Your SlideShare is downloading. ×
Anatomy of a Phishing Email
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×

Introducing the official SlideShare app

Stunning, full-screen experience for iPhone and Android

Text the download link to your phone

Standard text messaging rates apply

Anatomy of a Phishing Email

772
views

Published on

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
772
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Anatomy of a Phishing Email
  • 2. Spamming for money2 phish·ing/ˈfi shiŋ/ - noun: The fraudulent practice of sending emails purporting to be from legitimate companies in order to induce individuals to reveal personal information © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 3. 3 An inbox hand grenade This is what a phishing email can look like if your email client is set to display text only. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 4. 4 Looks can be deceiving And here it is loaded in rich-text or HTML. Odds are your email is set up so that a phishing email could look a lot like this. Seems official? © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 5. 5 A closer look Notice the To: and Cc: boxes aren’t filled in. And while it claims to be from Wells Fargo, the email address appears to be from “activation.” © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 6. 6 Not my number See how they’ve tried to make the VISA number look like something you’d recognize? Well, on most credit cards it’s the last eight numbers that are unique. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 7. 7 Obvious no-no No bank or legitimate business will ask for personal information in an email. It’s a clear sign the message is a scam. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 8. A deeper look8  The scammers get sophisticated. The Wells Fargo logo has an official SSL certificate, a widely accepted method for ensuring a secure connection. That means the bad guys mined the Internet for official company graphics to include in the con. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 9. Verified, but not9  The SSL certificate is verified, meaning it has been officially recognized as Wells Fargo.  But that only applies to the logo. So if you dissect your messages for authenticity, be careful. It’s easy to be misled. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 10. 10 The evil code Looking at the email code, you can see information wouldn’t be sent to Wells Fargo, but to PayPal. It’s designed to automatically pull money from your account, through PayPal, presumably to the hackers’ account. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 11. The reroute game11 The scammers are also trying to mask their steps by pumping your information through a masked web address: http://0x185AED0A/T/w.php © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 12. Use your judgment12 The best defense against these phishing attacks is sound judgment. If it doesn’t feel right, it probably isn’t. Simply pick up the phone, call your bank or business, and ask them to work with you over the phone. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 13. Take action13 If you’ve fallen for a phishing scam, you’re not alone. Call your bank, credit union, insurer, financial planner or attorney to see if they provide identity theft protection. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012
  • 14. Help is out there14 Call Identity Theft 911 at 1-888-682-5911. © 2003-2012 Identity Theft 911, LLC. All Rights Reserved - Confidential July 13, 2012