Phishing basics: include its history
Introduction: phishing in detail
Techniques: Techniques used like link manipulation,web forgery
New phish: spear phishing
reason behind phishing
latest case study
survey: on top hosting and victim countries
Examples: popular website and email examples
2. AGENDA
• Phishing Basics
• Introduction
• Techniques
• New phish
• Reason behind phishing
• Latest case study
• Survey
• Examples
• Conclusion
3. PHISHING BASICS
• Pronounced "fishing“
• The word has its Origin from two words
“Password Harvesting” or fishing for Passwords
• Phishing a kind of deception in which an attacker
pretends to be someone else in order to obtain
sensitive information from the victim
• Also known as "brand spoofing“
• Phishers are phishing artists
4. INTRODUCTION
• Phishing “IDENTITY THEFT” is obtaining sensitive &
valuable information about the customer.
• Phishing makes high profit with less or small
tecnological investment.
• It tries to trick users with official-looking messages
• Some phishing e-mails also
contain malicious or unwanted
software
7. Who Is Behind The Phishes &
Why
PHISH ARTISTS
send out millions of these scam e-
mails in the hopes that even a few
recipients will act on them and
provide their personal and
financial information
e-mail address that has
been made public on the
Internet - more
susceptible to phishing
e-mail address can be
saved by spiders that
search the Internet
Compared to
8. WHY
?MAIL-ID
They can grab as many
e-mail addresses as they
can
they can cheaply and easily
access millions of valid e-
mail addresses to send
these scams to
9. LATEST CASE STUDY
• A very recent and popular case of phishing is that the
chinese phishers are targeting GMAIL account of high
ranked official of united states,south korea
government and military information & chinese
political activities.
10.
11. SURVEY
• A survey found that 9 out of 10 American adult
Internet users have made changes to their Internet
habits because of the threat of identity theft.
• The 30 percent say that they reduced their overall
usage.
• The 25 percent say they have stopped shopping
online, while 29 percent of those that still shop
online say they have decreased the frequency of
their purchases.
18. ACCOUNT ALERT
Dear Valued Member,
According to our terms of services, you will have to confirm your e-
mail by the following link, or your account will be suspended for
security reasons.
http://www.uc.edu/confirm.php?account=d.mich.mal@uc.edu
After following the instructions in the sheet, your account will not
be interrupted and will continue as normal.
Thanks for your attention to this request. We apologize for any
inconvenience.
Sincerely, Uc Abuse Department
19. POPULAR FRAUDULENT EMAIL
PHRASES
"Verify your account.“
*** If you receive an e-mail from Microsoft
asking you to update your credit card
information, do not respond: this is Phishing
scam.
"If you don't respond within 48 hours, your
account will be closed.“
"Dear Valued Customer.“
"Click the link below to gain access to your
account.“
20. RECENT ACTIVITY
• June 16, 2014 HM Revenue and Customs -
Automated Tax Refund Notification
• May 20, 2014Wells Fargo Bank - New Message
from Wells Fargo Online
• April 14, 2014Discover Bank - A Massege From
Discover Card Service
• March 21, 2014Banco Itau - aviso27:
Comunicado importante
21.
22. IMPACT OF PHISHING
• loss of access to email to substantial financial loss
• Erosion of Public Trust in the Internet. Phishing also
decreases the public’s trust in the Internet.
23. How to avoid Phishing
• DON’T CLICK THE LINK
– Type the site name in your browser (such as
www.paypal.com)
• Never send sensitive account information by e-mail
– Account numbers, SSN, passwords
• Never give any password out to anyone
• Verify any person who contacts you (phone or email).
– If someone calls you on a sensitive topic, thank them, hang
up and call them back using a number that you know is
correct, like from your credit card or statement.
24. CONCLUSION
Awareness of phishing is in as it is a form of
criminal conduct that poses increasing threats
to consumers, financial institutions, and
commercial enterprises in Canada, the United
States, and other countries.