1. Phishing is a widespread issue that exploits human emotions through fraudulent emails appearing to come from legitimate sources.
2. Phishing emails aim to elicit confidential information or install malware by preying on greed, curiosity, urgency, compassion, or fear.
3. Most phishing attacks are difficult to detect, taking hours to carry out but months to identify, and commonly use phishing to infiltrate networks.
8. Phishing Defined
• Fraudulent emails that appear to
originate from a legitimate entity.
• Designed to elicit confidential
information (PIN, SSN, etc.)
9. Phishing Defined
• Fraudulent emails that appear to
originate from a legitimate entity.
• Designed to elicit confidential
information (PIN, SSN, etc.)
• May appear to be real email from a
legitimate business.
10. Phishing Defined
• Fraudulent emails that appear to
originate from a legitimate entity.
• Designed to elicit confidential
information (PIN, SSN, etc.)
• May appear to be real email from a
legitimate business.
• May look familiar (like your school,
work, bank, etc.)
11. Phishing Defined
• Fraudulent emails that appear to
originate from a legitimate entity.
• Designed to elicit confidential
information (PIN, SSN, etc.)
• May appear to be real email from a
legitimate business.
• May look familiar (like your school,
work, bank, etc.)
• May try to scare you into clicking a
link or filling out a form
12. Phishing Defined
• Fraudulent emails that appear to
originate from a legitimate entity.
• Designed to elicit confidential
information (PIN, SSN, etc.)
• May appear to be real email from a
legitimate business.
• May look familiar (like your school,
work, bank, etc.)
• May try to scare you into clicking a
link or filling out a form
• Clicking links may download
malware.
20. Catching a PHISH
Be concerned,
careful, and diligent.
Phishing doesn’t
have to hook you,
if you know what to
look for.
21. Attachment – Account_Verify.pdf
Steve,
This is to inform you that your account may have been compromised.
The attached document explains how this affects your account.
Please verify your User ID and Password within 24 hours at this site
or you will be locked out.
Please update your password here.
Thank you,
Bill Thompson, VP TrustWorthyMortgage
TWM TrustWorthyMortgage
Friday 09/31
TrustWorthyMortgage
Your Account will be suspended
Remember: You Can Trust TrustWorthyMortgage
How Not to get hooked
Be Alert!
Designed to look like real
emails from reputable
businesses, phishing emails
can be very convincing.
22. Attachment – Account_Verify.pdf
Steve,
This is to inform you that your account may have been compromised.
The attached document explains how this affects your account.
Please verify your User ID and Password within 24 hours at this site
or you will be locked out.
Please update your password here.
Thank you,
Bill Thompson, VP TrustWorthyMortgage
TWM TrustWorthyMortgage
Friday 09/31
TrustWorthyMortgage
Your Account will be suspended
Remember: You Can Trust TrustWorthyMortgage
How Not to get hooked
Attachments
Attachments may contain
hidden malware that may
strike later like a ticking
time-bomb!
Attachments
Never open a file when you do
not know the sender or if the
attachment is unexpected.
23. Attachment – Account_Verify.pdf
Steve,
This is to inform you that your account may have been compromised.
The attached document explains how this affects your account.
Please verify your User ID and Password within 24 hours at this site
or you will be locked out.
Please update your password here.
Thank you,
Bill Thompson, VP TrustWorthyMortgage
TWM TrustWorthyMortgage
Friday 09/31
TrustWorthyMortgage
Your Account will be suspended
Remember: You Can Trust TrustWorthyMortgage
How Not to get hooked
Forms
If you are a customer of a
company, beware of
requests for information you
have already given them.
Forms
Beware Forms that are asking
for your login credentials or
other confidential information.
24. Attachment – Account_Verify.pdf
Steve,
This is to inform you that your account may have been compromised.
The attached document explains how this affects your account.
Please verify your User ID and Password within 24 hours at this site
or you will be locked out.
Please update your password here.
Thank you,
Bill Thompson, VP TrustWorthyMortgage
TWM TrustWorthyMortgage
Friday 09/31
TrustWorthyMortgage
Your Account will be suspended
Remember: You Can Trust TrustWorthyMortgage
How Not to get hooked
Threats
Would a reputable business
ask you to verify your
information – or else?
Threats
Fear. Urgency.
25. Attachment – Account_Verify.pdf
Steve,
This is to inform you that your account may has been compromised.
The attached document explains how this affects your account.
Please verify your User ID and Password within 24 hours at this site
or you will be locked out.
Please update your password here.
Thank you,
Bill Thompson, VP TrustWorthyMortgage
TWM TrustWorthyMortgage
Friday 09/31
TrustWorthyMortgage
Your Account will be suspended
Remember: You Can Trust TrustWorthyMortgage
How Not to get hooked
Grammatical Mistakes
Many phishing emails
originate in foreign lands,
where senders may not be
proficient in English.
Poor Grammar,
Misspelled Words
Might be a foreign
source.
26. Attachment – Account_Verify.pdf
Steve,
This is to inform you that your account may have been compromised.
The attached document explains how this affects your account.
Please verify your User ID and Password within 24 hours at this site
or you will be locked out.
Please update your password here.
Thank you,
Bill Thompson, VP TrustWorthyMortgage
TWM TrustWorthyMortgage
Friday 09/31
TrustWorthyMortgage
Your Account will be suspended
Remember: You Can Trust TrustWorthyMortgage
How Not to get hooked
Always Verify Links
Hover you mouse pointer
over a link to make sure the
address shown in the status
bar looks legitimate. Links
Hover your mouse over the link
to verify the address matches
the sender’s email.
http://www.address.you.werent.expecting.com
28. The PHISHING Net
1. Phishing is real, prevalent, and
pervasive.
2. Phishing exploits emotions like
Greed, Curiosity, Urgency,
Compassion, and Fear.
29. The PHISHING Net
1. Phishing is real, prevalent, and
pervasive.
2. Phishing exploits emotions like
Greed, Curiosity, Urgency,
Compassion, and Fear.
3. Phishing emails can look very
convincing.
30. The PHISHING Net
1. Phishing is real, prevalent, and
pervasive.
2. Phishing exploits emotions like
Greed, Curiosity, Urgency,
Compassion, and Fear.
3. Phishing emails can look very
convincing.
4. Be concerned, careful, and
diligent.
31. The PHISHING Net
1. Phishing is real, prevalent, and
pervasive.
2. Phishing exploits emotions like
Greed, Curiosity, Urgency,
Compassion, and Fear.
3. Phishing emails can look very
convincing.
4. Be concerned, careful, and
diligent.
5. Look for phishing hooks in links,
threats, attachments, forms, and
mistakes.
32. Thanks for taking the course:
The PHISHING Net
Please close this presentation and return to
Concentric Compliance for a brief quiz…
Visitors, please go to
www.concentriccompliance.com
to learn how you can educate your workforce
about Cyber Security and more!