SlideShare une entreprise Scribd logo

Phishing

Télécharger en tant que PPT, PDF
Alka Falwaria
Alka Falwaria
Technologie
1  sur  28
PHISHING
CONTENTS :- Introduction Types of phishing Examples of phishing Techniques of phishing Prevention methods
FISHING
PHISHING
PHISHING PHREAKING FISHING FREAKPHONE
Phishing is an attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
Types of phishing Spear phishing Clone phishing Whaling phishing
Characteristics of phishing emails
1. Disguised hyperlinks and sender address- • Appear similar as the genuine institution site. • Sender address of the email also appears as originated from the targeted company.
2. Email consists of a clickable image : • Scam emails arrive as a clickable image file containing fraud request for information. • Clicking anywhere within the email will cause the bogus website to open.
3. Content appears genuine Scam email include logos, styling, contact and copyright information. identical to those used by the targeted institution.
4. Unsolicited requests for sensitive information : • Emails asks to click a link and provide sensitive personal information . • It is highly unlikely that a legitimate institution would request sensitive information in such a way.
5. Generic Greetings • Scam mails are sent in bulk to many recipients and use generic greetings such as "Dear account holder" or "Dear [targeted institution] customer".
Phishing Techniques
Email/Spam • Sending mails that look trustworthy to user • Send the same email to millions of users, requesting them to fill in personal details • Messages have an urgent note • Click on a link which is embedded in your email.
Example of Phishing Email
“Man in the Middle” - attack • Attackers situate between the customer and the real web-based application • The attacker's server then proxies all communications between the customer and the real web-based application server
Link Manipulation By manipulating the links for example www.facb00k.com Instead of www.facebook.com Misspelled URLs or sub domains are common tricks used by Attacker
Key loggers Key loggers are designed to monitor all the key strokes
Content Injection  Inserting malicious content into legitimate site.  Three primary types of content-injection phishing:  Hackers can compromise a server through a security vulnerability and replace or augment the legitimate content with malicious content.  Malicious content can be inserted into a site through a cross-site scripting vulnerability.  Malicious actions can be performed on a site through a SQL injection vulnerability.
Malware-Based Phishing • In this method, phishers used malicious software to attack on the user machine. • This phishing attack spreads due to social engineering or security vulnerabilities. • In social engineering, the user is convinced to open an attachment that attracts the user regarding some important information and download it containing malwares. • Exploiting the security vulnerabilities by injecting worms and viruses is another form of malware based phishing.
Trojan Horse • Trojan is a program that gives complete access of host computer to phishers after being installed at the host computer. • Phishers will make the user to install the trojan software which helps in email propagating and hosting fraudulent websites.
Beast (A Trojan horse software)
Mobile Phishing • Mobile Phishing is a social engineering technique where the attack is invited via mobile texting rather than email. • An attacker targets mobile phone users with a phishing attack for the purpose of soliciting account passwords or sensitive information from the user. • The user is enticed to provide information or go to a compromised web site via text message.
Prevention Against Phishing Attack • Never respond to emails that request personal financial information • Visit bank’s websites by typing the URL into the address bar • Keep a regular check on your accounts • Be cautious with emails and personal data
• Keep your computer secure • Use anti-spam software • Use anti-spyware software • Use the Microsoft Baseline Security Analyser (MBSA) • Use Firewall
Continued… • Protect against DNS pharming attacks • Check the website you are visiting is secure • Use backup system images • Get educated about phishing prevention attack • Always report suspicious activity
It is better to be safer now than feel sorry later. Thank you.

Recommandé

PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
Quick Heal Technologies Ltd.
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
SysCloud
 
Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
Jagan Mohan
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
Raghav Chhabra
 
Phishing
PhishingPhishing
Phishing
anjalika sinha
 
Phishing Attack Awareness and Prevention
Phishing Attack Awareness and PreventionPhishing Attack Awareness and Prevention
Phishing Attack Awareness and Prevention
sonalikharade3
 

Recommandé

PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
Quick Heal Technologies Ltd.
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
SysCloud
 
Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
Jagan Mohan
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
Raghav Chhabra
 
Phishing
PhishingPhishing
Phishing
anjalika sinha
 
Phishing Attack Awareness and Prevention
Phishing Attack Awareness and PreventionPhishing Attack Awareness and Prevention
Phishing Attack Awareness and Prevention
sonalikharade3
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Security
anjuselina
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
Nikolaos Georgitsopoulos
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
Phishing
PhishingPhishing
Phishing
Sagar Rai
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
Jorge Sebastiao
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
Sanjay Kumar
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
PhishingBox
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
Sushil Kumar
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
CheapSSLsecurity
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
Ramiro Cid
 
Cybercrime a growing threat of 21 st century !!!
Cybercrime a growing threat of 21 st century !!!Cybercrime a growing threat of 21 st century !!!
Cybercrime a growing threat of 21 st century !!!
Asma Hossain
 
Social engineering
Social engineering Social engineering
Social engineering
Abdelhamid Limami
 
Anti phishing presentation
Anti phishing presentationAnti phishing presentation
Anti phishing presentation
BokangMalunga
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
Nalneesh Gaur
 
Cyber security
Cyber securityCyber security
Cyber security
vishakha bhagwat
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
Phishing
PhishingPhishing
Phishing
shivli0769
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
Preeti Papneja
 
Phishing
PhishingPhishing
Phishing
SouganthikaSankaresw
 
Phishing 101 General Course
Phishing 101 General CoursePhishing 101 General Course
Phishing 101 General Course
Aaron Keating
 
edu 3 ppt.pptx
edu 3 ppt.pptxedu 3 ppt.pptx
edu 3 ppt.pptx
ArchaWashington
 

Contenu connexe

Tendances

Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 

Tendances (20)

Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phising a Threat to Network Security
Phising a Threat to Network SecurityPhising a Threat to Network Security
Phising a Threat to Network Security
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
 
Phishing
PhishingPhishing
Phishing
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phishing awareness
Phishing awarenessPhishing awareness
Phishing awareness
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
 
Cyber Security Awareness
Cyber Security AwarenessCyber Security Awareness
Cyber Security Awareness
 
Cybercrime a growing threat of 21 st century !!!
Cybercrime a growing threat of 21 st century !!!Cybercrime a growing threat of 21 st century !!!
Cybercrime a growing threat of 21 st century !!!
 
Social engineering
Social engineering Social engineering
Social engineering
 
Anti phishing presentation
Anti phishing presentationAnti phishing presentation
Anti phishing presentation
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
 
Cyber security
Cyber securityCyber security
Cyber security
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Phishing
PhishingPhishing
Phishing
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing
PhishingPhishing
Phishing
 

Similaire à Phishing

phishingppt-160209144204.pdf
phishingppt-160209144204.pdfphishingppt-160209144204.pdf
phishingppt-160209144204.pdf
vinayakjadhav94
 
phishing.pptx
phishing.pptxphishing.pptx
phishing.pptx
ReenuMariaBinoy1
 

Similaire à Phishing (20)

Phishing 101 General Course
Phishing 101 General CoursePhishing 101 General Course
Phishing 101 General Course
 
edu 3 ppt.pptx
edu 3 ppt.pptxedu 3 ppt.pptx
edu 3 ppt.pptx
 
Chapter-5.pptx
Chapter-5.pptxChapter-5.pptx
Chapter-5.pptx
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Spam & Phishing
Spam & PhishingSpam & Phishing
Spam & Phishing
 
Pp8
Pp8Pp8
Pp8
 
Phishing
PhishingPhishing
Phishing
 
Phishing
PhishingPhishing
Phishing
 
phishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptxphishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptx
 
Different types of attacks in internet
Different types of attacks in internetDifferent types of attacks in internet
Different types of attacks in internet
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking Techniques
 
phishing facts be aware and do not take the bait
phishing facts be aware and do not take the baitphishing facts be aware and do not take the bait
phishing facts be aware and do not take the bait
 
Phis
PhisPhis
Phis
 
phishingppt-160209144204.pdf
phishingppt-160209144204.pdfphishingppt-160209144204.pdf
phishingppt-160209144204.pdf
 
phishing.pptx
phishing.pptxphishing.pptx
phishing.pptx
 
Cyber crime & security
Cyber crime & securityCyber crime & security
Cyber crime & security
 
Phishing
PhishingPhishing
Phishing
 
Tittl e
Tittl eTittl e
Tittl e
 

Dernier

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 

Dernier (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 

Phishing

  • 2. CONTENTS :- Introduction Types of phishing Examples of phishing Techniques of phishing Prevention methods
  • 6. Phishing is an attempt to fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one.
  • 7. Types of phishing Spear phishing Clone phishing Whaling phishing
  • 9. 1. Disguised hyperlinks and sender address- • Appear similar as the genuine institution site. • Sender address of the email also appears as originated from the targeted company.
  • 10. 2. Email consists of a clickable image : • Scam emails arrive as a clickable image file containing fraud request for information. • Clicking anywhere within the email will cause the bogus website to open.
  • 11. 3. Content appears genuine Scam email include logos, styling, contact and copyright information. identical to those used by the targeted institution.
  • 12. 4. Unsolicited requests for sensitive information : • Emails asks to click a link and provide sensitive personal information . • It is highly unlikely that a legitimate institution would request sensitive information in such a way.
  • 13. 5. Generic Greetings • Scam mails are sent in bulk to many recipients and use generic greetings such as "Dear account holder" or "Dear [targeted institution] customer".
  • 15. Email/Spam • Sending mails that look trustworthy to user • Send the same email to millions of users, requesting them to fill in personal details • Messages have an urgent note • Click on a link which is embedded in your email.
  • 17. “Man in the Middle” - attack • Attackers situate between the customer and the real web-based application • The attacker's server then proxies all communications between the customer and the real web-based application server
  • 18. Link Manipulation By manipulating the links for example www.facb00k.com Instead of www.facebook.com Misspelled URLs or sub domains are common tricks used by Attacker
  • 19. Key loggers Key loggers are designed to monitor all the key strokes
  • 20. Content Injection  Inserting malicious content into legitimate site.  Three primary types of content-injection phishing:  Hackers can compromise a server through a security vulnerability and replace or augment the legitimate content with malicious content.  Malicious content can be inserted into a site through a cross-site scripting vulnerability.  Malicious actions can be performed on a site through a SQL injection vulnerability.
  • 21. Malware-Based Phishing • In this method, phishers used malicious software to attack on the user machine. • This phishing attack spreads due to social engineering or security vulnerabilities. • In social engineering, the user is convinced to open an attachment that attracts the user regarding some important information and download it containing malwares. • Exploiting the security vulnerabilities by injecting worms and viruses is another form of malware based phishing.
  • 22. Trojan Horse • Trojan is a program that gives complete access of host computer to phishers after being installed at the host computer. • Phishers will make the user to install the trojan software which helps in email propagating and hosting fraudulent websites.
  • 24. Mobile Phishing • Mobile Phishing is a social engineering technique where the attack is invited via mobile texting rather than email. • An attacker targets mobile phone users with a phishing attack for the purpose of soliciting account passwords or sensitive information from the user. • The user is enticed to provide information or go to a compromised web site via text message.
  • 25. Prevention Against Phishing Attack • Never respond to emails that request personal financial information • Visit bank’s websites by typing the URL into the address bar • Keep a regular check on your accounts • Be cautious with emails and personal data
  • 26. • Keep your computer secure • Use anti-spam software • Use anti-spyware software • Use the Microsoft Baseline Security Analyser (MBSA) • Use Firewall
  • 27. Continued… • Protect against DNS pharming attacks • Check the website you are visiting is secure • Use backup system images • Get educated about phishing prevention attack • Always report suspicious activity
  • 28. It is better to be safer now than feel sorry later. Thank you.