P H I S H I N G

5,847 views

Published on

Published in: Technology
1 Comment
3 Likes
Statistics
Notes
No Downloads
Views
Total views
5,847
On SlideShare
0
From Embeds
0
Number of Embeds
31
Actions
Shares
0
Downloads
322
Comments
1
Likes
3
Embeds 0
No embeds

No notes for slide

P H I S H I N G

  1. 1. BY : MUHAMMAD KHUZAIMI B. ISHAK 4 ADIL PUAN MAZITA PHISHING INFORMATION AND COMMUNICATION OF TECHNOLOGY
  2. 2. What is Phishing ? <ul><li>The practice of sending out fake emails, or spam, written to appear as if they have been sent by banks or other reputable organizations, with the intent of luring the recipient into revealing sensitive information </li></ul><ul><li>E.g - usernames, passwords, account IDs, ATM PINs or credit card details </li></ul>
  3. 3. attacks will direct the recipient to a web page designed to mimic a target organisation's own visual identity to harvest the user's personal information often leaving the victim unaware of the attack Obtaining this type of personal data is attractive to blackhats
  4. 4. Who Is Behind The Phishes & Why SCAM ARTISTS send out millions of these scam e-mails in the hopes that even a few recipients will act on them and provide their personal and financial information e-mail address that has been made public on the Internet - more susceptible to phishing e-mail address can be saved by spiders that search the Internet Compared to
  5. 5. WHY ? They can grab as many e-mail addresses as they can they can cheaply and easily access millions of valid e-mail addresses to send these scams to
  6. 6. Examples of Phishing <ul><li>PayPal phishing example </li></ul><ul><li>An example of a phishing email targeted at PayPal users. </li></ul><ul><li>In an example PayPal phish , spelling mistakes in the email and the presence of an IP address in the link (visible in the tooltip under the yellow box) are both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details is not a guarantee of legitimacy. </li></ul><ul><li>SouthTrust Bank example </li></ul><ul><li>In this second example, targeted at SouthTrust Bank users, the phisher has used an image to make it harder for anti-phishing filters to detect by scanning for text commonly used in phishing emails . </li></ul>
  7. 7. Damage causes <ul><li>loss of access to email to substantial financial loss </li></ul><ul><li>Its more popular because of the ease with which unsuspecting people often divulge personal information to phishers </li></ul><ul><li>Once this information is acquired, the phishers may use a person's details to create fake accounts in a victim's name </li></ul>
  8. 8. Anti-phishing software <ul><li>consists of computer programs that attempt to identify phishing content contained in websites and e-mail </li></ul><ul><li>often integrated with web browsers and email clients as a toolbar that displays the real domain name for the website the viewer is visiting, in an attempt to prevent fraudulent websites from masquerading as other legitimate web sites </li></ul><ul><li>may also be included as a built-in capability of some web browsers </li></ul>
  9. 9. Anti-Phishing Programs <ul><li>Microsoft Windows Internet Explorer 7 </li></ul><ul><li>Firefox 2.0 </li></ul><ul><li>Netscape 8.1 </li></ul><ul><li>Netcraft Toolbar </li></ul><ul><li>Google Safe Browsing (usable with Firefox) </li></ul><ul><li>eBay Toolbar </li></ul><ul><li>Phishtank SiteChecker </li></ul>
  10. 10. THE END

×