PhishingBy:Esraa Yaseen Israa El-JamalTo:Eng. Abdel Nasser AbdelhadiIslamic University-GazaFaculty of EngineeringComputer Department
Outline Definition Comparison to Spam Facts about Phishing Phishing step by step What phishers want ? Effects of phishing Real stories How to phish?? Marks of phishing emails How to Avoid? I’ve been already phished
” phishing”Name and definition …It is the act of tricking someone into givingconfidential information (like passwords andcredit card information) on a fake web pageor email form pretending to come from alegitimate company (like their bank).
COMPARISON TO SPAM The purpose of a phishing message is to acquire sensitiveinformation about a user. For doing so the message needs todeceive the intended recipient.So it doesn’t contains any useful information and hence fallsunder the category of spam. A spam message tries to sell a product or service, whereasphishing message needs to look like it is from a legitimateorganization. Techniques applied to spam message cant be applied naivelyto phishing messages.
Facts about Phishing !6.1 Billion – Number of phishing e-mails sent world-wide each month.$1,200 – Average loss to successfullyphished person.A new phishing scam is launchedevery two minutes.
What kinds of personalinformation do the thieves want?◦ Your name, address and date of birth◦ Social Security number◦ Driver’s License number◦ Credit Card numbers◦ ATM cards◦ Telephone calling cards
How to avoid phishing? Think before you open, Never open suspiciousemails. Ensure that the web browser has the latest securitypatch applied. Install latest anti-virus packages. Verify the accounts and transactions regularlyNever submit credentials on forms embedded inemails. Inspect the address bar and SSL certificate.
If I’ve been already phished?? Take immediate action to protect your identityand all of your online accounts. Treat the situation like you lost your wallet orpurse. Immediately contact all of your financialinstitutions, preferably by phone, and inform themof the situation.Go to every web site where you may have storedcredit card and/or bank numbers and change thepassword at each web site Choose a strong password that is significantlydifferent from your old passwords. Forward spam that is phishing for information firstname.lastname@example.org and visit FTC’s