This presentation contains Introduction of Phishing attack, its types and Various techniques, their impact with real live example, after that its Avoidance, Prevention and Solution. Also it contains brief introduction of SSL and HTTPS with their working.
2. Content
• Introduction.
• Phishing Motives.
• Basic Terminology.
• Type of Phishing and its techniques.
• Why Phishing Works.
• Impact of Phishing.
• Real live example.
• Avoidance, Solution and Protection of Phishing.
• SSL and its working.
• HTTPS with their Working.
• Conclusion.
2
3. What is Phishing??
• “Phishing” Keyword is a variation of “Fishing”.
(Since Fishing is a process in which bait is thrown
out with the hopes that while most will ignore
the bait but some will be tempted into biting.)
Also called - (Brand Spoofing)
• A technique used to trick computer users into revealing
personal or financial information.
• A common online phishing scam starts with an e-mail
message that appears to come from a trusted
source(legitimate site) but actually directs recipients to
provide information to a fraudulent Web site.
3
4. Continue…
• Sending email that falsely claims to be from a legitimate
organisation.
• Phishing is typically carried out by email spoofing(trick,
imitation) or instant messaging.
4
6. Phishing Motives
• The primary motives behind phishing attacks, from an
attacker’s perspective, are:
• Financial Gain: Phishers can use stolen banking
credentials to their financial benefits.
• Identity Hiding: Instead of using stolen identities
directly, phishers might sell the identities to others whom
might be criminals seeking ways to hide their identities
and activities.
• Fame and Notoriety: Phishers might attack victims for
the sake of peer recognition.
6
7. Basic Terminology
• MALWARE is a general term used to refer to viruses,
worms, spywares, Adware etc. It infects our system,
making it behave in a way, which you do not approve of.
• SPYWARE: It is a software which is installed on your
computer to spy on your activities and report this data
to people willing to pay for it.
• ADWARE: These are the programs that deliver
unwanted ads to your computer generally in Pop-Ups
form.
7
Malware
Spyware
Adware Virus
Worms
8. Spamming
• Spamming refers to the sending of bulk-mails by an
identified or unidentified source. In non-malicious form,
bulk-advertising mail is sent to many accounts.
• In malicious form, the attacker keeps on sending bulk
mail until the mail-server runs out of disk space.
2/15/2016 8
Yes !! Mail
Sent
Successfully.
Why is it harmful??
1. It reduces productivity.
2. It eats up the time as requires deletions.
3. Contains fraudulent materials.
4. Even used to spread viruses.
5. Offensive contents.
Do take care of the mails that appears to
be official. Do not reply with your
personal details. That might be a SPAM
Mail.!!
10. Spear Phishing
• Spear phishing is an email that appears to be from an
individual or business that you know. But it isn't. It's from
the same criminal hackers who want your credit card and
bank account numbers, passwords, and the financial
information.
• The email seems to come from someone you know.
• Spear phishing is a targeted email scam with the sole
purpose of obtaining unauthorized access to sensitive
data.
10
11. Clone Phishing
• It works by an already delivered email with attachments
being cloned replacing the attachment or link with a
malicious version.
11
12. Whale Phishing
• Whale phishing is a term used to describe a phishing
attack that is specifically aimed at wealthier individuals.
Because of their relative wealth, if such a user becomes
the victim of a phishing attack he can be considered a “big
phish,” or, alternately, a whale.
• Whaling attack emails comprise of a legal summon,
consumer complaint, or managerial issues that require an
urgent reply from the receiver.
12
14. Deceptive Phishing
• Deceptive(misleading) Messages like : need to verify
account information, system failure requiring users to re-
enter their information, undesirable account changes,
new free services requiring quick action and many other
scams are broadcast to a wide group of recipients with
the hope that the user will respond by clicking a link to or
signing onto a fraud site where their confidential
information can be collected.
14
15. Malware Phishing
• It refers to scams that involve running malicious software
on users' PCs. Malware can be introduced as an email
attachment, as a downloadable file from a web site, or
by exploiting known security vulnerabilities--a particular
issue for small and medium businesses (SMBs) who are
not always able to keep their software applications up to
date.
15
16. Keyloggers & Screenloggers
• These are particular varieties of malware that track
keyboard input and send relevant information to the
hacker via the Internet.
• Similarly Screenloggers send Screenshots after a
specified interval of time (5-15 sec.)
• They can embed themselves into users' browsers as
small utility programs known as helper objects that run
automatically when the browser is started as well as into
system files as device drivers or screen monitors.
16
17. Session Hijacking
• Session hijacking, sometimes also known as cookie
hijacking is the exploitation of a valid computer session
- sometimes also called a session key- to gain
unauthorized access to information or services in a
computer system
• Type MITM, session sniffing, etc.
17
18. Man in the middle
Phishing(MITM)
• In these attacks hackers position themselves between
the user and the legitimate website or system. They
record the information being entered but continue to
pass it on, so that users' transactions are not affected.
• Later they can sell or use the information or credentials
collected when the user is not active on the system.
18
19. Phone Phishing
• Phishers also use the
phone to hunt for
personal information.
Some, posing as
employers, call or send
emails to people who
have listed themselves on
job search Web site.
19
20. Link Manipulation
• Link manipulation is the technique in which the phisher
sends a link to a website. When the user clicks on the
deceptive link, it opens up the phisher’s website instead
of the website mentioned in the link. One of the anti-
phishing techniques used to prevent link manipulation
is to hover over the link to view the actual address.
20
21. Why phishing works?
1. Lack of knowledge
• Most of the phishers-exploit the user’s lack of knowledge
of computer, applications, emails, internet etc.
• Such users does not know about how things work and
what are the differences for example:
www.ebay-members-security.com & www.ebay.com
• Knowledge of security & security indicators.
(Padlock
Icon)
21
22. 2. Visual Deception
• Users are fooled using the syntax of the domain name. like as :
www.paypa1.com instead of
www.paypal.com
(Substituted digit ‘1’ instead of letter ‘l’.)
• Phishers use a legitimate image as hyperlink which actually
links to the fraudulent website.
Example :
• Omitted character - www.amazon.com V/S
www.amzon.com.
• Missing dots - www.microsoft.com V/S
wwwmicrosoft.com
• Singular/plural - www.apple.com V/S
www.apples.com
• Repeated characters - www.google.com V/S
www.gooogle.com 22
23. • This is a original Facebook webpage secured via HTTPS
protocol, having padlock icon.
2/15/2016Footer Text 23
24. • This is a fake webpages having URL- http://fbaction.net/
, to gain your Credentials.
24
26. • This webpages having different URL than PayPal.
(www.PAYPA1.com)
26
27. Impact of Phishing
• The Impact of phishing are both domestically and
international, that are concern with the commercial and
financial sectors.
• Direct Financial Loss. Phishing technique is mainly
done to make financial loss to a person or an
organization. In this, consumers and businesses may
lose from a few hundred dollars to millions of dollars.
• Erosion of Public Trust in the Internet. Phishing also
decreases the public’s trust in the Internet.
27
28. Continue…
• A survey found that 9 out of 10 American adult Internet
users have made changes to their Internet habits
because of the threat of identity theft.
• The 25% say they have stopped shopping online, while
29% of those that still shop online say they have
decreased the frequency of their purchases.
• Cross-Border Operations by Criminal Organizations.
In this people sitting outside the country are
performing criminal activities by using the
technique of phishing.
28
30. Phishing in the news.
30
The attack on the AP Twitter Account on April,
2013 has a serious impact on the Stock Market.
31. 31
A single malicious email sent to workers at the South Carolina
Department of Revenue on Nov-2012 , enabled an international hacker to
crack into state computers and gain access to 3.8 million tax returns,
including Social Security numbers and bank account information.
32. How to avoid Phishing
Attack
Don’t click on links, download files or open attachments
in emails from unknown senders.
Never email personal or financial information, even if
you are close with the recipient.
Check your online accounts and bank statements
regularly.
Do not divulge personal information over the phone
unless you initiate the call.
Verify any person who contacts you.
(phone or email).
32
33. Solution to Phishing
Threats
33
Active Protection
•Anti-Virus & Anti Spyware
Software.
•Regular Updates.
•Frequent Full System scans.
•Use Anti-Spam software.
•Enable Firewall
•Authorization & Authentication.
Preventive Measures
•Disable Cookies
•Keep your Email-Id private
•Use proper file access.
•Be careful with email.
•Use caution when downloading
files on the internet.
34. Protection against
Phishing Attack
• Two Factor Authentication.
• HTTPS Instead of HTTP.
• Extended Validation.
• Anti-Spam Software.
• Hyperlink in Email.
• Firewall.
34
35. Two-Factor
Authentication
• Gmail, Facebook, Dropbox, Microsoft, Apple’s iCloud and Twitter
etc. is using two-factor authentication. In this process you login
with a password and a secret code you will receive on your
mobile phone so unless the hacker has access to your mobile
too, having just your email and your password is not enough to
break into your account.
35
36. HTTPS instead of HTTP
• HTTPS is a more secure protocol than HTTP as it
encrypts your browser and all the information you send
or receive.
• If you are looking to make online payments or
transactions, opt for an HTTPS website.
• Such HTTPS websites are equipped with SSL (secure
socket layer) that creates a secure channel for
information transition.
36
37. SSL Encryption
• SSL (Secure Sockets Layer) is the standard security
technology for establishing an encrypted link between a
web server and a browser. This link ensures that all data
passed between the web server and browsers remain
private and integral.
• SSL uses a cryptographic system that uses two keys to
encrypt data − a public key known to everyone and a
private or secret key known only to the recipient of the
message.
• Most Web browsers support SSL. By convention, URLs
that require an SSL connection start with https instead of
http.
37
39. HTTPS
• Hyper Text Transfer Protocol Secure (HTTPS) is the
secure version of HTTP.
• The protocol over which data is sent between your
browser and the website that you are connected to.
• HTTPS is often used to protect highly confidential
online transactions like online banking and online
shopping order forms.
• Web browsers such as Internet Explorer, Firefox and
Chrome also display a padlock icon in the address bar
to visually indicate that a HTTPS connection is in effect.
• The use of HTTPS protects against eavesdropping and
man-in-the-middle attacks.
39
41. Extended Validation
• Many websites have EV (extended validation) SSL
certificates that turn address bars into a green bar so
users easily get idea about authenticate websites.
41
42. Anti-Spam Software
• With use of anti spam software user can reduce phishing
attacks. Users can control spam mail thus securing
himself from phishing.
• These software can also help with browser hijacking,
usually finding the problem and providing a solution.
42
43. Hyperlink in Email
• Never click hyperlinks received in emails from an
unknown or unverified source. Such links contain
malicious codes and you be asked for login details or
personal information when you reach the page you are
led to from the hyperlink.
43
44. Firewall
• With a firewall, users can prevent many browser hijacks.
• It is important to have both desktop and network
firewalls as firewalls check where the traffic is coming
from, whether it is an acceptable domain name or
Internet protocol.
• It is also effective against virus attacks and spyware.
44
45. Conclusion
• Phishing is a growing crime and one that we must be
aware of. Although laws have been enacted, education is
the best defence against phishing.
• Being a bit suspicious of all electronic communications
and websites is recommended.
• Lookout for the common characteristics - sense of
urgency, request for verification, and grammar and
spelling errors.
• Digital signature usage should be promoted for secure
mail transactions.
45