SR
Uploaded bySagar Rai
PPTX, PDF4,810 views

Phishing

Phishing involves masquerading as a trustworthy entity to steal user credentials and sensitive information. It works by tricking users into entering private details on fake websites or in emails made to look like they came from legitimate sources. Phishing can have serious financial and privacy impacts for victims. Key prevention methods include using antivirus software, firewalls, and caution about unsolicited emails requesting sensitive data.

Internet
In this document
Powered by AI

The presentation introduces phishing, presented by Sagar Rai P, MSc Computer Science.

Phishing originates from 'Password Harvesting'. It targets sensitive info like passwords and balances.

Phishing aims to acquire sensitive info through deceptive electronic communications.

Phishing messages deceive to acquire info while spam sells products. Different deceptive techniques apply.

Measures include detecting phishing sites, enhancing website security, and implementing software.

Identifies countries hosting top phishing sites, indicating geographical patterns.

Describes a phishing attack where hackers embed fake forms on pages to steal credentials.

Phishing causes identity theft, financial loss, and unauthorized account access.

Phishing emails often contain spelling errors and spoof legitimate sites, tricking users.

Illustrates examples of phishing websites to educate on recognizing threats.

Recommendations to safeguard users: updating software, identifying secure sites, and best practices.

Reiterates phishing as identity theft requiring cooperation for prevention and enforcement.

Lists sources of information utilized in the presentation for further reading.

Embed presentation

Downloaded 115 times
PHISHING BY:- Sagar Rai P I MSc Computer Science
PHISHING BASICS •The word has its origin from two words “Password Harwesting” or fishing for Passwords. •Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. •Also known as “brand spoofing” •Phishers are phishing artists. •Phishing techniques was described in detail in the year 1987 and this Technique was first used in the year 1995
Phishing Definition •Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. •It tries to trick users with official looking messages •Credit card •Bank account •eBay •PayPal •Some phishing emails also contain malicious or unwanted software that can track your activities or slow your computer.
Comparison To Spam •The purpose of a phishing message is to acquire sensitive information about a user. For doing so the message needs to deceive the intended recipient. •So it doesn’t contains any useful information and hence falls under the category of spam. •A spam message tries to sell a product or service, whereas phishing message needs to look like it is from a legitimate organization. •Techniques applied to spam message can’t be applied naively to phishing messages.
Existing System •Detect and block the phishing websites in time. •Enhance the security of the websites •Block the phishing emails by various spam filters. •Install online anti-phishing software in user’s computers.
Top 10 Phishing Sites Hosting Countries
How Phishing Attack •Hacker embeds fake login form to XSS vulnerable page. It might be online shop, internet banking, payment system, etc •Hacker sends Email with the link to this transformed page(actually link contains HTML injection code as a parameter). This email looks pretty similar to emails typically sent from this website to registered users(only without user name in greeting) •User clicks the link and opens fake web-page. If user enters his username and password to login , all of their account details will be sent to hackers web-server. •User may not notice anything strange because real “home” or “Welcome” pages are what he was expecting to see.
How Phishing Attack
Damages Caused By Phishing •The damage caused by phishing ranges from loss of access to email to substantial financial loss. This style of identity theft is becoming more popular, because of the ease with which unsuspecting people often divulge personal information to phishers, including credit card numbers, social security numbers, and mothers maiden names. There are also fears that identity thieves can obtain some such information simply by accessing public records. Once they have the information they need and want, the phishers will use that person’s details to create fake accounts using the victims name, using up a persons credit. Or even prevent the victim from accessing to their own accounts.
How To Detect Phishing Website?
How Does a Phishing Email Message look like?!! •Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. •Beware of links in email. If you see a link in a suspicious email message, don’t click on it. •Threats. Have ever received a threat that your Hotmail account would be closed if you didn’t respond to an email message? The email message shown in the next slide is an example of the same trick. •Spoofing popular websites or companies, scam artist use graphics in an email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows.
How does a Phishing Email message look like
Example for Phishing Website
Functions.
Prevention to be taken to avoid Phishing •Prevention: What to do •Protect your computer with anti-virus software, spyware filters, e-mail filters, and firewall programs, and make sure that they are regularly updated. •Ensure that your Internet browser is up to date and security patches applied. •Avoid responding any unknown email or giving your financial information to that email. •Unless the email is digitally signed, it should also be fake. •Phishers typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc.
Prevention to be taken to avoid Phishing •Phishers typically are typically not personalized, while valid message from your bank or e-commerce company are generally personalized. •Always ensure that you’re using a secure website when submitting credit card or other sensitive information via your Web Browser. •To make sure you’re on a secure Web server, check the beginning of the Web address bar –it should be “https:// “rather just ” http://”. •Regularly log into your online accounts. Don’t leave them for a long period of time. •Regularly check your bank, credit and debit card statements to ensure that all transaction are legitimate. •If anything is suspicious, contact your bank and all card issuers.
Prevention: What not to do •Don’t assume that you can correctly identify a website as legitimate by just looking at it. •Don’t use the links in an email to get to any web page, if you think that the message might not be authentic. •Log onto the website directly by typing in the web address in your browser. •Avoid filling out forms in email messages that ask for personal financial information. •You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
Conclusion •Phishing is identity theft. It is fraud. It masquerades as legitimate and trustworthy entities in order to obtain sensitive data. It then uses it to “rip off” the misled user with often tragic consequences. •Phishing is a form of criminal conduct that poses increasing threats to consumers, financial institution and commercial enterprises in Canada, united States, and other countries. Because phishing shows no sign of abating, and indeed is likely to continue in newer and more sophisticated forms, law enforcement, other countries will need to cooperate more closely than ever in their efforts to combat phishing, through improved public education, prevention, authentication, and binational and national enforcement efforts.
Source Of Information •www.wikipedia.org •www.antiphishing.org •www.google.com •www.webopedia.com •www.computerworld.com •www.honeynet.org
Phishing

More Related Content

PPTX
Phishing
bySouganthikaSankaresw
 
PPT
Phishing
byAlka Falwaria
 
PPT
P H I S H I N G
bybensonoo
 
PPTX
What is Phishing and How can you Avoid it?
byQuick Heal Technologies Ltd.
 
PPTX
PPT on Phishing
byPankaj Yadav
 
PPTX
Phishing ppt
byshindept123
 
PPTX
Different Types of Phishing Attacks
bySysCloud
 
PPT
Phishing
byanjalika sinha
 
Phishing
bySouganthikaSankaresw
 
Phishing
byAlka Falwaria
 
P H I S H I N G
bybensonoo
 
What is Phishing and How can you Avoid it?
byQuick Heal Technologies Ltd.
 
PPT on Phishing
byPankaj Yadav
 
Phishing ppt
byshindept123
 
Different Types of Phishing Attacks
bySysCloud
 
Phishing
byanjalika sinha
 

What's hot

PPT
Phishing attacks ppt
byAryan Ragu
 
PPTX
Phishing Presentation
byNikolaos Georgitsopoulos
 
PPTX
Phishing ppt
bySanjay Kumar
 
PPTX
Phishing attack, with SSL Encryption and HTTPS Working
bySachin Saini
 
PPTX
Phishing
bySaurabhKantSahu1
 
PPTX
Phishing ppt
byshindept123
 
PPTX
Phishing attack
byRaghav Chhabra
 
PPTX
Phising a Threat to Network Security
byanjuselina
 
PPTX
Cybersecurity Awareness Training
byDave Monahan
 
PPTX
Email phishing and countermeasures
byJorge Sebastiao
 
PPTX
Hyphenet Security Awareness Training
byJen Ruhman
 
PPTX
Phishing techniques
bySushil Kumar
 
PDF
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
byControlScan, Inc.
 
PPTX
Security Awareness Training.pptx
byMohammedYaseen638128
 
PPTX
Phishing Scams: 8 Helpful Tips to Keep You Safe
byCheapSSLsecurity
 
PPTX
Phishing Attacks
byJagan Mohan
 
PPTX
Phishing awareness
byPhishingBox
 
PPTX
Cybersecurity Awareness
byJoshuaWisniewski3
 
PPT
Spoofing
bySanjeev
 
PPTX
Social Engineering,social engeineering techniques,social engineering protecti...
byABHAY PATHAK
 
Phishing attacks ppt
byAryan Ragu
 
Phishing Presentation
byNikolaos Georgitsopoulos
 
Phishing ppt
bySanjay Kumar
 
Phishing attack, with SSL Encryption and HTTPS Working
bySachin Saini
 
Phishing
bySaurabhKantSahu1
 
Phishing ppt
byshindept123
 
Phishing attack
byRaghav Chhabra
 
Phising a Threat to Network Security
byanjuselina
 
Cybersecurity Awareness Training
byDave Monahan
 
Email phishing and countermeasures
byJorge Sebastiao
 
Hyphenet Security Awareness Training
byJen Ruhman
 
Phishing techniques
bySushil Kumar
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
byControlScan, Inc.
 
Security Awareness Training.pptx
byMohammedYaseen638128
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
byCheapSSLsecurity
 
Phishing Attacks
byJagan Mohan
 
Phishing awareness
byPhishingBox
 
Cybersecurity Awareness
byJoshuaWisniewski3
 
Spoofing
bySanjeev
 
Social Engineering,social engeineering techniques,social engineering protecti...
byABHAY PATHAK
 

Viewers also liked

PPTX
PHISHING PROJECT REPORT
byvineetkathan
 
PPTX
Phishing technology
byPreeti Papneja
 
PPTX
A presentation on Phishing
byCreative Technology
 
PPTX
Phishing
byArchit Mohanty
 
PPT
Introduction to phishing
byRaviteja Chowdary Adusumalli
 
PPT
Phishing
bySyahida
 
PPTX
Phishing
byEsraa Yaseen
 
PPT
Intro phishing
bySayali Dayama
 
PDF
Phishing
bydefquon
 
PPT
Phishing
byJayaseelan Vejayon
 
PPS
RESUMO - GEOMARKETING - Estudo de Caso
byIgor Alves
 
PDF
Saiyed_Crypto_Article_ISSA
byCarl Saiyed
 
PPTX
Machine Learning + Analytics in Splunk
bySplunk
 
PPT
Phishing
byoitaoming
 
PPTX
Primera guerra mundial
byDaniela Moreno
 
PPT
Strategies to handle Phishing attacks
bySreejith.D. Menon
 
PDF
Phishing exposed
bytamfin
 
PDF
Macchine intelligenti che imparano da sole
byFausto Intilla
 
PPTX
Phishing - A modern web attack
byKarthik
 
PPT
BSidesDC 2016 Beyond Automated Testing
byAndrew McNicol
 
PHISHING PROJECT REPORT
byvineetkathan
 
Phishing technology
byPreeti Papneja
 
A presentation on Phishing
byCreative Technology
 
Phishing
byArchit Mohanty
 
Introduction to phishing
byRaviteja Chowdary Adusumalli
 
Phishing
bySyahida
 
Phishing
byEsraa Yaseen
 
Intro phishing
bySayali Dayama
 
Phishing
bydefquon
 
Phishing
byJayaseelan Vejayon
 
RESUMO - GEOMARKETING - Estudo de Caso
byIgor Alves
 
Saiyed_Crypto_Article_ISSA
byCarl Saiyed
 
Machine Learning + Analytics in Splunk
bySplunk
 
Phishing
byoitaoming
 
Primera guerra mundial
byDaniela Moreno
 
Strategies to handle Phishing attacks
bySreejith.D. Menon
 
Phishing exposed
bytamfin
 
Macchine intelligenti che imparano da sole
byFausto Intilla
 
Phishing - A modern web attack
byKarthik
 
BSidesDC 2016 Beyond Automated Testing
byAndrew McNicol
 

Similar to Phishing

PPTX
Phishing
bySyeda Javeria
 
PPTX
Phishing technology
byharpinderkaur123
 
PPTX
Phishing scams in banking ppt
byKrishma Sandesra
 
PPTX
Chapter-5.pptx
byShreyaKushwaha28
 
PPT
Ict Phishing (Present)
byaleeya91
 
PPT
Phis
byPresentaionslive.blogspot.com
 
PPTX
IS Presetation.pptx
byTanvir Amin
 
PPTX
Phishing technology
byPreeti Papneja
 
PDF
Phishing
byDeepak Kumar (D3)
 
PPTX
Phishing attack till now
byelakkiya poongunran
 
PDF
Phishing 101: Part-1 Blog Welcome to this Phishing Blog Part1.
byabhishekbacklink
 
PPTX
phishing.pptx
byReenuMariaBinoy1
 
PDF
A Deep Dive into Phishing Techniques and Countermeasures.pdf
bywatchyourpocketbusin
 
PDF
Phishing is a type of cyber attack that involves tricking individuals.pdf
byEthioTelecom_Getahun Biratu
 
PPTX
Phishing technology
byPreeti Papneja
 
PPTX
Phishing.pptx
byssuser2428171
 
PDF
What is a phishing attack
byAariyaRathi
 
PPTX
Phishing Technology
byAvishekMondal15
 
PPT
Computer 4 ict
byguest1daf5af
 
PPT
P H I S H I N G
bychiewmingli
 
Phishing
bySyeda Javeria
 
Phishing technology
byharpinderkaur123
 
Phishing scams in banking ppt
byKrishma Sandesra
 
Chapter-5.pptx
byShreyaKushwaha28
 
Ict Phishing (Present)
byaleeya91
 
Phis
byPresentaionslive.blogspot.com
 
IS Presetation.pptx
byTanvir Amin
 
Phishing technology
byPreeti Papneja
 
Phishing
byDeepak Kumar (D3)
 
Phishing attack till now
byelakkiya poongunran
 
Phishing 101: Part-1 Blog Welcome to this Phishing Blog Part1.
byabhishekbacklink
 
phishing.pptx
byReenuMariaBinoy1
 
A Deep Dive into Phishing Techniques and Countermeasures.pdf
bywatchyourpocketbusin
 
Phishing is a type of cyber attack that involves tricking individuals.pdf
byEthioTelecom_Getahun Biratu
 
Phishing technology
byPreeti Papneja
 
Phishing.pptx
byssuser2428171
 
What is a phishing attack
byAariyaRathi
 
Phishing Technology
byAvishekMondal15
 
Computer 4 ict
byguest1daf5af
 
P H I S H I N G
bychiewmingli
 

Recently uploaded

PDF
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
PPT
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
PPTX
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
PPTX
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
PDF
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
PPTX
evolution of internet (internet journey)
byyamunadevi49
 
PDF
DNSSEC Implementation Journey at Prime Bank’s Domain
byBangladesh Network Operators Group
 
PPTX
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
PDF
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
PDF
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
PPTX
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
PDF
A Day in the Life of IPv6 Scanning by Matsuzaki ʻmazʼ
byBangladesh Network Operators Group
 
PPTX
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
PPTX
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
PPTX
Passive Presentation pasdskpasdasdasdasf
byNoOne501682
 
OFFENSIVE OPERATIONS : THE ANATOMY OF A NETWORK TAKEOVER
byBangladesh Network Operators Group
 
INTRODUCTION_TO_SOFTWARE_APPLICATION.pptx
byMESFINBELAY4
 
Facebook: How to Maximize for Everyday Business
byLP3I Surabaya
 
ENDNOTE refrencing how to do step by step..
byhumairasohaib19
 
Cybrain Software Solutions – Building Future-Ready Digital Tools
byCybrain Software Solutions
 
evolution of internet (internet journey)
byyamunadevi49
 
DNSSEC Implementation Journey at Prime Bank’s Domain
byBangladesh Network Operators Group
 
BTCFi on Starknet,Troves.fi offers automated strategies for Bitcoin users on ...
bytrovesfi
 
Automating ISP Networks Using Ansible and IPAM as a Source of Truth [SoT]
byBangladesh Network Operators Group
 
A La Recherche Du Temps Perdu: In Search of the Cozy Web
byJen Looper
 
ARCHITECTURESACGCHCIUOHCOHCSAKJCOQKCHUO.pptx
bymchlrdpc2921
 
A Day in the Life of IPv6 Scanning by Matsuzaki ʻmazʼ
byBangladesh Network Operators Group
 
MEANING OF EMOJIS OF SOCIAL MEDIA - RUKUNDO Emmanuel..pptx
bysongsormusics
 
AI Presentation it all about what is ai and how to implement in real life
byshraddhasule1710
 
Passive Presentation pasdskpasdasdasdasf
byNoOne501682
 

Phishing

  • 1.
    PHISHING BY:- Sagar RaiP I MSc Computer Science
  • 2.
    PHISHING BASICS •The wordhas its origin from two words “Password Harwesting” or fishing for Passwords. •Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. •Also known as “brand spoofing” •Phishers are phishing artists. •Phishing techniques was described in detail in the year 1987 and this Technique was first used in the year 1995
  • 3.
    Phishing Definition •Phishing isthe attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. •It tries to trick users with official looking messages •Credit card •Bank account •eBay •PayPal •Some phishing emails also contain malicious or unwanted software that can track your activities or slow your computer.
  • 4.
    Comparison To Spam •Thepurpose of a phishing message is to acquire sensitive information about a user. For doing so the message needs to deceive the intended recipient. •So it doesn’t contains any useful information and hence falls under the category of spam. •A spam message tries to sell a product or service, whereas phishing message needs to look like it is from a legitimate organization. •Techniques applied to spam message can’t be applied naively to phishing messages.
  • 5.
    Existing System •Detect andblock the phishing websites in time. •Enhance the security of the websites •Block the phishing emails by various spam filters. •Install online anti-phishing software in user’s computers.
  • 6.
    Top 10 PhishingSites Hosting Countries
  • 7.
    How Phishing Attack •Hackerembeds fake login form to XSS vulnerable page. It might be online shop, internet banking, payment system, etc •Hacker sends Email with the link to this transformed page(actually link contains HTML injection code as a parameter). This email looks pretty similar to emails typically sent from this website to registered users(only without user name in greeting) •User clicks the link and opens fake web-page. If user enters his username and password to login , all of their account details will be sent to hackers web-server. •User may not notice anything strange because real “home” or “Welcome” pages are what he was expecting to see.
  • 8.
  • 9.
    Damages Caused ByPhishing •The damage caused by phishing ranges from loss of access to email to substantial financial loss. This style of identity theft is becoming more popular, because of the ease with which unsuspecting people often divulge personal information to phishers, including credit card numbers, social security numbers, and mothers maiden names. There are also fears that identity thieves can obtain some such information simply by accessing public records. Once they have the information they need and want, the phishers will use that person’s details to create fake accounts using the victims name, using up a persons credit. Or even prevent the victim from accessing to their own accounts.
  • 10.
    How To DetectPhishing Website?
  • 11.
    How Does aPhishing Email Message look like?!! •Spelling and bad grammar. Cybercriminals are not known for their grammar and spelling. •Beware of links in email. If you see a link in a suspicious email message, don’t click on it. •Threats. Have ever received a threat that your Hotmail account would be closed if you didn’t respond to an email message? The email message shown in the next slide is an example of the same trick. •Spoofing popular websites or companies, scam artist use graphics in an email that appear to be connected to legitimate websites but actually take you to phony scam sites or legitimate-looking pop-up windows.
  • 12.
    How does aPhishing Email message look like
  • 13.
  • 14.
  • 15.
    Prevention to betaken to avoid Phishing •Prevention: What to do •Protect your computer with anti-virus software, spyware filters, e-mail filters, and firewall programs, and make sure that they are regularly updated. •Ensure that your Internet browser is up to date and security patches applied. •Avoid responding any unknown email or giving your financial information to that email. •Unless the email is digitally signed, it should also be fake. •Phishers typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc.
  • 16.
    Prevention to betaken to avoid Phishing •Phishers typically are typically not personalized, while valid message from your bank or e-commerce company are generally personalized. •Always ensure that you’re using a secure website when submitting credit card or other sensitive information via your Web Browser. •To make sure you’re on a secure Web server, check the beginning of the Web address bar –it should be “https:// “rather just ” http://”. •Regularly log into your online accounts. Don’t leave them for a long period of time. •Regularly check your bank, credit and debit card statements to ensure that all transaction are legitimate. •If anything is suspicious, contact your bank and all card issuers.
  • 17.
    Prevention: What notto do •Don’t assume that you can correctly identify a website as legitimate by just looking at it. •Don’t use the links in an email to get to any web page, if you think that the message might not be authentic. •Log onto the website directly by typing in the web address in your browser. •Avoid filling out forms in email messages that ask for personal financial information. •You should only communicate information such as credit card numbers or account information via a secure website or the telephone.
  • 18.
    Conclusion •Phishing is identitytheft. It is fraud. It masquerades as legitimate and trustworthy entities in order to obtain sensitive data. It then uses it to “rip off” the misled user with often tragic consequences. •Phishing is a form of criminal conduct that poses increasing threats to consumers, financial institution and commercial enterprises in Canada, united States, and other countries. Because phishing shows no sign of abating, and indeed is likely to continue in newer and more sophisticated forms, law enforcement, other countries will need to cooperate more closely than ever in their efforts to combat phishing, through improved public education, prevention, authentication, and binational and national enforcement efforts.
  • 19.