This document discusses phishing and identity theft. It defines phishing as attempting to acquire sensitive information like usernames, passwords, and credit card details by disguising as a trustworthy entity. Common phishing techniques mentioned include URL manipulation, filters, website forgery, flash phishing, social phishing, and phone phishing. The document also covers identity theft types and prevention methods.
Phishing involves masquerading as a trustworthy entity to steal user credentials and sensitive information. It works by tricking users into entering private details on fake websites or in emails made to look like they came from legitimate sources. Phishing can have serious financial and privacy impacts for victims. Key prevention methods include using antivirus software, firewalls, and caution about unsolicited emails requesting sensitive data.
This document discusses the history and techniques of phishing and spam. It begins by explaining how phishing originated in 1995 targeting AOL customers to open accounts using stolen credit cards. It then describes how phishing evolved to target online payment systems starting in 2001. The document outlines common phishing techniques like creating a sense of urgency, using legitimate-looking email addresses and links, and attaching files. It also provides statistics on potential rewards from phishing and discusses spear phishing and cross-site scripting attacks. Lastly, it offers tips to protect against phishing like using separate email addresses, not responding to spam, keeping software updated, and verifying website security.
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
This presentation contains Introduction of Phishing attack, its types and Various techniques, their impact with real live example, after that its Avoidance, Prevention and Solution. Also it contains brief introduction of SSL and HTTPS with their working.
The document discusses phishing, which is a criminal activity using social engineering to fraudulently acquire sensitive information like passwords and credit card details. Phishers masquerade as trustworthy entities through electronic communications. Types of phishing include using JavaScript to alter address bars or using a trusted website's scripts against victims. The document provides examples of PayPal and Yahoo phishing and discusses the damage caused as well as prevention methods like anti-phishing software, challenge questions, and verification tools.
Phishing involves attempting to acquire sensitive information like usernames, passwords, and credit card details by masquerading as a trustworthy entity. Common phishing techniques include email spoofing and creating fake websites that look identical to legitimate ones. Phishing can be prevented by being wary of unsolicited requests for information, verifying website URLs, using security software, and reporting any suspicious activity.
Phishing is a form of fraud online. The thief uses phishing emails to distribute malicious links that can perform a variety of functions, including the extraction of login credentials or account information from victims.
This document discusses phishing, which is defined as fraudulently acquiring personal information by tricking individuals into believing the attacker is a trustworthy entity, usually through email or instant messages. It describes how phishers attack by using technical deception to spoof links or including usernames and passwords in web URLs. The document provides tips on how to detect phishing, such as looking for misspelled URLs or @ symbols in addresses. It also discusses the damage caused by phishing, from lost access to substantial financial loss, and concludes that phishing is a decentralized online fraud economy governed by supply and demand.
This document discusses phishing, which is a type of criminal activity where scammers try to acquire sensitive information like usernames, passwords, and credit card details by masquerading as a trustworthy entity. Phishing is dangerous because emails and websites can look very convincing. Statistics show that phishing attacks increased dramatically between 2005 and 2006, affecting millions of people and costing businesses billions. The document describes common phishing techniques like website forgery, voice phishing, and using images to evade detection. It concludes by providing tips to protect yourself such as using spam filters, anti-phishing browser tools, and not clicking links in emails.
Phishing involves masquerading as a trustworthy entity to steal user credentials and sensitive information. It works by tricking users into entering private details on fake websites or in emails made to look like they came from legitimate sources. Phishing can have serious financial and privacy impacts for victims. Key prevention methods include using antivirus software, firewalls, and caution about unsolicited emails requesting sensitive data.
This document discusses the history and techniques of phishing and spam. It begins by explaining how phishing originated in 1995 targeting AOL customers to open accounts using stolen credit cards. It then describes how phishing evolved to target online payment systems starting in 2001. The document outlines common phishing techniques like creating a sense of urgency, using legitimate-looking email addresses and links, and attaching files. It also provides statistics on potential rewards from phishing and discusses spear phishing and cross-site scripting attacks. Lastly, it offers tips to protect against phishing like using separate email addresses, not responding to spam, keeping software updated, and verifying website security.
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
This presentation contains Introduction of Phishing attack, its types and Various techniques, their impact with real live example, after that its Avoidance, Prevention and Solution. Also it contains brief introduction of SSL and HTTPS with their working.
The document discusses phishing, which is a criminal activity using social engineering to fraudulently acquire sensitive information like passwords and credit card details. Phishers masquerade as trustworthy entities through electronic communications. Types of phishing include using JavaScript to alter address bars or using a trusted website's scripts against victims. The document provides examples of PayPal and Yahoo phishing and discusses the damage caused as well as prevention methods like anti-phishing software, challenge questions, and verification tools.
Phishing involves attempting to acquire sensitive information like usernames, passwords, and credit card details by masquerading as a trustworthy entity. Common phishing techniques include email spoofing and creating fake websites that look identical to legitimate ones. Phishing can be prevented by being wary of unsolicited requests for information, verifying website URLs, using security software, and reporting any suspicious activity.
Phishing is a form of fraud online. The thief uses phishing emails to distribute malicious links that can perform a variety of functions, including the extraction of login credentials or account information from victims.
This document discusses phishing, which is defined as fraudulently acquiring personal information by tricking individuals into believing the attacker is a trustworthy entity, usually through email or instant messages. It describes how phishers attack by using technical deception to spoof links or including usernames and passwords in web URLs. The document provides tips on how to detect phishing, such as looking for misspelled URLs or @ symbols in addresses. It also discusses the damage caused by phishing, from lost access to substantial financial loss, and concludes that phishing is a decentralized online fraud economy governed by supply and demand.
This document discusses phishing, which is a type of criminal activity where scammers try to acquire sensitive information like usernames, passwords, and credit card details by masquerading as a trustworthy entity. Phishing is dangerous because emails and websites can look very convincing. Statistics show that phishing attacks increased dramatically between 2005 and 2006, affecting millions of people and costing businesses billions. The document describes common phishing techniques like website forgery, voice phishing, and using images to evade detection. It concludes by providing tips to protect yourself such as using spam filters, anti-phishing browser tools, and not clicking links in emails.
Phishing is a hacking technique where attackers fool users into providing personal information by creating fake websites that look like trusted sites. There are several types of phishing attacks, including deceptive phishing which sends bulk emails with links to steal information, spear phishing which targets specific individuals, and whaling which targets high-level executives. Phishing can be prevented through user education and security technology, though no single measure completely stops it.
Phishing is a form of cybercrime where scammers acquire personal information like credit card numbers and passwords by sending fraudulent emails pretending to be from legitimate businesses. These emails will ask users to provide or verify personal details. Phishing is growing rapidly and targets users of online banking and auction sites. To protect yourself, be wary of unsolicited requests for information via email and ensure your devices have updated antivirus software. If you receive a phishing email or become a victim, report it and monitor your accounts for fraudulent activity.
The document discusses various types of cyber crimes such as cyber defamation, forgery, online gambling, intellectual property crimes, and financial crimes. It provides examples of different cyber crimes including phishing scams, identity theft, cyber terrorism, and computer hacking. Cyber crimes can involve using computers as tools to commit offenses like distributing malware, or targeting computers and data directly through hacking and data theft. The document aims to educate about the different genres of cyber crimes and techniques used by cyber criminals.
Phishing--The Entire Story of a Dark WorldAvishek Datta
Phishing is a common problem in today's world. I have summarized some of the essential points needed for anyone to safeguard against all known Phishing attacks.
This document discusses prevention of fraud and forgery in internet banking. It begins by defining fraud and forgery, explaining how they differ. It then explains how internet banking fraud often occurs through phishing attacks, where fraudsters steal login credentials through deceptive emails or websites. The document outlines the typical process fraudsters use, from obtaining details to transferring money. It emphasizes that awareness is key to prevention and provides tips for customers to avoid falling victim, such as using strong unique passwords, updating security software, and being wary of unsolicited communications asking for private information.
This document discusses phishing, which is an attempt to acquire personal information like usernames, passwords, and credit card details through fraudulent emails or websites. Phishing works by tricking users into entering information on fake websites designed to look like legitimate ones. It outlines the history and techniques of phishing, as well as the large financial and trust impacts it has. The document also provides tips on how to prevent phishing and examines a case study of the Mumbai mafia phishing IT professionals in Bangalore through benami bank accounts.
Phishing involves attempting to acquire sensitive information like usernames, passwords, and credit card details by masquerading as a trustworthy entity. It is often done through email spoofing or instant messaging to direct users to fake websites. Common phishing techniques include disguised email links and sender addresses, clickable email images leading to bogus websites, and requests for sensitive info. Users can prevent phishing by not responding to unsolicited requests for personal info, directly visiting websites instead of clicking links, monitoring accounts regularly, and being cautious with personal data.
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is a fraudulent e-mail that attempts to get you to divulge personal data that can then be used for illegitimate purposes.
This document discusses various types of cyber crimes and precautions individuals can take. It describes cyber crimes such as hacking, malware attacks, phishing, online scams/fraud, cyberbullying, and identity theft. It notes that cyber crimes are increasing as the world's reliance on technology grows. The document also provides statistics on the prevalence and financial costs of cyber crimes in India. Finally, it recommends precautions like using strong passwords, reviewing statements regularly, and avoiding suspicious emails or links.
A delightful way to teach kids about computers806670
Cybercrime is criminal activity carried out using computers or the internet, with the object of crimes including hacking, phishing, and spamming. In 2016, over 2 billion records were stolen or lost, and in 2015 100 million Americans lost health insurance cards. Most cybercrime, around 80%, originates from sophisticated criminal gangs, with the illegal cybercrime economy valued at $445 billion and larger than the GDP of 160 nations. Cybercriminals access users' data through Trojans in phishing emails, pop-up windows prompting calls to fake support numbers, and operating like legitimate online marketplaces selling malware and fake IDs. To curb cybercrime, organizations must share attack information rather than keeping it secret for competitive advantage
This document discusses phishing, which is a form of online identity theft that aims to steal users' sensitive information such as credit card numbers, usernames, and passwords. It does this through fraudulent emails or websites that appear legitimate but are designed to trick users into entering private details. The document provides examples of common phishing techniques and scams targeting financial institutions. It advises users not to click links or open attachments in suspicious emails and to be wary of unsolicited requests for personal information online.
The document provides an overview of phishing technology. It defines phishing as acquiring sensitive user information through deceptive messages, usually via email or websites. The summary explains how phishers create imitation websites to trick users into providing passwords, financial details, or other sensitive data. It also outlines common signs of phishing emails and recommends reporting any suspicious messages and not clicking links within unsolicited emails.
How To Keep the Grinch From Ruining Your Cyber MondayMichele Chubirka
Ready to avoid crowded stores and online scammers during the holidays? Join Michele Chubirka as she goes through:
-Tips for safe online shopping and securing your banking information
-Protecting yourself from internet scams, phishing and fraud
Safeguard your personal information against identity theft
-How to use Anti-virus and other security software to keep your digital information safe.
The document provides an overview of phishing technology. It defines phishing as acquiring sensitive user information through deceptive messages, usually via email or websites. The summary explains how phishers create imitation websites to trick users into providing passwords, financial details, or other sensitive data. It also outlines common signs of phishing emails and recommends reporting any suspicious messages and not clicking links within unsolicited emails.
The document discusses phishing, which refers to attempts by criminals to acquire sensitive information such as usernames, passwords, and credit card details by disguising themselves as a trustworthy entity through fraudulent emails or websites. It provides details on how phishing works, what information phishers typically ask for, signs of phishing messages to watch out for, and steps individuals can take to protect themselves, including using antivirus software, firewalls, and caution when receiving suspicious emails or entering information on websites.
Internet fraud involves using the internet to commit fraudulent activities. Common types of internet fraud include credit/debit card fraud, business deceit, and identity theft. To prevent internet fraud, it is important to keep firewalls and antivirus/antispyware software updated, use strong and unique passwords, watch out for phishing scams, and protect personal information.
Technology is negative only in the hands of people who do not realize that they are one and the same process as the universe.
tips to avoid cyber crime:
Ignore the unwanted messages or e-mails
Protect your e-identity (electronic identity)
Never store your own details on any mobile device (Secure mobile devices)
If in doubt, block
Ignore pop-ups
Only shop online on secure sites
Different site, different passwords (don’t use same key for all locks)
Lock down your FB account
Always make sure that login pages use SSL and that the login pages starts with https://
Phishing scams have evolved over time from targeting AOL users in 1995 to now using more sophisticated techniques like DNS tricks, JavaScript attacks, and spear phishing. Phishing scams aim to steal personal information like credit card numbers and account credentials through fraudulent emails or websites. To avoid phishing scams, users should be wary of unsolicited emails asking for personal information, look for misspellings or unusual URLs in links, and only access financial sites by typing URLs directly or using saved favorites.
Phishing is a type of scam where fraudulent emails are sent to steal personal information like credit card numbers or passwords. Phishing originated in the 1970s as "phreaking" to make free phone calls and has evolved over time. By 2007, phishing targeted major banks and payment sites like PayPal to steal money from bank accounts. Current phishing techniques employ social engineering by appearing to come from trusted contacts or references to recent online activities to trick victims. The document provides tips on identifying phishing scams by looking for requests to verify accounts or update personal information through email links or urgent messages.
Phishing is a hacking technique where attackers fool users into providing personal information by creating fake websites that look like trusted sites. There are several types of phishing attacks, including deceptive phishing which sends bulk emails with links to steal information, spear phishing which targets specific individuals, and whaling which targets high-level executives. Phishing can be prevented through user education and security technology, though no single measure completely stops it.
Phishing is a form of cybercrime where scammers acquire personal information like credit card numbers and passwords by sending fraudulent emails pretending to be from legitimate businesses. These emails will ask users to provide or verify personal details. Phishing is growing rapidly and targets users of online banking and auction sites. To protect yourself, be wary of unsolicited requests for information via email and ensure your devices have updated antivirus software. If you receive a phishing email or become a victim, report it and monitor your accounts for fraudulent activity.
The document discusses various types of cyber crimes such as cyber defamation, forgery, online gambling, intellectual property crimes, and financial crimes. It provides examples of different cyber crimes including phishing scams, identity theft, cyber terrorism, and computer hacking. Cyber crimes can involve using computers as tools to commit offenses like distributing malware, or targeting computers and data directly through hacking and data theft. The document aims to educate about the different genres of cyber crimes and techniques used by cyber criminals.
Phishing--The Entire Story of a Dark WorldAvishek Datta
Phishing is a common problem in today's world. I have summarized some of the essential points needed for anyone to safeguard against all known Phishing attacks.
This document discusses prevention of fraud and forgery in internet banking. It begins by defining fraud and forgery, explaining how they differ. It then explains how internet banking fraud often occurs through phishing attacks, where fraudsters steal login credentials through deceptive emails or websites. The document outlines the typical process fraudsters use, from obtaining details to transferring money. It emphasizes that awareness is key to prevention and provides tips for customers to avoid falling victim, such as using strong unique passwords, updating security software, and being wary of unsolicited communications asking for private information.
This document discusses phishing, which is an attempt to acquire personal information like usernames, passwords, and credit card details through fraudulent emails or websites. Phishing works by tricking users into entering information on fake websites designed to look like legitimate ones. It outlines the history and techniques of phishing, as well as the large financial and trust impacts it has. The document also provides tips on how to prevent phishing and examines a case study of the Mumbai mafia phishing IT professionals in Bangalore through benami bank accounts.
Phishing involves attempting to acquire sensitive information like usernames, passwords, and credit card details by masquerading as a trustworthy entity. It is often done through email spoofing or instant messaging to direct users to fake websites. Common phishing techniques include disguised email links and sender addresses, clickable email images leading to bogus websites, and requests for sensitive info. Users can prevent phishing by not responding to unsolicited requests for personal info, directly visiting websites instead of clicking links, monitoring accounts regularly, and being cautious with personal data.
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is a fraudulent e-mail that attempts to get you to divulge personal data that can then be used for illegitimate purposes.
This document discusses various types of cyber crimes and precautions individuals can take. It describes cyber crimes such as hacking, malware attacks, phishing, online scams/fraud, cyberbullying, and identity theft. It notes that cyber crimes are increasing as the world's reliance on technology grows. The document also provides statistics on the prevalence and financial costs of cyber crimes in India. Finally, it recommends precautions like using strong passwords, reviewing statements regularly, and avoiding suspicious emails or links.
A delightful way to teach kids about computers806670
Cybercrime is criminal activity carried out using computers or the internet, with the object of crimes including hacking, phishing, and spamming. In 2016, over 2 billion records were stolen or lost, and in 2015 100 million Americans lost health insurance cards. Most cybercrime, around 80%, originates from sophisticated criminal gangs, with the illegal cybercrime economy valued at $445 billion and larger than the GDP of 160 nations. Cybercriminals access users' data through Trojans in phishing emails, pop-up windows prompting calls to fake support numbers, and operating like legitimate online marketplaces selling malware and fake IDs. To curb cybercrime, organizations must share attack information rather than keeping it secret for competitive advantage
This document discusses phishing, which is a form of online identity theft that aims to steal users' sensitive information such as credit card numbers, usernames, and passwords. It does this through fraudulent emails or websites that appear legitimate but are designed to trick users into entering private details. The document provides examples of common phishing techniques and scams targeting financial institutions. It advises users not to click links or open attachments in suspicious emails and to be wary of unsolicited requests for personal information online.
The document provides an overview of phishing technology. It defines phishing as acquiring sensitive user information through deceptive messages, usually via email or websites. The summary explains how phishers create imitation websites to trick users into providing passwords, financial details, or other sensitive data. It also outlines common signs of phishing emails and recommends reporting any suspicious messages and not clicking links within unsolicited emails.
How To Keep the Grinch From Ruining Your Cyber MondayMichele Chubirka
Ready to avoid crowded stores and online scammers during the holidays? Join Michele Chubirka as she goes through:
-Tips for safe online shopping and securing your banking information
-Protecting yourself from internet scams, phishing and fraud
Safeguard your personal information against identity theft
-How to use Anti-virus and other security software to keep your digital information safe.
The document provides an overview of phishing technology. It defines phishing as acquiring sensitive user information through deceptive messages, usually via email or websites. The summary explains how phishers create imitation websites to trick users into providing passwords, financial details, or other sensitive data. It also outlines common signs of phishing emails and recommends reporting any suspicious messages and not clicking links within unsolicited emails.
The document discusses phishing, which refers to attempts by criminals to acquire sensitive information such as usernames, passwords, and credit card details by disguising themselves as a trustworthy entity through fraudulent emails or websites. It provides details on how phishing works, what information phishers typically ask for, signs of phishing messages to watch out for, and steps individuals can take to protect themselves, including using antivirus software, firewalls, and caution when receiving suspicious emails or entering information on websites.
Internet fraud involves using the internet to commit fraudulent activities. Common types of internet fraud include credit/debit card fraud, business deceit, and identity theft. To prevent internet fraud, it is important to keep firewalls and antivirus/antispyware software updated, use strong and unique passwords, watch out for phishing scams, and protect personal information.
Technology is negative only in the hands of people who do not realize that they are one and the same process as the universe.
tips to avoid cyber crime:
Ignore the unwanted messages or e-mails
Protect your e-identity (electronic identity)
Never store your own details on any mobile device (Secure mobile devices)
If in doubt, block
Ignore pop-ups
Only shop online on secure sites
Different site, different passwords (don’t use same key for all locks)
Lock down your FB account
Always make sure that login pages use SSL and that the login pages starts with https://
Phishing scams have evolved over time from targeting AOL users in 1995 to now using more sophisticated techniques like DNS tricks, JavaScript attacks, and spear phishing. Phishing scams aim to steal personal information like credit card numbers and account credentials through fraudulent emails or websites. To avoid phishing scams, users should be wary of unsolicited emails asking for personal information, look for misspellings or unusual URLs in links, and only access financial sites by typing URLs directly or using saved favorites.
Phishing is a type of scam where fraudulent emails are sent to steal personal information like credit card numbers or passwords. Phishing originated in the 1970s as "phreaking" to make free phone calls and has evolved over time. By 2007, phishing targeted major banks and payment sites like PayPal to steal money from bank accounts. Current phishing techniques employ social engineering by appearing to come from trusted contacts or references to recent online activities to trick victims. The document provides tips on identifying phishing scams by looking for requests to verify accounts or update personal information through email links or urgent messages.
Introduction to AI for Nonprofits with Tapp NetworkTechSoup
Dive into the world of AI! Experts Jon Hill and Tareq Monaur will guide you through AI's role in enhancing nonprofit websites and basic marketing strategies, making it easy to understand and apply.
বাংলাদেশের অর্থনৈতিক সমীক্ষা ২০২৪ [Bangladesh Economic Review 2024 Bangla.pdf] কম্পিউটার , ট্যাব ও স্মার্ট ফোন ভার্সন সহ সম্পূর্ণ বাংলা ই-বুক বা pdf বই " সুচিপত্র ...বুকমার্ক মেনু 🔖 ও হাইপার লিংক মেনু 📝👆 যুক্ত ..
আমাদের সবার জন্য খুব খুব গুরুত্বপূর্ণ একটি বই ..বিসিএস, ব্যাংক, ইউনিভার্সিটি ভর্তি ও যে কোন প্রতিযোগিতা মূলক পরীক্ষার জন্য এর খুব ইম্পরট্যান্ট একটি বিষয় ...তাছাড়া বাংলাদেশের সাম্প্রতিক যে কোন ডাটা বা তথ্য এই বইতে পাবেন ...
তাই একজন নাগরিক হিসাবে এই তথ্য গুলো আপনার জানা প্রয়োজন ...।
বিসিএস ও ব্যাংক এর লিখিত পরীক্ষা ...+এছাড়া মাধ্যমিক ও উচ্চমাধ্যমিকের স্টুডেন্টদের জন্য অনেক কাজে আসবে ...
Executive Directors Chat Leveraging AI for Diversity, Equity, and InclusionTechSoup
Let’s explore the intersection of technology and equity in the final session of our DEI series. Discover how AI tools, like ChatGPT, can be used to support and enhance your nonprofit's DEI initiatives. Participants will gain insights into practical AI applications and get tips for leveraging technology to advance their DEI goals.
Physiology and chemistry of skin and pigmentation, hairs, scalp, lips and nail, Cleansing cream, Lotions, Face powders, Face packs, Lipsticks, Bath products, soaps and baby product,
Preparation and standardization of the following : Tonic, Bleaches, Dentifrices and Mouth washes & Tooth Pastes, Cosmetics for Nails.
How to Fix the Import Error in the Odoo 17Celine George
An import error occurs when a program fails to import a module or library, disrupting its execution. In languages like Python, this issue arises when the specified module cannot be found or accessed, hindering the program's functionality. Resolving import errors is crucial for maintaining smooth software operation and uninterrupted development processes.
Exploiting Artificial Intelligence for Empowering Researchers and Faculty, In...Dr. Vinod Kumar Kanvaria
Exploiting Artificial Intelligence for Empowering Researchers and Faculty,
International FDP on Fundamentals of Research in Social Sciences
at Integral University, Lucknow, 06.06.2024
By Dr. Vinod Kumar Kanvaria
This slide is special for master students (MIBS & MIFB) in UUM. Also useful for readers who are interested in the topic of contemporary Islamic banking.
Main Java[All of the Base Concepts}.docxadhitya5119
This is part 1 of my Java Learning Journey. This Contains Custom methods, classes, constructors, packages, multithreading , try- catch block, finally block and more.
it describes the bony anatomy including the femoral head , acetabulum, labrum . also discusses the capsule , ligaments . muscle that act on the hip joint and the range of motion are outlined. factors affecting hip joint stability and weight transmission through the joint are summarized.
2. Objectives
• Learn about Phishing and its related techniques.
• Understand different methods of Phishing.
• Learn about Identity Theft and understand ID theft.
• Understand myths and facts about ID theft.
• Understand different types of ID thefts.
• Learn about different techniques of ID theft.
• Get an overview of 3P’s of cybercrime (Phishing, Pharming
and Phoraging).
• Understand about Spear Phishing.
• Overview of Whaling.
3. Introduction
• Phishing has become a universal
phenomenon and a major threat worldwide
that affect not only individuals but also all
industries and businesses that have an online
presence and do online transactions over the
internet.
• The statistics about phishing attacks/scams
proves phishing to be a dangerous enemy
among all the methods because prime
objective this attack is ID theft.
4. Facts about Phishing
• According to world phishing map available at www.avira.com
most phishing attacks are on the rise of Asia, Europe and
North America.
• Facebook, HSBC, Paypal and Bank of America are most
targeted organization in phishing attacks.
• US, India and China are the most targeted countries.
• Total 3650 non-English (Italian an Chinese) sites are recorded
in the month of may 2009.
• The most used TLDs in phishing websites during the month of
May 2009 were “.com”, “.net” and “.org” .
• Financial organizations, payment services and auction
websites are ranked as most targeted industries.
• Port 80 is found most popular followed by port 443 and 8080.
5. Phishing
• The word phishing comes from the analogy
that internet scammers are using E-Mail lures
to fish for passwords and financial data from
the sea of Internet users.
• It is criminally fraudulent process of
attempting to acquire sensitive information
such as username, password and credit card
details by hiding as trustworthy entity in an
electronic communication.
6. …cont.
• Phishing is a type of deception designed to steal
your identity.
• In phishing technique user tries to get the user
disclose valuable personal data- such as credit
card numbers, password, account data and
other information by convicting the user to
provide it under false pretenses.
• E-Mail is the popular medium used in the
phishing attacks and such E-Mails are also
called Spam's.
7. Spam E-Mail
• Spam E-Mail are also know as junk mails.
• Botnets, networks of virus infected
computers are used to send about 80% of
spam. Types of Spam mail are:
– Unsolicited bulk E-Mail
– Unsolicited commercial E-Mail
8. SPAMBOTS
• Spambot is an automated computer program
and/or a script developed, mostly into C
language to send SPAM mails.
• SPAPMBOTS gather E-Mail ids from the
internet, build mailing lists to send unsolicited
mails.
9. CANSPAM
• The CANSPAM act of 2003 was signed in US.
• The CAN-SPAM act is commonly referred to as
You can Spam. In particular, it does not require
E-Mailers to get permission before they send
marketing messages.
10. Tricks used for Phishing
• Name of legitimate organization: Here
phishers may use a legitimate company’s
name and incorporate the look and feel of
its website into the spam E-Mail.
• “From” a real employee: Real name of an
official, who actually works for an
organization, will actually appear in the
from line or the text of the message.
11. Tricks used for Phishing
• URLs that “look right” : The E-Mail might
contain a URL which seems to be
legitimate website wherein use can enter
the information the phisher would like to
steal. However actually the website will be
a quickly cobbled – a spoofed website that
looks like the real website.
12. Tricks used for Phishing
• Urgent Message: Creating a fear to trigger
a response is very common in phishing
attack- the E-Mail warn that failure to
respond will result in longer having access
the account. Few examples used by
phishers to attract the user are:
– Verify your account
– You have won the lottery
– If you don’t respond in 48 hours your account
will be closed.
13. How to prevent from Phishing
• Share Personal E-Mail address with
limited persons.
• Never reply a SPAM mail.
• Use alternate E-Mail address to register
for any personal or shopping website.
• Don’t forward any mail from unknown
recipient.
15. Dragnet
• This method involves the use of spammed E-Mail,
bearing inaccurate corporate identification (e.g.
corporate names, logos and trademark) which are
addressed to a large group of people.
• Dragner phishers do not identify specific
prospective victims in advance. Instead they rely
on false information included in the E-Mail to
trigger an immediate response by victims- typically
clicking on links on the body of E-Mail to take the
victims to the web sites or pop up windows where
they are requested to enter bank or credit card
details.
16. Rod and reel
• In this method, phishers identify specific
victims in advance, and convey false
information to them to prompt their
disclosure of personal and financial data.
• For example on a phony web page,
availability of similar item for a better price
is displayed and upon visiting the
webpage, victims were asked to enter
personal information.
17. Lobsterpot
• This method focuses on use of spoofed
web site. It consists of creating of
bogus/phony website.
• This attack is also known as content
injection phishing. The attacker uses a
weblink into an E-Mail message to make it
look more legitimate and actually take the
victim to a phony scam site.
18. Gillnet
• In this technique phishers introduce
malicious code into E-Mails and websites.
• They can for example misuse browser
functionality by injecting aggressive
content into another site’s pop window.
• In some cases, the malicious code will
change setting in users system so that
users who want to visit legitimate banking
websites will be redirected to a look alike
phishing site.
19. Phishing Techniques
• URL manipulation: URLs are the weblinks
that direct the users to a specific
website.For example instead of
www.abcbank.com URL is provided as
www.abcbank1.com.
• Filter: This technique use graphics instead
of text to prevent from netting such E-
Mails by anti phishing filters.
20. Phishing Techniques
• Website Forgery: In this technique the
phisher directs the netizens to the website
designed and developed by him, by
altering the browser address bar through
java script commands
• Flash Phishing: Anti phishing toolbar are
installed/enabled to help checking the
webpage content for signs of phishing
21. Phishing Techniques
• Social Phishing: Phishers entice the
netizens to reveal sensitive data by other
means for example:
– By sending a mail where ask user to call them
back because there was a security breach.
– The phone number provided in the mail is
false number
– Phishers speak with the victim in the similar
fashion as bank employee.
22. Phishing Techniques
• Phone Phishing: This is known as Mishing,
where phisher can use a fake caller ID
data to make it appear that the call is
received from a trusted organization to
entice the user to reveal their personal
information.