This document defines phishing as tricking individuals into providing private information like passwords or credit card numbers through fake websites or emails appearing to be from legitimate companies. It compares phishing to spam, noting phishing aims to deceive recipients into sharing sensitive data rather than advertising products. Statistics show over 6 billion phishing emails are sent monthly, averaging $1,200 stolen per successful phishing attempt. The document outlines how phishing works, the harms of identity theft and financial loss, and provides advice on how to identify and avoid phishing scams.

1. Phishing
By:
Esraa Yaseen Israa El-Jamal
To:
Eng. Abdel Nasser Abdelhadi
Islamic University-Gaza
Faculty of Engineering
Computer Department

2. Outline
 Definition
 Comparison to Spam
 Facts about Phishing
 Phishing step by step
 What phishers want ?
 Effects of phishing
 Real stories
 How to phish??
 Marks of phishing emails
 How to Avoid?
 I’ve been already phished

3. ” phishing”
Name and definition …
It is the act of tricking someone into giving
confidential information (like passwords and
credit card information) on a fake web page
or email form pretending to come from a
legitimate company (like their bank).

4. COMPARISON TO SPAM
 The purpose of a phishing message is to acquire sensitive
information about a user. For doing so the message needs to
deceive the intended recipient.
So it doesn’t contains any useful information and hence falls
under the category of spam.
 A spam message tries to sell a product or service, whereas
phishing message needs to look like it is from a legitimate
organization.
 Techniques applied to spam message cant be applied naively
to phishing messages.

5. Facts about Phishing !
6.1 Billion – Number of phishing e-
mails sent world-wide each month.
$1,200 – Average loss to successfully
phished person.
A new phishing scam is launched
every two minutes.

6. What kinds of personal
information do the thieves want?
◦ Your name, address and date of birth
◦ Social Security number
◦ Driver’s License number
◦ Credit Card numbers
◦ ATM cards
◦ Telephone calling cards

7. Industries affected
Major industries affected are:
 Financial Services
 ISPs
 Online retailers

8. The most websites
frequently attacked
by phishers

9. eBay Phishing Scam
example

10. PayPal Phishing Scam
example

11. Phishing step by step …

12. Effects of Phishing
Internet fraud
Identity theft
Financial loss to the original institutions
Erosion of Public Trust in the Internet.

13. Real stories

14. How to phish
some web site??

17. Be clever
!

18. Be clever !

19. Be clever !

20. Be clever !

21. How to avoid phishing?
 Think before you open, Never open suspicious
emails.
 Ensure that the web browser has the latest security
patch applied.
 Install latest anti-virus packages.
 Verify the accounts and transactions regularly
Never submit credentials on forms embedded in
emails.
 Inspect the address bar and SSL certificate.

22. Good or Bad Site?

23. Good or Bad Site?

24. If I’ve been already phished
??
 Take immediate action to protect your identity
and all of your online accounts.
 Treat the situation like you lost your wallet or
purse. Immediately contact all of your financial
institutions, preferably by phone, and inform them
of the situation.
Go to every web site where you may have stored
credit card and/or bank numbers and change the
password at each web site
 Choose a strong password that is significantly
different from your old passwords.
 Forward spam that is phishing for information to
spam@uce.gov and visit FTC’s

25. References
 http://www.phishing.org/phishing-
techniques/
 http://en.wikipedia.org/wiki/Phishing
 http://www.youtube.com
 http://sarasota.ifas.ufl.edu/FCS/phish_
stories.pdf

26. Questions

27. Thanks
for