EL
Uploaded byEvs, Lahore
PDF, PPTX514 views

Phishing & Pharming Explained.pdf

Phishing is a type of cyber attack aimed at stealing sensitive user data by tricking victims into interacting with fraudulent communications that appear legitimate. Common methods include spear phishing, MITM attacks, vishing, smishing, angler phishing, whaling, and pharming, with significant financial losses reported by victims. Protection involves security awareness training, vigilance against suspicious communications, and immediate action if compromised.

Embed presentation

Download as PDF, PPTX
Phishing Phishing is a types of Internet Scam or Cyber Attack, often used to steal user data, including login credentials and credit card numbers. Govt. Science College Presented by Zubair Jamil
How it works? It occurs when an attacker, veiled as a trusted entity, fools a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information. Sometime the attacker trick the victim by presenting himself as popular site with its same user interface and is redirected to the login page and by entering login credentials, victim exposes his identity to the attackers.
Example of Email Phishing In this example attacker present himself as your university‘s administration and ask you to renew your password and when you click the link you are redirected to a malicious site which have the same interface as your university have, and he tricks you and ask your old login credentials for renewing your password.
$57.8 Billion According to the FBI's 2019 Internet Crime Report, more than 114,700 people fell victim to phishing scams in 2019. Collectively, they lost $57.8 million, or about $500 each. More than 50% of the development expenditure of HEC ( Total 108 Billion - 2021) According to the FBI's 2017 Internet Crime Report, more than 300,000 people fell victim to phishing scams in 2017 and lost $1.4 billion.
Some Phishing Techniques The way how Attacker attacks in most of the cases Is known as technique. Some of the most common and popular techniques are mentioned here. Spear Phishing Email Phishing MITM Attack Vishing Smishing Angler Phishing Whaling Pharming
Spear Phishing Spear phishing is an email or electronic commun- ications scam targeted to a specific individual, organ- ization often intended to steal data for malicious purposes. An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims' attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Center for Missing and Exploited Children.
MITM Attack A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites and other websites where logging in is required. Information obtained during an attack could be used for many purposes, including identity theft, unapproved fund transfers or an illicit password change.
Smishing &Vishing Smishing and vishing are types of phishing attacks that use text messaging (SMS) and voice calls to manipulate victims into giving over sensitive data to cybercriminals. Smishing, also called SMS phishing, uses social engineering tactics carried out over text messaging. A criminal can us a phone number to send text messages that appear to be from trusted senders, like a bank, a co-worker, or a popular online retailer. The goal is to get you to give the cybercriminal sensitive information. Vishing (stands for voice phishing), is a type of phishing attack conducted over the phone. Vishing attackers fake their caller ID to appear to be calling from a local area code to the victim. Some attackers may use their real voice to appear more trustworthy, This is a popular attack method to use because VoIP users are not required to provide proof to obtain caller ID data, which means they can easily disguise themselves as anyone. (VoIP stands for Voice Over Internet Protocol phones.)
Angler Phishing People disguise themselves as a customer service agent on social media in order to reach a unhappy customer and obtain their personal information or account credentials. Fake accounts will answer people who are airing complaints on social media, usually via Facebook or Twitter. These fake accounts disguise themselves under a handle that includes the name of the financial institution, hoping that the people who are upset won’t realize that they aren’t a valid account. The fake account will attempt to offer the disgruntled person a link that they claim will take them directly to an agent ready to talk to them. Clicking that link, however, will either install malware onto their computer, or lead them to another website that will try to get information and money from them.
Whaling Whaling is a common cyber attack that occurs when an attacker utilizes spear phishing methods to go after a large, high-profile target. n a whaling attack, attackers send an email that looks and seems like a legitimate email from a trusted source, often a contact within the company or with a partner, vendor, or customer account. A whaling email will contain enough personal details or references gleaned from internet research to convince the recipient that it is legitimate. Whaling attacks may also ask a user to click on a link that leads to a spoofed website that looks identical to a legitimate site, where information can be collected, or malware can be downloaded.
Pharming Pharming is a type of social engineering cyberattack in which criminals redirect internet users trying to reach a specific website to a different, fake site. These “spoofed” sites aim to capture a victim’s personally identifiable information (PII) and log-in credentials, such as passwords, social security numbers, account numbers, and so on, or else they attempt to install pharming malware on their computer. Pharmers often target websites in the financial sector, including banks, online payment platforms, or e- commerce sites, usually with identity theft as their ultimate objective.
How To Protect Ourselves? Security Awareness Training & Education Email Gateway Reputation Based Solutions Urgent call to actions & threats First Time or Infrequent Sender 5 Suspicious Linking 1 2 3 4
What If You Are Under Attack? Change all your social accounts passwords. Must Freeze your bank cards immediately. Run virus scans. Take you machine to computer expert in case of ransomware attack. 1 3 2 4
Some Resources From The Internet Types of Phishing >> https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing 1 Hidden Content behind an Email >> https://www.sciencedirect.com/topics/computer-science/malicious-email 2
Thank You With ❤ by Zubair Jamil at Govt. Science College, Lahore.

More Related Content

PPTX
Il phishing
bymartinaoro
 
PDF
Spear Phishing Attacks
byn|u - The Open Security Community
 
PPTX
Phishing
bySouganthikaSankaresw
 
PPTX
Different types of attacks in internet
byRohan Bharadwaj
 
PPTX
Ethical hacking presentation
bySuryansh Srivastava
 
PPTX
Cyber crime ✔
byhubbysoni
 
PPTX
Phishing Attack Awareness and Prevention
bysonalikharade3
 
PPTX
Ethical hacking Presentation
byAmbikaMalgatti
 
Il phishing
bymartinaoro
 
Spear Phishing Attacks
byn|u - The Open Security Community
 
Phishing
bySouganthikaSankaresw
 
Different types of attacks in internet
byRohan Bharadwaj
 
Ethical hacking presentation
bySuryansh Srivastava
 
Cyber crime ✔
byhubbysoni
 
Phishing Attack Awareness and Prevention
bysonalikharade3
 
Ethical hacking Presentation
byAmbikaMalgatti
 

What's hot

PPTX
Phishing Scams: 8 Helpful Tips to Keep You Safe
byCheapSSLsecurity
 
PPTX
Phishing
bySaurabhKantSahu1
 
PPTX
Computer Crimes
byIvy Rose Recierdo
 
PPTX
Hacking
byAsma Khan
 
PPT
Phishing
byanjalika sinha
 
PPTX
ETHICAL HACKING PRESENTATION
byYash Shukla
 
PPTX
Phishing Presentation
byNikolaos Georgitsopoulos
 
PPT
Phishing attacks ppt
byAryan Ragu
 
PPTX
Cyber crime
byJayant Raj
 
PPTX
Presentation on ethical hacking
bySunny Sundeep
 
PPTX
Hacking
byFarkhanda Kiran
 
PDF
Social engineering
byankushmohanty
 
PPTX
Different Types of Phishing Attacks
bySysCloud
 
PPTX
Social engineering
byVîñàý Pãtêl
 
PPTX
CSE-Ethical-Hacking-ppt.pptx
byAnshumaanTiwari2
 
PPTX
Ethical hacking
byInstitute of Information Security (IIS)
 
PPTX
Spoofing Techniques
byRaza_Abidi
 
PDF
What is Social Engineering? An illustrated presentation.
byPratum
 
PPT
Cyber crime
byMuhammad Osama Khalid
 
PPTX
Ethical hacking
byNaveen Sihag
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
byCheapSSLsecurity
 
Phishing
bySaurabhKantSahu1
 
Computer Crimes
byIvy Rose Recierdo
 
Hacking
byAsma Khan
 
Phishing
byanjalika sinha
 
ETHICAL HACKING PRESENTATION
byYash Shukla
 
Phishing Presentation
byNikolaos Georgitsopoulos
 
Phishing attacks ppt
byAryan Ragu
 
Cyber crime
byJayant Raj
 
Presentation on ethical hacking
bySunny Sundeep
 
Hacking
byFarkhanda Kiran
 
Social engineering
byankushmohanty
 
Different Types of Phishing Attacks
bySysCloud
 
Social engineering
byVîñàý Pãtêl
 
CSE-Ethical-Hacking-ppt.pptx
byAnshumaanTiwari2
 
Ethical hacking
byInstitute of Information Security (IIS)
 
Spoofing Techniques
byRaza_Abidi
 
What is Social Engineering? An illustrated presentation.
byPratum
 
Cyber crime
byMuhammad Osama Khalid
 
Ethical hacking
byNaveen Sihag
 

Similar to Phishing & Pharming Explained.pdf

PPTX
phishing.pptx
byReenuMariaBinoy1
 
PDF
Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...
byOkan YILDIZ
 
PPTX
Unit iii: Common Hacking Techniques
byArnav Chowdhury
 
PPTX
Rods and Hooks - The Phishing Trip by Soummya Mukhopadhyay
bynull - The Open Security Community
 
PDF
Phishing: Analysis and Countermeasures
byIRJET Journal
 
PPT
Strategies to handle Phishing attacks
bySreejith.D. Menon
 
PDF
Cybersecurity_Awareness_educational_presentation.pdf
byjacobjacob21124
 
PPTX
Phishing attack, with SSL Encryption and HTTPS Working
bySachin Saini
 
PPTX
Phishing Whaling and Hacking Case Studies.pptx
byStephen Jesukanth Martin
 
PPTX
IGCSE ICT YEAR 11 COMPUTER SECURITY: PHISHING
byvisualcpp1
 
PPTX
cyber security _akhand pratap chaurasiya.pptx
bydjsammy0342
 
PPTX
Chapter-5.pptx
byShreyaKushwaha28
 
PDF
Phishing is a type of cyber attack that involves tricking individuals.pdf
byEthioTelecom_Getahun Biratu
 
PDF
Phishing vs Vishing Protecting Yourself from Cyber Threats-Ebook
byProtected Harbor
 
PDF
Phishing.pdf
byMariGogokhia
 
PPTX
edu 3 ppt.pptx
byArchaWashington
 
PPT
Phishing
byAlka Falwaria
 
PPTX
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
byInternet 2Conf
 
PPTX
Phishing_Presentation understanding its concepts
byshivangisinghxx
 
PPT
Ict Phishing (Present)
byaleeya91
 
phishing.pptx
byReenuMariaBinoy1
 
Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...
byOkan YILDIZ
 
Unit iii: Common Hacking Techniques
byArnav Chowdhury
 
Rods and Hooks - The Phishing Trip by Soummya Mukhopadhyay
bynull - The Open Security Community
 
Phishing: Analysis and Countermeasures
byIRJET Journal
 
Strategies to handle Phishing attacks
bySreejith.D. Menon
 
Cybersecurity_Awareness_educational_presentation.pdf
byjacobjacob21124
 
Phishing attack, with SSL Encryption and HTTPS Working
bySachin Saini
 
Phishing Whaling and Hacking Case Studies.pptx
byStephen Jesukanth Martin
 
IGCSE ICT YEAR 11 COMPUTER SECURITY: PHISHING
byvisualcpp1
 
cyber security _akhand pratap chaurasiya.pptx
bydjsammy0342
 
Chapter-5.pptx
byShreyaKushwaha28
 
Phishing is a type of cyber attack that involves tricking individuals.pdf
byEthioTelecom_Getahun Biratu
 
Phishing vs Vishing Protecting Yourself from Cyber Threats-Ebook
byProtected Harbor
 
Phishing.pdf
byMariGogokhia
 
edu 3 ppt.pptx
byArchaWashington
 
Phishing
byAlka Falwaria
 
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
byInternet 2Conf
 
Phishing_Presentation understanding its concepts
byshivangisinghxx
 
Ict Phishing (Present)
byaleeya91
 

Recently uploaded

PDF
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
PDF
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PDF
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
PDF
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
PDF
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
PDF
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
PDF
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
PPTX
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
PDF
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
PPTX
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
PDF
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
PDF
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
PDF
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
PDF
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PDF
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
PDF
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
ICT500 - CRITICAL AND CREATIVE THINKING FOR INFORMATION TECHNOLOGY SOLUTIONS:...
by2024432452
 
2026_01_28 - OpenMetadata Community Meeting.pdf
byOpenMetadata
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
The Enterprise Web3 Landscape - a view from Kaleido based on the past 10 year...
byPeter Broadhurst
 
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
Dev Dives: Build and deploy agentic automations - the unified way
byUiPathCommunity
 
Post-Hackathon-Learnings-Maximizing-Impact-Beyond-the-Event.pdf
byishantyadav1111
 
Real-Time AI at Scale Masterclass: Feature Store at Scale
byScyllaDB
 
Jisc Equipment Data Service Update Workshop 3 December 2025
byJisc
 
TrustArc Webinar - From Zero to Privacy Hero: Launching Your Program Right an...
byTrustArc
 
TechSprint (SJBIT) 2025-26 Hackathon Winners & Awards Ceremony
bysuhasspgdg
 
Why AI Girlfriends Are the Future of Digital Companionship
byAi Angels
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
Transcript: EU regulations for the North American book supply chain - Tech Fo...
byBookNet Canada
 
OpenCharacter AI Reviews: Features, Plans, and Best Alternative
byOpenCharacter AI
 
Agentic-Document-Extraction-2026-Presentation.pdf
byTamanna
 
Pneumatic Pressure Pump PPP01 for Calibration & Testing
bySERRAX TECHNOLOGIES LLP
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 

Phishing & Pharming Explained.pdf

  • 1.
    Phishing Phishing is atypes of Internet Scam or Cyber Attack, often used to steal user data, including login credentials and credit card numbers. Govt. Science College Presented by Zubair Jamil
  • 2.
    How it works? Itoccurs when an attacker, veiled as a trusted entity, fools a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information. Sometime the attacker trick the victim by presenting himself as popular site with its same user interface and is redirected to the login page and by entering login credentials, victim exposes his identity to the attackers.
  • 3.
    Example of Email Phishing Inthis example attacker present himself as your university‘s administration and ask you to renew your password and when you click the link you are redirected to a malicious site which have the same interface as your university have, and he tricks you and ask your old login credentials for renewing your password.
  • 4.
    $57.8 Billion According tothe FBI's 2019 Internet Crime Report, more than 114,700 people fell victim to phishing scams in 2019. Collectively, they lost $57.8 million, or about $500 each. More than 50% of the development expenditure of HEC ( Total 108 Billion - 2021) According to the FBI's 2017 Internet Crime Report, more than 300,000 people fell victim to phishing scams in 2017 and lost $1.4 billion.
  • 5.
    Some Phishing Techniques Theway how Attacker attacks in most of the cases Is known as technique. Some of the most common and popular techniques are mentioned here. Spear Phishing Email Phishing MITM Attack Vishing Smishing Angler Phishing Whaling Pharming
  • 6.
    Spear Phishing Spear phishingis an email or electronic commun- ications scam targeted to a specific individual, organ- ization often intended to steal data for malicious purposes. An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims' attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Center for Missing and Exploited Children.
  • 7.
    MITM Attack A manin the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites and other websites where logging in is required. Information obtained during an attack could be used for many purposes, including identity theft, unapproved fund transfers or an illicit password change.
  • 8.
    Smishing &Vishing Smishing andvishing are types of phishing attacks that use text messaging (SMS) and voice calls to manipulate victims into giving over sensitive data to cybercriminals. Smishing, also called SMS phishing, uses social engineering tactics carried out over text messaging. A criminal can us a phone number to send text messages that appear to be from trusted senders, like a bank, a co-worker, or a popular online retailer. The goal is to get you to give the cybercriminal sensitive information. Vishing (stands for voice phishing), is a type of phishing attack conducted over the phone. Vishing attackers fake their caller ID to appear to be calling from a local area code to the victim. Some attackers may use their real voice to appear more trustworthy, This is a popular attack method to use because VoIP users are not required to provide proof to obtain caller ID data, which means they can easily disguise themselves as anyone. (VoIP stands for Voice Over Internet Protocol phones.)
  • 9.
    Angler Phishing People disguisethemselves as a customer service agent on social media in order to reach a unhappy customer and obtain their personal information or account credentials. Fake accounts will answer people who are airing complaints on social media, usually via Facebook or Twitter. These fake accounts disguise themselves under a handle that includes the name of the financial institution, hoping that the people who are upset won’t realize that they aren’t a valid account. The fake account will attempt to offer the disgruntled person a link that they claim will take them directly to an agent ready to talk to them. Clicking that link, however, will either install malware onto their computer, or lead them to another website that will try to get information and money from them.
  • 10.
    Whaling Whaling is acommon cyber attack that occurs when an attacker utilizes spear phishing methods to go after a large, high-profile target. n a whaling attack, attackers send an email that looks and seems like a legitimate email from a trusted source, often a contact within the company or with a partner, vendor, or customer account. A whaling email will contain enough personal details or references gleaned from internet research to convince the recipient that it is legitimate. Whaling attacks may also ask a user to click on a link that leads to a spoofed website that looks identical to a legitimate site, where information can be collected, or malware can be downloaded.
  • 11.
    Pharming Pharming is atype of social engineering cyberattack in which criminals redirect internet users trying to reach a specific website to a different, fake site. These “spoofed” sites aim to capture a victim’s personally identifiable information (PII) and log-in credentials, such as passwords, social security numbers, account numbers, and so on, or else they attempt to install pharming malware on their computer. Pharmers often target websites in the financial sector, including banks, online payment platforms, or e- commerce sites, usually with identity theft as their ultimate objective.
  • 12.
    How To ProtectOurselves? Security Awareness Training & Education Email Gateway Reputation Based Solutions Urgent call to actions & threats First Time or Infrequent Sender 5 Suspicious Linking 1 2 3 4
  • 13.
    What If YouAre Under Attack? Change all your social accounts passwords. Must Freeze your bank cards immediately. Run virus scans. Take you machine to computer expert in case of ransomware attack. 1 3 2 4
  • 14.
    Some Resources FromThe Internet Types of Phishing >> https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing 1 Hidden Content behind an Email >> https://www.sciencedirect.com/topics/computer-science/malicious-email 2
  • 15.
    Thank You With ❤by Zubair Jamil at Govt. Science College, Lahore.