد
א و‬ 104
(Mutual Authentication) ‫ ﺍﻟﺘﺼﺪﻳﻖ ﺍﳌﺘﺒﺎﺩﻝ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺴﺎﺑﻊ‬7.5

‫א‬x78
M

KETwo-way AuthenticationF
?f ¤$‫
א‬%ƒ I‫
א‬6b‫
?א‬7
ً ,6?
_/6‫و‬

677b
‫ دم‬77“‫م
א‬77`r
،/77
‡‫
א‬Y77,
‫ دم‬77“‫
وא‬77‫
א‬77
ٍ7
‫ق‬¹7 b6}
.‫א‬/77
)‫א‬

N6 7`
،6b‫

و ƒ
א‬fg
‫
?و‬،%b^‫
א‬F6/‫
א‬B=
6/Œ
4
‫א‬

m7&?
7

7`i6‫
و‬،7‫
א‬73L
7
‫
א“ دم‬6bO
<6
ً ,6?‫
و‬،EBiometricsF
6@‫א‬


Kً ]6B
ً L
‫(ن‬6
‫
א“ دم
Šن‬b^
iI™
N‫
و‬،‫د‬b`‫
 “ دم
א‬b

7
7`i

ً 7L/Œ

‫ ل‬7bO‫
א‬74
M
r/7"‫
א‬7
7(
‫ دل‬73‫
א‬6b‫
א‬y6


K–3
Y,
68
i#

(7‫
א‬y7n6‫
؛
و‬f 7¤$‫

א‬J‫ د‬7S‫
א‬67b‫
א‬74
E7-5F
(‫
א‬yn6


K‫ دل‬3‫
א‬6b‫
א‬4
E8
J5F

‫م‬7`6
7S

m7&?

%78
،‫
א‬3L

‫
א“ دم‬6b
^Z‫ق
א‬/"‫\
א‬Sa

‫^م‬7ZO
EphraseF
7§
‫
?و‬+=7#
= 7À
7‫{ن
א‬7r
‫ دم‬7“‫
\
א‬VZ 
‫א‬

‫م‬7`6
،‫ دم‬7“‫ ل

א
وא‬bO‫
א‬. &a
Ir

K‫
א‬3L

‫
א“ دم‬6b
`S$

+=
7b‫
א‬w7&
‫{ذא‬r
،VZ‫
א‬4
M
ً `3Z
+‫د‬o‫
א‬X‫
وא‬+=b‫ض
א‬/
‫א“ دم‬


K‫
א“ دم‬6bO
<6
ii#
X‫وא‬

74

%7&‫('و‬$‫" د
א‬7#$‫
א‬- 7VC

ً‫ دא‬7,
¿.‫א‬/
a
‫^م‬Z6
‫ دل‬3‫
א‬6b‫א‬

‫" د‬7777#$‫
وא‬،EMan-in-the-Middle AttackF
š7777‫
א‬M
7777
/‫
א‬7777V8
77776/Œ

KEIdentity AttackF
b^‫ ل
א‬i&‫
وא‬،dL‫
אא‬F6BO
6/Œ
4
%&‫('و‬$‫א‬

 ‫‪105‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫

‬
‫ﺷﻜﻞ )‪ (7-5‬ﺍﻟﺘﺼﺪﻳﻖ ﺍﻷﺣﺎﺩﻱ ﺍﻻﲡﺎﻩ‬

‫

‬
‫ﺷﻜﻞ )‪ (8-5‬ﺍﻟﺘﺼﺪﻳﻖ ﺍﳌﺘﺒﺎﺩﻝ‬

‫‪ 8.5‬ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺜﺎﻣﻦ‪ :‬ﺃﺷـــﺮﻃﺔ ﺃﺩﻭﺍﺕ ﻣﻜﺎﻓﺤـﺔ ﺍﻻﺻـﻄﻴﺎﺩ‬

‫ﺍﻻﻟﻜﺘﺮﻭﱐ )‪(Anti-Phishing Toolbars‬‬
‫‪
š6/77W‬אدوא‪?
+774
J77Ÿ
š6/77W
778
-‬ز=א=
‪
77‬و•‪77I
Fƒ 77‬؛
و‪77(6‬ن
‬
‫‪ 4‬د‪
M
+‬א‪
YX‬א‪/76

KEApplicationF
7
73"O
7
76‬ض
א‪
š6/7W
E9-5F
(7‬‬
‫‪Internet‬‬ ‫?دوא‪
y]77b
U774
?77

?
-‬א‪
(377777777‬א ‪F
?==377777Z a
w77&'&a?
77‬‬
‫‪

KEExplorer‬‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 106

- /77‫
א‬77
776‫ م
א‬77L

%7 &‫('و‬$‫" د
א‬77#$‫
א‬- 77V8
/77"
U774
ً‫=دא‬

-‫Œ
?دوא‬/777W?
‫ ج‬777& 
?wr777‫و‬/(6 ?
7777
،- 777k‫
א‬%777VI‫?
و‬eBay?
 /777

U7774
EAdd-onF
- r 777na
0777 /O

%7 7&‫('و‬$‫" د
א‬777#$‫
א‬777ir (
M
777bb^


KEE-Mail ClientF
%&‫
א)('و‬6‫
א‬4
q‫א‬/‫
و‬، ‫(
א‬3‫
א‬- i]b

‫" د‬7#‫

א‬d7L‫
א‬mO= 6‫
ز‬I4
‫^م‬Z‫
א‬m3IO
8
‫ م‬4
(
Œ/W‫
א‬fx8
]•‫و‬

U74
_/7‫

א‬%7&‫('و‬$‫" د
א‬7#$‫
א‬ir (
-‫Œ
?دوא‬/W?
‫ل‬p

‘ 6
K83

m7O= 6‫אد
ز‬/7‫
א‬d7L‫
א‬74
‫م‬p$‫
א‬6/Œ
4
%&‫('و‬$‫" د
א‬#$‫
?و
= ƒ
א‬dL‫א‬

7Yr
V

± 7ZO}
EdatabasesF
- 7& 
74‫א‬L
7
‫א=د‬7‫
א‬6‫
א‬4
‫
?و‬،‫^م‬Z‫
א‬3L


Y67ž
<76
t‫
א‬،83‫
א(]
?و
א‬.‫
א‬،%&‫('و‬$‫" د
א‬#$‫
و= ƒ
א‬dL‫א‬

76/Œ
74
‫
?و‬،
%7&‫('و‬$‫" د
א‬7#$‫
א‬d7L‫ _
א‬7 ‫
א‬M
7bb^
- Y

3L


M
7`
ً
7L/Œ
‫^م‬7ZO
-‫–
אدوא‬7‫
و‬K6/ †
^Z

+‫
אא=د‬- p3‫א‬

7736/V
‫ق
א‬/77"‫
א‬773"
،
%7 &‫('و‬$‫" د
א‬77#$‫
א‬d77L‫ ƒ
وא‬77=
U774
_/77‫א‬

‫" د‬7#$‫
א‬- 74
_ 7 $
EpatternsF
/8
7c‫
א‬U74
_/
Eheuristic methodsF


K%&‫('و‬$‫א‬

‫" د‬77#$‫
א‬77ir (
-‫Œ
?دوא‬/77W?
F77^
77ƒ L

E1-5F
‫ول‬77X‫ض
א‬/776


K ‫(
א‬3‫
א‬U4
Y"‫
=وא‬za
r n) 
،%&‫('و‬$‫א‬
Phishing F
q 7&/
،
%7&‫('و‬$‫" د
א‬7#$‫
א‬ir (
-‫Œ
?دوא‬/W?
U4
ً$ 

‫א‬x778
77`i6
K
 77Z‫^
א‬77ZI‫==?
א‬377Z a
w77&'&a?
y]77b
‫
א‬d77
q77‫
א‬1 EFilter

8377
i]77b‫
א‬w77&
‫ذא‬a
، 77YO= 6‫^م
ز‬77Z‫
א‬077"6
i]77#
77
77
q 77&‫א‬

/6x77i
/]77#‫ ن
א‬77
=‫
ز‬-‫אن‬77I‫š
א‬6/77W
077& Q-
y]77b‫
א‬U774?
M
/Yc77Zr

(1) “Microsoft Phishing Filter: A New Approach to Building Trust in E-Commerce

Content”, anti-phishing white paper, Microsoft.com,2005
 107

‫
א
وאאא
אد‬W
‫אد
א و‬

- 7& 
J?
. 7ra
‫م‬7
y7bIO

7Y3IO
 =
‫ض‬/
=B‫
א‬U4
š, 
،‫^م‬Z‫א‬

KE10-5F
(‫
א‬M

،i]b‫
א‬fxC
b^W
‫
?و‬،6/

73L
7
m7O= 6‫
ز‬H7"‫
א‬dL‫

?ن
א‬EPhishing FilterF
q &/
 ŠO
‫ ل‬S
M

–

‫אن‬7I‫š

א‬6/7W
07& Q
–
y]b‫
א‬U4?
M
/Yc
J
‫" د‬#‫
א‬dL
8
‫^œم‬Z— ‫א‬

‫" د‬7#$‫
א‬i]7#
‫ض‬/74
dI7
m&?
r n) 
،‫^œم‬Z— ‫
א‬/6xi
/‫ز=
 ن
א‬

،
i]7b‫ق
א‬p7a
7a
،‫ =אن‬7
Yr
6/6xž
i]#
YI
ً$
‫ض‬/6‫
و‬،%&‫('و‬$‫א‬

7
،‫^œ
م‬7Z— ‫
و
א‬7Z
U4
%&‫('و‬$‫" د
א‬#$‫
א‬i]#
‫ض‬/4
M
=‫א‬/$‫?و
א‬


KE11-5F
(‫
א‬M
-5F
(77‫
א‬M
‫وض‬/77‫
א‬1 ?SpoofGuard?
-‫š
אدوא‬6/77W

778
/77 †
‫ ل‬77

L
dL‫{ذא
ن
א‬r
،‫^م‬Z‫
א‬3L

mO= 6‫אد
ز‬/‫
א‬dL‫

א‬+‫
אدא‬fx8
`iO
KE12

+‫
אدא‬d"7ZO
 
‫ذא‬a‫
و‬،.‫א‬/7
7&`6?
+‫ض
אدא‬/7Zr
‫" د‬7#‫
א‬dL
m&?
U4
_/¹ 4}

،.‫א‬/]7#
7&`6?
+‫ض
אدא‬/7Zr
$
‫" د
?م‬7#‫
א‬d7L

d7L‫ذא
ن
א‬a

U4
_/‫א‬


K.‫א‬/,
&`6?
+‫ض
אدא‬/Zr
†
m&?
U4
dL‫`

א‬i‫ذא
‹
א‬a‫و‬

"‫( ﺷﺮﻳﻂ ﺃﺩﻭﺍﺕ ﺟﻮﺟﻞ ﻋﻠﻰ ﻣﺘﺼﻔﺢ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺎﳌﻴﺔ "ﺇﻧﺘﺮﻧﺖ ﺇﻛﺴـﺒﻠﻮﺭﺭ‬9-5) ‫ﺷﻜﻞ‬
(Internet Explorer)

1 crypto.stanford.edu/SpoofGuardL


‫
א
وאאא
אد‬W
‫אد
א و‬ 108
. ‫ ﻗﺎﺋﻤﺔ ﺃﺷﺮﻃﺔ ﺃﺩﻭﺍﺕ ﻣﻜﺎﻓﺤﺔ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ‬.(1-5) ‫ﺍﳉﺪﻭﻝ‬
‫ﺭﺍﺑﻂ ﺍﻟﺸﺒﻜﺔ ﺍﻟﻌﺎﳌﻴﺔ‬ ‫ﺷﺮﻳﻂ ﺍﻷﺩﻭﺍﺕ‬
microsoft.com/ie Internet Explorer 7 Phishing Filter
pages.ebay.com/ebay_toolbar eBay
www.callingid.com CallingID
cloudmark.com CLOUDMARK
earthlink.net EarthLink
toolbar.trustwatch.com TrustWatch
crypto.stanford.edu/SpoofGuard SpoofGuard

‫( ﺭﺳﺎﻟﺔ ﺍﻟﺘﻨﺒﻴﻪ ﻋﻦ ﻣﻮﺍﻗﻊ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﺍﳌﺸـﺒﻮﻫﺔ ﰲ ﺍﳌﺘﺼـﻔﺢ‬10-5) ‫ﺷﻜﻞ‬

"‫"ﺇﻧﺘﺮﻧﺖ ﺇﻛﺴﺒﻠﻮﺭﺭ‬
 ‫‪109‬‬
‫

‬

‫אد
א و
‪
W‬א
وאאא
אد

‬

‫

‬
‫ﺷﻜﻞ )‪ (11-5‬ﺭﺳﺎﻟﺔ ﺍﻟﺘﻨﺒﻴﻪ ﻋﻦ ﻣﻮﺍﻗﻊ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ ﰲ ﺍﳌﺘﺼﻔﺢ "ﺍﻧﺘﺮﻧﺖ‬
‫ﺍﻛﺴﺒﻠﻮﺭﺭ"‬

‫ﺷﻜﻞ )‪ (12-5‬ﺷﺮﻳﻂ ﺃﺩﻭﺍﺕ ﻣﻜﺎﻓﺤﺔ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ "‪"SpoofGuard‬‬



‫
א
وאאא
אد‬W
‫אد
א و‬ 110
Anti- ) ‫ ﺑﺮﺍﻣﺞ ﻣﻜﺎﻓﺤﺔ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘـﺮﻭﱐ‬:‫ ﺍﻹﺟﺮﺍﺀ ﺍﳌﻀﺎﺩ ﺍﻟﺘﺎﺳﻊ‬9.5
(Phishing Software

- 77V8
77n
776 @‫
א‬Esecurity softwareF
776 @‫
א‬q‫א‬/77
<77c
77,O

‫ل‬p77‫
א‬U774
77‫
?و
א‬،
ƒ 77/‫
א‬U774
77‫
א‬77Y4I

%7 &‫('و‬$‫" د
א‬77#$‫א‬

KI‫
א‬-‫א‬/‫א‬

‫" د‬777#$‫ ƒ
א‬777=‫
و‬d777L‫
א‬U7774
_/777‫ ً
א‬7 74

q‫א‬777‫
א‬fx7778
d"777ZO

،
%7&‫('و‬$‫" د
א‬7#$‫
א‬ir (
-‫Œ
?دوא‬/W?
M
3‫
א‬YZ]&
`6/" 

%&‫('و‬$‫א‬

(377‫
א‬- i]77b
U774
- r 77na
-‫Œ
?دوא‬/77W?
077 '
‫م‬77`O
776 @‫
א‬q‫א‬77r


K%&‫
א)('و‬6‫
א‬4
q‫א‬/‫
و‬، ‫א‬

‫" د‬77#$‫
א‬- 77VC
J77b‫
א‬za
r 77n) 3r

K77 (
ً$77S
776 @‫
א‬y77O

-‫א‬/77`&
-pV77 Z‫
و‬،EmalewareF
773“‫
א‬q‫א‬77‫
א‬yr 77(O
ً 7 ,6?
77Y&{r
،%77&‫('و‬$‫א‬


Kb^‫
وא‬،6/Z‫
א‬- & 3‫
א‬L/
za
J‫د‬O
L
t‫
א‬،Ekey loggerF
yO ]‫
א‬S


K YI
+
/‫
א‬+ƒ ]‫`
א‬i
% ?
‫ط‬/W
/Z‫
א‬6 @‫
א‬q‫א‬/
v6ž

77n
776 @‫
א‬U774
77‫
א‬776 @‫
א‬q‫א‬77
77ƒ L
‫ض‬/776
E2-5F
‫ول‬77X‫א‬


K ‫(
א‬3‫
א‬U4
Y"‫
=وא‬za
r n) 
،%&‫('و‬$‫" د
א‬#$‫
א‬- V8



‫( ﻗﺎﺋﻤﺔ ﺑﺮﺍﻣﺞ ﺍﳊﻤﺎﻳﺔ ﺿﺪ ﻫﺠﻤﺎﺕ ﺍﻻﺻﻄﻴﺎﺩ ﺍﻻﻟﻜﺘﺮﻭﱐ‬2-5) ‫ﺟﺪﻭﻝ‬
 ‫(
א‬3‫=אš
א‬

6 @‫
א‬q &/
kaspersky.com Kaspersky Internet Security
symantec.com Norton Internet Security
mcafee.com McAfee Internet Security Suite
trendmicro.com Trend Micro Internet Security
bitdefender.com BitDefender Internet Security
grisoft.com AVG Internet Security
pandasecurity.com Panda Internet Security
111

‫
א
وאאא
אد‬W
‫אد
א و‬

‫)( ا دات‬

Access
‫ ل‬bO‫א‬
Active Attack
šI‫م
א‬VC‫א‬
Address Obfuscation
‫אن‬I‫
א‬6O
ATM


%‡‫_
א‬/b‫
א‬+BY
?
Anti-Phishing Toolbars

‫" د‬77777777#$‫
א‬77777777ir (
-‫Œ
?دوא‬/77777777W?


%&‫('و‬$‫א‬
Anti-Phishing Softwares


%&‫('و‬$‫" د
א‬#$‫
א‬ir (
q‫א‬/
Application


3"O
Attachments
- `r/
Attacker
<
Y‫
א‬
Authentication
6b‫א‬
Backdoors
]
H‫?א‬
Bandwidth


‫ ل‬bO$‫
א‬+ IL

Bank


_/b
Biometrics

6@‫
א‬N6 `‫א‬
Black List
.‫دא‬Z‫א` ƒ
א‬
Blog


&‫و‬
Bounced E-Mail


+O/‫
א‬%&‫
א)('و‬6‫= ƒ
א‬
Browser
y]b‫א‬


‫
א
وאאא
אد‬W
‫אد
א و‬ 112
Chat Rooms


h‫ د‬o‫_
א‬/
Commercial Whitelists


6= V‫
א‬. ,3‫א`אƒ<
א‬
Computer
H S
Configuration
š3n
L
‫אد‬4‫
א‬L
PYO
Content


\‰
Cracker
H»/Ž
Database


- & 
+4 L
Data Integrity
- & 3‫
א‬E (O
‫?و‬F
p
Dialog Box
J=‫א‬S
‫وق‬I#
Dictionary Attack


‫
א` س‬V8
Discussion Boards


‫` ش‬I‫
א‬- `S
DNS Poisoning


- L "I‫
א‬. ˜?
‫<
دم‬ZO
Domain Name
‫" ق‬I‫א<
א‬
Download
ž
E-mail
%&‫
א)('و‬6‫א‬
E-mail account
%&‫
א)('و‬6‫
א‬H ZS
E-mail address
%&‫
א)('و‬6‫אن
א‬I4
E-mail client
%&‫
א)('و‬6‫
א‬4
q &/
E-mail Filtering
%&‫
א)('و‬6‫]
א‬bO
E-Mail Header


 /‫
=?س
א‬Z6‫و‬/O
E-Mail Route


%&‫
א)('و‬6‫ =
= 
א‬Z
113

‫
א
وאאא
אد‬W
‫אد
א و‬

E-mail Server
%&‫
א)('و‬6‫ دم
א‬
Fax


EN ]‫א‬F
ˆ &
Filtering
]bO
Firewalls
6 @‫
א=
א‬
Form


‫´ذج‬
Forums


- 6I‫א‬
Hackers
E‫ز‬/ C‫א‬F
 ‫(
א‬3‫
א‬L'Ž
Heuristics Methods
36/V‫ق
א‬/"‫א‬
Hosts File


],‫
א“אدم
א‬F
HTML


0‫
א‬%bI‫
א‬B'‫
א‬
HTTP


0‫
א‬%bI‫`
א‬I‫ ل
א‬O/
Inquiry
‫م‬p‫א‬
Install
w3O
L
0bIO
L
0 /O
Instant Messenging
/W 3‫
א'א
א‬L
%&‡‫א'א
א‬
Internet


 ‫(
א‬3‫א‬
Integrity Check


 (‫`

א‬i‫א‬
IP Address
w&'&$‫ ل
א‬O‫و‬/
‫אن‬I4
IPS


- L‫ 'א‬$‫
א‬dI
c&?
Junk mail

H/‫
א‬g
6‫א‬
Keystroke Logger
yO ]‫
א‬S
-‫א‬/`&
VZ
Locally


%‰


‫
א
وאאא
אد‬W
‫אد
א و‬ 114
Look and Feel


‫ س‬ZS)‫
وא‬/cI‫א‬
Malicious content
v3
\‰
Malware
3“‫
א‬q‫אא‬
Man-In-The-Middle


š‫
א‬M

/‫
א‬V8
Message body
 /‫&”
א‬
Mutual Authentication


‫ دل‬3‫
א‬6b‫א‬
OCR


ً ƒn
_@‫
א‬U4
_/‫א‬
Online


/W 3
‫ ل‬bO‫
א‬L
%&†
‫ ل‬bO‫א‬
Online trust


%&‡‫ق
א‬h‫א‬
Open Mail Rely


‘]‫
א‬%&‫
א)('و‬6‫ دم
א‬
Operating System


‫ م
א‬c&
Passive Attack


¾Z‫م
א‬VC‫
א‬L
Sp‫م
א‬VC‫א‬
Password


=‫و‬/‫ 
א‬


- 7L "I‫
א‬. 7˜?
‫
دم‬-pV
M
04p‫א‬
Pharming


3“‫
א‬4=B‫
א‬L
Phishing
%&‫('و‬$‫" د
א‬#$‫א‬
POP3


6‫
א‬0(
‫ ل‬O‫و‬/
Popup


`3I‫
א‬- i]b‫א‬
Programming Flow


%k/

Regular Expressions


rŠ‫
א‬-‫א‬g3‫א‬
Scam
‫
»אع‬4

115

‫
א
وאאא
אد‬W
‫אد
א و‬

Search Engines


vi3‫
א‬- /‰
Security Updates
I‫
א‬- 6i‫א‬
Server
‫א“ دم‬
Smart Card
 x‫
א‬L "3‫א‬
SMTP


šZ3‫
א‬6‫ ل
&`
א‬O‫و‬/
SMS


+gbL
b&
 =
Social Engineering


4 
$‫
א‬IC‫א‬
Spywares
NZV‫
א‬q‫א‬/
Strong Authentication


J`‫
א‬6b‫א‬
Subject
 /‫ع
א‬n
Text Field


%»b&
`S
Tools
+4 Z‫
א‬-‫אدوא‬
Traffic


r‫א‬
Two-Factor Authentication


%ƒ I‫
א‬6b‫א‬
Upgrade
L'‫
א‬-‫א=א‬#a
User name

‫^م‬Z‫א<
א‬
Version number
^ZI‫<
א‬L=
Virus
‫وس‬gr
Visual Keyboard


ƒ/‫
א‬yO ]‫
א‬S
Vulnerability
+/h
Web browser


 ‫(
א‬3‫
א‬y]b


‫
א
وאאא
אد‬W
‫אد
א و‬ 116
Webmail

 ‫(
א‬3‫
א‬U4
„3‫
א‬%&‫
א)('و‬6‫א‬
White List
. ,3‫א` ƒ
א‬
Window


+xr &
Worm
+‫دود‬
www
 ‫(
א‬3‫א‬






117

‫
א
وאאא
אد‬W
‫אد
א و‬

+‫ا ا*ــــــــ‬



• Jonathan B. Postel, "SIMPLE MAIL TRANSFER PROTOCOL", RFC 821,
(http://tools.ietf.org/html/rfc821), August 1982.
• Network Working Group, "Requirements for Internet Hosts -- Application and
Support", RFC 1123, (http://tools.ietf.org/html/rfc1123), May 1996.
• Network Working Group, "Post Office Protocol - Version 3", RFC 1939,
(http://tools.ietf.org/html/rfc1939), May 1996.
• Network Working Group, "MAIL ROUTING AND THE DOMAIN
SYSTEM", RFC 974, (http://tools.ietf.org/html/rfc974) , January 1986.
• Network Working Group, "Common DNS Operational and Configuration
Errors", RFC 1912, (http://tools.ietf.org/html/rfc1912) , February 1996.

7P8
،?
6‫د‬7Z‫
א‬7/‫
א(
א‬M
 iL$‫ ƒ
א‬/
8‫א‬/‫
א‬dn‫`<
א‬O? •

،‫م‬2008
J77777777777781429
،- 77777777777‫
א‬77777777777I`O‫
و‬-$ 77777777777bO$‫א‬

Ehttp://www.spam.gov.sa/Statistics-Arabic.docF
• The State of Spam, A Monthly Report – February 2007, Generated by
Symantec Messaging and Web Security
(http://www.symantec.com/avcenter/reference/Symantec_Spam_Report_-
_February_2007.pdf).
•
2006
Spam Trends Report: Year of the Zombies, December 27, 2006,
Commtouch® Software Ltd.,
(http://www.commtouch.com/documents/Commtouch_2006_Spam_Trends_Ye
ar_of_the_Zombies.pdf).
• CALIFORNIA BUSINESS AND PROFESSIONS CODE, DIVISION 7,
PART 3, CHAPTER 1, ARTICLE 1.8.Restrictions On Unsolicited
Commercial E-mail AdvertisersK

• ?Virus description service" from "F-Secure", (http://www.f-secure.com/v-

descs/novarg.shtm).
W‫אن‬I
2004\Z6‫\د‬31
­6= 
`6/r?
HIX‫
א‬24
= 3 ‫
א‬+6/
•
SA cops, Interpol probe murder” ?
(http://www.news24.com/News24/South_Africa/News/0,,2-7-


E1442_1641875,00.html
• Thomas A. Knox,Technologies to Combat Spam, GIAC Security Essentials


‫
א
وאאא
אد‬W
‫אد
א و‬ 118
Certification (GSEC) Practical Assignment, Version 1.4b, Option 1 , SANS
Institute, June 16, 2003K
• “Gmail uses Google's innovative technology to keep spam out of your inbox”,
gmail.com, (http://www.google.com/mail/help/fightspam/spamexplained.html),
December, 2007K

• ? Nick Johnston, PDF Spam: Spam Evolves, PDF becomes the Latest Threat",
Anti-Spam Development at MessageLabs, A MessageLabs Whitepaper,
August 2007K
• Anti-Spam Research Group (ASRG) of the Internet Research Task Force
(IRTF), (http://asrg.sp.amL).
• Mark Ciampa, “Security + Guide to Network Security Fundamentals”, 2nd
edition, THOMSON, 2005.
• M. Jakobsson, S. Myers, “Phishing and Countermeasures: Understanding the
Increasing Problem of Electronic Identity Theft”, WILEY, 2007.
• R. Lininger, R. Vines, “Phishing: Cutting the Identity Theft Line”, WILEY,
2005.
• L. James, “Phishing Exposed”, SYNGRESS, 2005.
• A. Emigh, "Online Identity Theft: Phishing Technology, Chokepoints and
Countermeasures", Radix Labs, October 3, 2005.

EI3‫
א‬S‫
א‬.p
Y
‫
א‬%&‫('و‬$‫" د
א‬#$‫
= 
א‬h‫]
ž
@ د‬L‫?و‬ •

77V@‫
א‬J‫
ذ‬77
14
w377Z‫
א‬،6‫د‬77Z‫ ض
א‬776/‫
א‬+776/

،77‫
א‬77
،?6‫د‬77Z‫א‬
13718
‫

אد‬J
‫م‬2006
/6 I6
14

J
781426
• Christopher Abad, “The economy of phishing: A survey of the operations of
the phishing market”, First Monday, volume 10, number 9, September 2005,
(http://firstmonday.org/issues/issue10_9/abad/index.html). M. Jakobsson, S.
Myers, “Phishing and Countermeasures: Understanding the Increasing Problem
of Electronic Identity Theft”, Wiley, 2007.
• The Anti-Phishing Working Group, www.apwg.com.
• Phishing Activity Trends, Report for the Month of November, 2007, Anti-
Phishing Working Group (APWG), apwg.org
• Gartner, Media Relations, 2008 Press Releases, “Gartner Survey Shows
Phishing Attacks Escalated in 2007; More than $3 Billion Lost to These
Attacks”, (http://www.gartner.com/it/page.jsp?id=565125), 05-March-2008.
• Joris Evers, Staff Writer, “PayPal fixes phishing hole”, CNET News.com,
119

‫
א
وאאא
אد‬W
‫אد
א و‬

(http://www.news.com/PayPal-fixes-phishing-hole/2100-7349_3-
6084974.html) , Published: June 16, 2006 4:12 PM PDT.
• Sebastian Bauer, “Knorr.de SQL Injection and XSS Vulnerabilities”,
(http://blog.gjl-network.net/blog/index.php?/archives/78-Knorr.de-SQL-
Injection-and-XSS-Vulnerabilities.html) , 01/12/07.
• http://www.antiphishing.org/phishing_archive/Citibank_3-31-04.htm
• Ingrid Marson, “Firefox flaw raises phishing fears”,
(http://www.news.com/Firefox-flaw-raises-phishing-fears/2100-1002_3-
5517149.html), Published: January 7, 2005 11:06 AM PST
• Network Working Group, "Hypertext Transfer Protocol -- HTTP/1.1", RFC
2616, June 1999, (http://tools.ietf.org/html/rfc2616)
• “Microsoft Phishing Filter: A New Approach to Building Trust in E-Commerce
Content”, anti-phishing white paper, Microsoft.com,2005