Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication.
4. There are a number of different phishing
techniques used to obtain personal information
from users.
As technology becomes more advanced, the
phishing techniques being used are also more
advanced.
To prevent Internet phishing, users should
have knowledge of various types of phishing
techniques and we should also be aware of
anti-phishing techniques to protect ourselves
from getting phished.
4
5. PHISHING
Phishing is a type of deception designed to
steal your valuable personal data, such as
credit card numbers, passwords, account data,
or other information.
5
6. Your name, address and
date of birth
Social Security number
Driver’s License number
Credit Card numbers
ATM cards
Telephone calling cards
6
12. 12
Difference between https and http
If You are using Hypertext Transfer Protocol
Secure (HTTPS) Instead of Hypertext Transfer
Protocol (HTTP), then your website is safe and no one
can steal your information.
If No, Then The website You are working with is
not safe….!
13. • To verify the website you are connecting to is the
genuine website.
• To ensure the privacy of your data during transit.
• To ensure the integrity of your data during transit.
Why do we use TLS or SSL? 13
14. Using https, the computers agree
on a “code”
This “code” is running in TLS or
SSL so that no one can steal Your
personal Information.
14Why https is safe?
16. Clone Phishing
16
Content of original mail (including link) copied
to create duplicate email. But the link may be
replaced with phishers fake or harmful links.
Spear Phishing
Phishing attempts directed at specific
individuals or companies have been termed
Spear Phishing.
Whaling Phishing
Phishing attacks have been directed specifically
at senior executives and other high profile
targets within businesses is known as Whaling
Phishing.
19. 1)Link manipulation
Link manipulation is the technique
in which the phisher sends fake link
to A website that is usually visited
by the victim or the user.
Two Types Of Fake Links.
Link Which Redirected to Phishers
website.
Malware Links.
19
25. HOW TO PREVENT?
One of the anti-phishing techniques used to prevent
link manipulation is to move the mouse over the link
to view the actual address.
To check the http”s” connection in address bar ,
meaning its a secure connection.
25
27. WHY KEYLOGGERS ARE A THREAT?
key loggers doesn't make any threat to the
system itself
A key logger is a type of software can record
instant messages, e-mail, and any information
you type at any time using your keyboard.
As a result, cyber criminals can get PIN codes
and account numbers for e-payment systems,
passwords to online gaming accounts, email
addresses, user names, email passwords etc.
27
28. HOW TO DETECT AND PREVENT??
Make entries through the virtual keyboard.
install an antivirus product and keep its database up to
date.
Use anti-spyware software's.
28
30. •Session Hijacking (a.k.a. Session Side jacking) is a form
of Man In The Middle (MITM) attack.
• In which a malicious attacker has access to the transport
layer and can eavesdrop on communications.
•When communications are not protected they can steal
the unique session ID and imitate the victim on the
target site.
•This grants the attacker access to your account and data.
SESSION HIJACKING 30
32. Steps in Session Hijacking
1. Place yourself between the victim and the target .
2. Monitor the flow of packets
3. Predict the sequence number
4. Kill the connection to the victim’s machine
5. Take over the session
6. Start injecting packets to the target server
32
Prevention of session hijacking
1.Encription and connectivity.
2.Use anti-virus software.
34. Phone phishing
Mobile Phishing is a social engineering
technique where the attack is invited via mobile
texting rather than email.
Using Fake Calls and will say to dial something.
Using fake SMS.
34
37. Email Spoofing
Email Trap By Using Fake Email Address.
This is the trick
Used by spammers.
37
38. Defensive tips against email spoofing
Firstly check the salutation
Take care of grammar
mistakes
Must check the links in email
Claiming that an email has
come from reliable source
Forward spoofed emails to
FTC (Federal Trade
Commission)
38