SlideShare a Scribd company logo

Phishing Attack : A big Threat

Download as PPTX, PDF
sourav newatia
sourav newatia

Phishing is a type of attack which is not easy to detect . we only understand it is phishing but we cant do anything.

Technology
1 of 44
PHISHING ATTACKS (Not The Kind of Fishing You are Used to) Sourav Newatia 31603206 Mtech Cyber Security
➤ Motivation ➤ Introduction ➤ Phishing Attack Motives ➤ Statistics of Phishing ➤ Types of Phishing ➤ Anti-Phishing Tools ➤ Case-Study ➤ Phishing Detection ➤ Conclusion TABLE OF CONTENT:-
➤ India lost around $53 million (about Rs 328 crore) due to phishing scams with the country facing over 3,750 attacks in 2014. ➤ 4th Largest target of phishing attacks in the world. ➤ 7% of global phishing attacks are targeted in India. ➤ US tops the rank with 27% of phishing attacks. http://www.business-standard.com/article/technology/india-fourth-most-targeted-country-by-phishing-attacks- 113120200343_1.html MOTIVATION:-
➤ Phishing is a fraudulent attempt, usually made through email,to steal your personal information. ➤ Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons through an electronic communication(such as Email). What is Phishing ?
➤ Financial gain : Phishers can use stolen banking credential to their Financial benefits. ➤ Identity hiding : instead of using stolen identities directly, phishers might sell the identities to others whom might be criminals seeking ways to hide their identities and activities (e.g. purchase of goods). ➤ Fame and notoriety: phishers might attack victims for the sake of peer recognition. Phishing Motives:-
EVOLUTION OF PHISHING:-
Phishing Attack (January- July 2016)
Phishing Attack (July- September 2016)
Targeted Industry Sectors By Phishing Attacks:-
➤ eBay and PayPal are two of the most targeted companies, and online banks are also common targets. ➤ Attractive targets include ☗ Financial institutions ☗ Gaming industry ☗ Social media ☗ Security companies v
In this example ,Spelling mistake in the E-mail ,and the presence of an IP Address in the Link (Visible in the tooltip under the yellow box ) are both clues that this is a phishing attempt.
In this Example , targeted at South Trust Bank Users , the phisher has used an image to make it harder for anti-phishing filters to detect by scanning for text commonly used in phishing Emails.
Steps in PHISHING:-
➤ Deceptive Phishing The Common method is deceptive phishing is E-mail. Phisher Sends a bulk of deceptive emails which command the user to click on link provided. ➤ Malware -Based Phishing Running malicious software on the user’s machine. ☗ Key-Loggers & Screen-Loggers ☗ Session HIjackers TYPES OF PHISHING ATTACKS :-
➤ DNS-Based Phishing ☗ It is used to Pollute the DNS Cache with Incorrect Information which directs the user to the other location. ☗ This type of phishing can be done directly when the user has a misconfigured DNS cache. TYPES OF PHISHING ATTACKS :-
➤ Content-Injection Phishing ☗ In this Attack , a Malicious content is injected into a legitimate site. ☗ This malicious content can direct the user to some other sites or it can install malwares on the computers. TYPES OF PHISHING ATTACKS :-
➤ NETCraft ☗ It alerts the user when connect to the phishing sites. ☗ When a user connects to a phishing site it block the user by showing a warning sign. ☗ It traps suspicious URLs in which the character have no common purpose other than to deceive the user. ANTI-PHISHING TOOLS:-
➤ ThreatFire ☗ ThreatFire Provides Behaviour based security monitoring solution protecting unsafe system. ☗ It Continuously analyses the programs and processes on the system and if it find any suspicious actions. ☗ It can be Used with the normal antivirus programs or firewall which adds an additional level of security of the system.
☗ It is an adware and spyware utility which identifies and clears any potential adware , trojans ,key-loggers , spyware , and other malware of the system. ☗ It also features browser monitoring immunization again ActiveX controls , and automatic cookie deletion. ➤ Spyware Doctor
➤ PhishTank SiteChecker ➤ Spoof-Guard ➤ Trust-Watch Toolbar ➤ Adware Inspector Other Anti-Phishing Tools :-
➤ ACTIVE WARNING The warning does not block the content-area and enables the user to view both the content and the warning as in the snapshot. ➤ PASSIVE WARNING The warning blocks the content-data, which prohibits the user from viewing the content-data while the warning is displayed. PHISHING ATTACK WARNINGS:-
CASE-STUDIES
➤ The US and Egyptian fraudsters were accused of using phishing scams to steal account details from hundreds, possibly thousands, of people, and transferring about $1.5 million into fake accounts they controlled. ➤ The group of fraudsters were accused of targeting US financial institutions and victimising a number of account holders by fraudulently using their personal financial information after they were successfully Phished. ➤ American authorities charged 53 people, while Egypt charged 47, with offences including conspiracy to commit bank fraud, computer fraud, money laundering and aggravated identity theft. The bank fraud alone could lead to jail sentences of 20 years. CASE STUDY I (The Largest International Phishing Case)
➤ A few customers of ICICI Bank received an email asking for their Internet login name and password to their account. ➤ The email seemed so genuine that some users even clicked on the URL given in the mail to a Web page that very closely resembled the official site. ➤ The scam was finally discovered when an assistant manager of ICICI Bank's information security cell received emails forwarded by the bank's customers seeking to crosscheck the validity of the emails with the bank. ➤ Lost 43 Lakhs Approx. CASE STUDY II (ICICI BANK PHISHING CASE)
➤ The Hackers compromised the EA Games server by exploiting one of the vulnerabilities in an outdated WebCalendar application and used it as a weapon to create the fake "My Apple ID" page designed to look like the legitimate Apple login page, as shown. Once the users submit the details, they are redirected to the legitimate Apple ID website. ➤ Using hijacked Apple ID details, hackers can gain access users' personal data stored on iCloud, including email, contacts, calendars, and photos, that could even be used to clone an iPhone or iPad by restoring an iCloud backup to a device in their possession. CASE STUDY III (EA Games website hacked; Phishing page hosted to steal Apple IDs)
➤ In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. ➤ FireEye identified a new domain (csecurepay[.]com) that was registered on October 23 this year and appears to be an online payment gateway but actually is a phishing website that leads to the capturing of customer information from 26 banks operating in the country, the company said in a statement on Thursday. ➤ In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. Once the information is collected, the website displays a fake failed login message to the victim. CASE STUDY IV (Phishing website spoof 26 banks, including SBI, BOB )
➤ Awareness and training programs 1. Making use of regular communications to explain the phishing Problem. 2. Establishing a simple mechanism for reporting phishing attacks 3. Posting alerts on security website
➤ Blacklists hold URLs that refer to sites that are considered malicious. Whenever a browser loads page, it queries blacklist to determine whether currently visited URL is on this list. If so, appropriate countermeasures can be taken. Otherwise, the page is considered legitimate. ➤ The drawback of this approach is that the blacklist usually cannot cover all phishing websites since newly created fraudulent website takes considerable time before it can be added to the list. Phishing Detection Using Blacklist
➤ The proposed heuristics in are: 1) Extract company name from the suspected URL. 2) Search for the extracted company name in Google, and return the rest 10 results. 3) If the suspected URL belongs to the rst 10 returned Google results, then the page is legitimate. 4) If the suspected URL does not belong to the rst 10 returned Google results, then the suspected URL is classfied as phishing. 5) If the suspected URL is classfied as phishing, it will be saved in a database. A Phishing Sites Blacklist Generator
➤ CANTINA is an Internet Explorer toolbar that decides whether a visited page is a phishing page by analyzing its content. ➤ CANTINA uses Term Frequency-Inverse Document Frequency (TF-IDF), search engines. Phishing Detection Using CANTINA
➤ The following procedures are performed by CANTINA to detect phishing websites: 1) TF-IDF of each term on a suspected web page is calculated. 2) Top 5 terms with highest TF-IDF values are taken to represent the document. 3) Submit the 5 terms into a search engine Google search query and store domain names of the first returned n entries. (e.g.http://www.google.ae/search?q=t1,t2,t3,t4,t5,) 4) If the suspected domain name is found within the n number of returned results, then the site is legitimate.
➤ Social Security number ➤ Drivers license number ➤ Account, credit card, and debit card numbers ➤ Mothers maiden name ➤ Passwords, access codes and PINs ➤ Pets name and name of first school (often used for forgotten password resets) What kind of information should I protect ?
➤ PhishGuard’s implementation is a proof of concept that only detects phishing attacks based on testing HTTP Digest authentications. ➤ The work in bases its protection against phishing on the idea that phishing websites do not often verify user credentials, but merely store them for later use by the phisher. PhishGuard: A Browser Plug-in
1) The user visits a page. 2) If the visited page sends an authentication request, and if the user submitted the authentication form, then PhishGuard starts its testing procedures. 3) PhishGuard would send the same user ID, followed by a random password that does not match the real password, for random n times. 4) If the page responded with HTTP 200 OK message, then it would mean the page is a phishing site, and is simply returning fake authentication success messages.
5) If the page responded with HTTP 401 Unauthorized message, then it could possibly mean: • The site is a phishing site that blindly responds with failure authentication messages. • The site is a legitimate site. 6) To distinguish between the two possibilities above, PhishGuard would send real credentials to the website for the n + 1 time.
➤ The proposed solution aims toward providing: ● Better protection against zero-hour attacks than blacklists. ● A solution that requires relatively minimal resources (11 rules), which is far lower than number of rules in SpamAssassin ; at the time of writing the paper SpamAssassin used 795 rules. ● Minimum false positives. Phishwish: A Stateless Phishing Filter Using Minimal Rules
The proposed rules are (where positive indicates phishiness): • Rule 1: If a URL is a login page that is not a business’s real login page, the result is positive. The paper specifies that this is analyzed based on data returned from search engines. • Rule 2: If the email is formatted as HTML, and an included URL uses Transport Layer Security (TLS) while the actual Hypertext Reference (HREF) attribute does not use TLS, then the result is positive. • Rule 3: If the host-name portion of a URL is an IP address, the result is positive. • Rule 4: If a URL mentions an organization’s name (e.g. PayPal) in a URL path but not in the domain name, the result is positive. • Rule 5: If URL’s displayed domain does not match the domain name as specified in HREF attribute, the result is positive
➤ Phishing has becoming a serious network security problem, causing financial loss of billions of dollars to both consumer send e-commerce companies. ➤ As a future , We educate the user about this policy will results in avoiding user to give his sensitive information to phished Website. CONCLUSION:-
➤ Rao, Routhu Srinivasa, and Syed Taqi Ali. "PhishShield: A desktop application to detect phishing webpages through heuristic approach." Procedia Computer Science 54 (2015): 147-156. ➤ 1.M. Khonji, Y. Iraqi, Andrew Jones. “Phishing detection: A Literature Survey”, Communications Survey & Tutorials, IEEE, pp. 2091-2121, Vol. 15, No. 4, Fourth Quarter 2013. ➤ 1.B. B. Gupta , Aakanksha Tewari , Ankit Kumar Jain, Dharma P. Agrawal “Fighting against phishing attacks: state of the art and future challenges” Review ,Springer, March 2016. ➤Anti-Phishing Working Group (APWG), “Phishing activity trends report — second half 2010,” http://apwg.org/reports/apwg report h2 2010.pdf, 2010, accessed December 2011 REFERENCES
THANKS..!!!

Recommended

Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Phishing
PhishingPhishing
PhishingSouganthikaSankaresw
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Securityanjuselina
 

Recommended

Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Phishing
PhishingPhishing
PhishingSouganthikaSankaresw
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Securityanjuselina
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
Phishing
PhishingPhishing
PhishingAlka Falwaria
 
Cyber security ppt
Cyber security pptCyber security ppt
Cyber security pptCH Asim Zubair
 
Phishing Attack Awareness and Prevention
Phishing Attack Awareness and PreventionPhishing Attack Awareness and Prevention
Phishing Attack Awareness and Preventionsonalikharade3
 
Phishing
PhishingPhishing
PhishingSagar Rai
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafeCheapSSLsecurity
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeMohan Robert
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITYPranjalShah18
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepalICT Frame Magazine Pvt. Ltd.
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityjyoti_lakhani
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?Quick Heal Technologies Ltd.
 
Phishing and prevention
Phishing and preventionPhishing and prevention
Phishing and preventionStephen Hasford
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeDeepak Bhojwani
 
Phishing
PhishingPhishing
PhishingSaurabhKantSahu1
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detectionijtsrd
 

More Related Content

What's hot

How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
Phishing Attack Awareness and Prevention
Phishing Attack Awareness and PreventionPhishing Attack Awareness and Prevention
Phishing Attack Awareness and Preventionsonalikharade3
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internetRohan Bharadwaj
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafeCheapSSLsecurity
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityjyoti_lakhani
 
Cyber Security
Cyber SecurityCyber Security
Cyber SecurityNcell
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation sweetpeace1
 

What's hot (20)

How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Phishing
PhishingPhishing
Phishing
 
Cyber security ppt
Cyber security pptCyber security ppt
Cyber security ppt
 
Phishing Attack Awareness and Prevention
Phishing Attack Awareness and PreventionPhishing Attack Awareness and Prevention
Phishing Attack Awareness and Prevention
 
Phishing
PhishingPhishing
Phishing
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
CYBER SECURITY
CYBER SECURITYCYBER SECURITY
CYBER SECURITY
 
Cyber security awareness presentation nepal
Cyber security awareness presentation nepalCyber security awareness presentation nepal
Cyber security awareness presentation nepal
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Cyber Security
Cyber SecurityCyber Security
Cyber Security
 
Cyber security presentation
Cyber security presentation Cyber security presentation
Cyber security presentation
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
 
Phishing and prevention
Phishing and preventionPhishing and prevention
Phishing and prevention
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Phishing
PhishingPhishing
Phishing
 

Similar to Phishing Attack : A big Threat

Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detectionijtsrd
 
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...IOSR Journals
 
IT2252_Presentation_Group03.pptx
IT2252_Presentation_Group03.pptxIT2252_Presentation_Group03.pptx
IT2252_Presentation_Group03.pptxNLFunnyFunky
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresIRJET Journal
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10seadeloitte
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesArnav Chowdhury
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET Journal
 
phishing attack - man in the middle.pptx
phishing attack - man in the middle.pptxphishing attack - man in the middle.pptx
phishing attack - man in the middle.pptx2021000444deepak
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingmentAswani34
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security PresentationPreethi Kumaresh
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of CybercrimeRubi Orbeta
 
The Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hackingThe Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hackingat MicroFocus Italy ❖✔
 
Business of Hacking
Business of HackingBusiness of Hacking
Business of HackingDaniel Ross
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6seadeloitte
 

Similar to Phishing Attack : A big Threat (20)

Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detection
 
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
 
IT2252_Presentation_Group03.pptx
IT2252_Presentation_Group03.pptxIT2252_Presentation_Group03.pptx
IT2252_Presentation_Group03.pptx
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
Phishing
PhishingPhishing
Phishing
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10
 
Phishing
PhishingPhishing
Phishing
 
Phishing.pdf
Phishing.pdfPhishing.pdf
Phishing.pdf
 
Phishing
PhishingPhishing
Phishing
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking Techniques
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
 
phishing attack - man in the middle.pptx
phishing attack - man in the middle.pptxphishing attack - man in the middle.pptx
phishing attack - man in the middle.pptx
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingment
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security Presentation
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of Cybercrime
 
The Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hackingThe Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hacking
 
Business of Hacking
Business of HackingBusiness of Hacking
Business of Hacking
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6
 

Recently uploaded

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 

Recently uploaded (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 

Phishing Attack : A big Threat

  • 1. PHISHING ATTACKS (Not The Kind of Fishing You are Used to) Sourav Newatia 31603206 Mtech Cyber Security
  • 2. ➤ Motivation ➤ Introduction ➤ Phishing Attack Motives ➤ Statistics of Phishing ➤ Types of Phishing ➤ Anti-Phishing Tools ➤ Case-Study ➤ Phishing Detection ➤ Conclusion TABLE OF CONTENT:-
  • 3. ➤ India lost around $53 million (about Rs 328 crore) due to phishing scams with the country facing over 3,750 attacks in 2014. ➤ 4th Largest target of phishing attacks in the world. ➤ 7% of global phishing attacks are targeted in India. ➤ US tops the rank with 27% of phishing attacks. http://www.business-standard.com/article/technology/india-fourth-most-targeted-country-by-phishing-attacks- 113120200343_1.html MOTIVATION:-
  • 4. ➤ Phishing is a fraudulent attempt, usually made through email,to steal your personal information. ➤ Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons through an electronic communication(such as Email). What is Phishing ?
  • 5. ➤ Financial gain : Phishers can use stolen banking credential to their Financial benefits. ➤ Identity hiding : instead of using stolen identities directly, phishers might sell the identities to others whom might be criminals seeking ways to hide their identities and activities (e.g. purchase of goods). ➤ Fame and notoriety: phishers might attack victims for the sake of peer recognition. Phishing Motives:-
  • 8. Phishing Attack (July- September 2016)
  • 9. Targeted Industry Sectors By Phishing Attacks:-
  • 10. ➤ eBay and PayPal are two of the most targeted companies, and online banks are also common targets. ➤ Attractive targets include ☗ Financial institutions ☗ Gaming industry ☗ Social media ☗ Security companies v
  • 11. In this example ,Spelling mistake in the E-mail ,and the presence of an IP Address in the Link (Visible in the tooltip under the yellow box ) are both clues that this is a phishing attempt.
  • 12. In this Example , targeted at South Trust Bank Users , the phisher has used an image to make it harder for anti-phishing filters to detect by scanning for text commonly used in phishing Emails.
  • 14. ➤ Deceptive Phishing The Common method is deceptive phishing is E-mail. Phisher Sends a bulk of deceptive emails which command the user to click on link provided. ➤ Malware -Based Phishing Running malicious software on the user’s machine. ☗ Key-Loggers & Screen-Loggers ☗ Session HIjackers TYPES OF PHISHING ATTACKS :-
  • 15. ➤ DNS-Based Phishing ☗ It is used to Pollute the DNS Cache with Incorrect Information which directs the user to the other location. ☗ This type of phishing can be done directly when the user has a misconfigured DNS cache. TYPES OF PHISHING ATTACKS :-
  • 16. ➤ Content-Injection Phishing ☗ In this Attack , a Malicious content is injected into a legitimate site. ☗ This malicious content can direct the user to some other sites or it can install malwares on the computers. TYPES OF PHISHING ATTACKS :-
  • 17. ➤ NETCraft ☗ It alerts the user when connect to the phishing sites. ☗ When a user connects to a phishing site it block the user by showing a warning sign. ☗ It traps suspicious URLs in which the character have no common purpose other than to deceive the user. ANTI-PHISHING TOOLS:-
  • 18.
  • 19. ➤ ThreatFire ☗ ThreatFire Provides Behaviour based security monitoring solution protecting unsafe system. ☗ It Continuously analyses the programs and processes on the system and if it find any suspicious actions. ☗ It can be Used with the normal antivirus programs or firewall which adds an additional level of security of the system.
  • 20.
  • 21. ☗ It is an adware and spyware utility which identifies and clears any potential adware , trojans ,key-loggers , spyware , and other malware of the system. ☗ It also features browser monitoring immunization again ActiveX controls , and automatic cookie deletion. ➤ Spyware Doctor
  • 22.
  • 23. ➤ PhishTank SiteChecker ➤ Spoof-Guard ➤ Trust-Watch Toolbar ➤ Adware Inspector Other Anti-Phishing Tools :-
  • 24. ➤ ACTIVE WARNING The warning does not block the content-area and enables the user to view both the content and the warning as in the snapshot. ➤ PASSIVE WARNING The warning blocks the content-data, which prohibits the user from viewing the content-data while the warning is displayed. PHISHING ATTACK WARNINGS:-
  • 25.
  • 27. ➤ The US and Egyptian fraudsters were accused of using phishing scams to steal account details from hundreds, possibly thousands, of people, and transferring about $1.5 million into fake accounts they controlled. ➤ The group of fraudsters were accused of targeting US financial institutions and victimising a number of account holders by fraudulently using their personal financial information after they were successfully Phished. ➤ American authorities charged 53 people, while Egypt charged 47, with offences including conspiracy to commit bank fraud, computer fraud, money laundering and aggravated identity theft. The bank fraud alone could lead to jail sentences of 20 years. CASE STUDY I (The Largest International Phishing Case)
  • 28. ➤ A few customers of ICICI Bank received an email asking for their Internet login name and password to their account. ➤ The email seemed so genuine that some users even clicked on the URL given in the mail to a Web page that very closely resembled the official site. ➤ The scam was finally discovered when an assistant manager of ICICI Bank's information security cell received emails forwarded by the bank's customers seeking to crosscheck the validity of the emails with the bank. ➤ Lost 43 Lakhs Approx. CASE STUDY II (ICICI BANK PHISHING CASE)
  • 29. ➤ The Hackers compromised the EA Games server by exploiting one of the vulnerabilities in an outdated WebCalendar application and used it as a weapon to create the fake "My Apple ID" page designed to look like the legitimate Apple login page, as shown. Once the users submit the details, they are redirected to the legitimate Apple ID website. ➤ Using hijacked Apple ID details, hackers can gain access users' personal data stored on iCloud, including email, contacts, calendars, and photos, that could even be used to clone an iPhone or iPad by restoring an iCloud backup to a device in their possession. CASE STUDY III (EA Games website hacked; Phishing page hosted to steal Apple IDs)
  • 30. ➤ In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. ➤ FireEye identified a new domain (csecurepay[.]com) that was registered on October 23 this year and appears to be an online payment gateway but actually is a phishing website that leads to the capturing of customer information from 26 banks operating in the country, the company said in a statement on Thursday. ➤ In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. Once the information is collected, the website displays a fake failed login message to the victim. CASE STUDY IV (Phishing website spoof 26 banks, including SBI, BOB )
  • 31. ➤ Awareness and training programs 1. Making use of regular communications to explain the phishing Problem. 2. Establishing a simple mechanism for reporting phishing attacks 3. Posting alerts on security website
  • 32. ➤ Blacklists hold URLs that refer to sites that are considered malicious. Whenever a browser loads page, it queries blacklist to determine whether currently visited URL is on this list. If so, appropriate countermeasures can be taken. Otherwise, the page is considered legitimate. ➤ The drawback of this approach is that the blacklist usually cannot cover all phishing websites since newly created fraudulent website takes considerable time before it can be added to the list. Phishing Detection Using Blacklist
  • 33. ➤ The proposed heuristics in are: 1) Extract company name from the suspected URL. 2) Search for the extracted company name in Google, and return the rest 10 results. 3) If the suspected URL belongs to the rst 10 returned Google results, then the page is legitimate. 4) If the suspected URL does not belong to the rst 10 returned Google results, then the suspected URL is classfied as phishing. 5) If the suspected URL is classfied as phishing, it will be saved in a database. A Phishing Sites Blacklist Generator
  • 34. ➤ CANTINA is an Internet Explorer toolbar that decides whether a visited page is a phishing page by analyzing its content. ➤ CANTINA uses Term Frequency-Inverse Document Frequency (TF-IDF), search engines. Phishing Detection Using CANTINA
  • 35. ➤ The following procedures are performed by CANTINA to detect phishing websites: 1) TF-IDF of each term on a suspected web page is calculated. 2) Top 5 terms with highest TF-IDF values are taken to represent the document. 3) Submit the 5 terms into a search engine Google search query and store domain names of the first returned n entries. (e.g.http://www.google.ae/search?q=t1,t2,t3,t4,t5,) 4) If the suspected domain name is found within the n number of returned results, then the site is legitimate.
  • 36. ➤ Social Security number ➤ Drivers license number ➤ Account, credit card, and debit card numbers ➤ Mothers maiden name ➤ Passwords, access codes and PINs ➤ Pets name and name of first school (often used for forgotten password resets) What kind of information should I protect ?
  • 37. ➤ PhishGuard’s implementation is a proof of concept that only detects phishing attacks based on testing HTTP Digest authentications. ➤ The work in bases its protection against phishing on the idea that phishing websites do not often verify user credentials, but merely store them for later use by the phisher. PhishGuard: A Browser Plug-in
  • 38. 1) The user visits a page. 2) If the visited page sends an authentication request, and if the user submitted the authentication form, then PhishGuard starts its testing procedures. 3) PhishGuard would send the same user ID, followed by a random password that does not match the real password, for random n times. 4) If the page responded with HTTP 200 OK message, then it would mean the page is a phishing site, and is simply returning fake authentication success messages.
  • 39. 5) If the page responded with HTTP 401 Unauthorized message, then it could possibly mean: • The site is a phishing site that blindly responds with failure authentication messages. • The site is a legitimate site. 6) To distinguish between the two possibilities above, PhishGuard would send real credentials to the website for the n + 1 time.
  • 40. ➤ The proposed solution aims toward providing: ● Better protection against zero-hour attacks than blacklists. ● A solution that requires relatively minimal resources (11 rules), which is far lower than number of rules in SpamAssassin ; at the time of writing the paper SpamAssassin used 795 rules. ● Minimum false positives. Phishwish: A Stateless Phishing Filter Using Minimal Rules
  • 41. The proposed rules are (where positive indicates phishiness): • Rule 1: If a URL is a login page that is not a business’s real login page, the result is positive. The paper specifies that this is analyzed based on data returned from search engines. • Rule 2: If the email is formatted as HTML, and an included URL uses Transport Layer Security (TLS) while the actual Hypertext Reference (HREF) attribute does not use TLS, then the result is positive. • Rule 3: If the host-name portion of a URL is an IP address, the result is positive. • Rule 4: If a URL mentions an organization’s name (e.g. PayPal) in a URL path but not in the domain name, the result is positive. • Rule 5: If URL’s displayed domain does not match the domain name as specified in HREF attribute, the result is positive
  • 42. ➤ Phishing has becoming a serious network security problem, causing financial loss of billions of dollars to both consumer send e-commerce companies. ➤ As a future , We educate the user about this policy will results in avoiding user to give his sensitive information to phished Website. CONCLUSION:-
  • 43. ➤ Rao, Routhu Srinivasa, and Syed Taqi Ali. "PhishShield: A desktop application to detect phishing webpages through heuristic approach." Procedia Computer Science 54 (2015): 147-156. ➤ 1.M. Khonji, Y. Iraqi, Andrew Jones. “Phishing detection: A Literature Survey”, Communications Survey & Tutorials, IEEE, pp. 2091-2121, Vol. 15, No. 4, Fourth Quarter 2013. ➤ 1.B. B. Gupta , Aakanksha Tewari , Ankit Kumar Jain, Dharma P. Agrawal “Fighting against phishing attacks: state of the art and future challenges” Review ,Springer, March 2016. ➤Anti-Phishing Working Group (APWG), “Phishing activity trends report — second half 2010,” http://apwg.org/reports/apwg report h2 2010.pdf, 2010, accessed December 2011 REFERENCES

Editor's Notes

  1. And
  2. Phishing website spoof 26 banks, including SBI, ICICI