SlideShare a Scribd company logo

Phishing Attack : A big Threat

Download as PPTX, PDF
sourav newatia
sourav newatia

Phishing is a type of attack which is not easy to detect . we only understand it is phishing but we cant do anything.

Technology
1 of 44
PHISHING ATTACKS (Not The Kind of Fishing You are Used to) Sourav Newatia 31603206 Mtech Cyber Security
➤ Motivation ➤ Introduction ➤ Phishing Attack Motives ➤ Statistics of Phishing ➤ Types of Phishing ➤ Anti-Phishing Tools ➤ Case-Study ➤ Phishing Detection ➤ Conclusion TABLE OF CONTENT:-
➤ India lost around $53 million (about Rs 328 crore) due to phishing scams with the country facing over 3,750 attacks in 2014. ➤ 4th Largest target of phishing attacks in the world. ➤ 7% of global phishing attacks are targeted in India. ➤ US tops the rank with 27% of phishing attacks. http://www.business-standard.com/article/technology/india-fourth-most-targeted-country-by-phishing-attacks- 113120200343_1.html MOTIVATION:-
➤ Phishing is a fraudulent attempt, usually made through email,to steal your personal information. ➤ Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons through an electronic communication(such as Email). What is Phishing ?
➤ Financial gain : Phishers can use stolen banking credential to their Financial benefits. ➤ Identity hiding : instead of using stolen identities directly, phishers might sell the identities to others whom might be criminals seeking ways to hide their identities and activities (e.g. purchase of goods). ➤ Fame and notoriety: phishers might attack victims for the sake of peer recognition. Phishing Motives:-
EVOLUTION OF PHISHING:-
Phishing Attack (January- July 2016)
Phishing Attack (July- September 2016)
Targeted Industry Sectors By Phishing Attacks:-
➤ eBay and PayPal are two of the most targeted companies, and online banks are also common targets. ➤ Attractive targets include ☗ Financial institutions ☗ Gaming industry ☗ Social media ☗ Security companies v
In this example ,Spelling mistake in the E-mail ,and the presence of an IP Address in the Link (Visible in the tooltip under the yellow box ) are both clues that this is a phishing attempt.
In this Example , targeted at South Trust Bank Users , the phisher has used an image to make it harder for anti-phishing filters to detect by scanning for text commonly used in phishing Emails.
Steps in PHISHING:-
➤ Deceptive Phishing The Common method is deceptive phishing is E-mail. Phisher Sends a bulk of deceptive emails which command the user to click on link provided. ➤ Malware -Based Phishing Running malicious software on the user’s machine. ☗ Key-Loggers & Screen-Loggers ☗ Session HIjackers TYPES OF PHISHING ATTACKS :-
➤ DNS-Based Phishing ☗ It is used to Pollute the DNS Cache with Incorrect Information which directs the user to the other location. ☗ This type of phishing can be done directly when the user has a misconfigured DNS cache. TYPES OF PHISHING ATTACKS :-
➤ Content-Injection Phishing ☗ In this Attack , a Malicious content is injected into a legitimate site. ☗ This malicious content can direct the user to some other sites or it can install malwares on the computers. TYPES OF PHISHING ATTACKS :-
➤ NETCraft ☗ It alerts the user when connect to the phishing sites. ☗ When a user connects to a phishing site it block the user by showing a warning sign. ☗ It traps suspicious URLs in which the character have no common purpose other than to deceive the user. ANTI-PHISHING TOOLS:-
➤ ThreatFire ☗ ThreatFire Provides Behaviour based security monitoring solution protecting unsafe system. ☗ It Continuously analyses the programs and processes on the system and if it find any suspicious actions. ☗ It can be Used with the normal antivirus programs or firewall which adds an additional level of security of the system.
☗ It is an adware and spyware utility which identifies and clears any potential adware , trojans ,key-loggers , spyware , and other malware of the system. ☗ It also features browser monitoring immunization again ActiveX controls , and automatic cookie deletion. ➤ Spyware Doctor
➤ PhishTank SiteChecker ➤ Spoof-Guard ➤ Trust-Watch Toolbar ➤ Adware Inspector Other Anti-Phishing Tools :-
➤ ACTIVE WARNING The warning does not block the content-area and enables the user to view both the content and the warning as in the snapshot. ➤ PASSIVE WARNING The warning blocks the content-data, which prohibits the user from viewing the content-data while the warning is displayed. PHISHING ATTACK WARNINGS:-
CASE-STUDIES
➤ The US and Egyptian fraudsters were accused of using phishing scams to steal account details from hundreds, possibly thousands, of people, and transferring about $1.5 million into fake accounts they controlled. ➤ The group of fraudsters were accused of targeting US financial institutions and victimising a number of account holders by fraudulently using their personal financial information after they were successfully Phished. ➤ American authorities charged 53 people, while Egypt charged 47, with offences including conspiracy to commit bank fraud, computer fraud, money laundering and aggravated identity theft. The bank fraud alone could lead to jail sentences of 20 years. CASE STUDY I (The Largest International Phishing Case)
➤ A few customers of ICICI Bank received an email asking for their Internet login name and password to their account. ➤ The email seemed so genuine that some users even clicked on the URL given in the mail to a Web page that very closely resembled the official site. ➤ The scam was finally discovered when an assistant manager of ICICI Bank's information security cell received emails forwarded by the bank's customers seeking to crosscheck the validity of the emails with the bank. ➤ Lost 43 Lakhs Approx. CASE STUDY II (ICICI BANK PHISHING CASE)
➤ The Hackers compromised the EA Games server by exploiting one of the vulnerabilities in an outdated WebCalendar application and used it as a weapon to create the fake "My Apple ID" page designed to look like the legitimate Apple login page, as shown. Once the users submit the details, they are redirected to the legitimate Apple ID website. ➤ Using hijacked Apple ID details, hackers can gain access users' personal data stored on iCloud, including email, contacts, calendars, and photos, that could even be used to clone an iPhone or iPad by restoring an iCloud backup to a device in their possession. CASE STUDY III (EA Games website hacked; Phishing page hosted to steal Apple IDs)
➤ In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. ➤ FireEye identified a new domain (csecurepay[.]com) that was registered on October 23 this year and appears to be an online payment gateway but actually is a phishing website that leads to the capturing of customer information from 26 banks operating in the country, the company said in a statement on Thursday. ➤ In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. Once the information is collected, the website displays a fake failed login message to the victim. CASE STUDY IV (Phishing website spoof 26 banks, including SBI, BOB )
➤ Awareness and training programs 1. Making use of regular communications to explain the phishing Problem. 2. Establishing a simple mechanism for reporting phishing attacks 3. Posting alerts on security website
➤ Blacklists hold URLs that refer to sites that are considered malicious. Whenever a browser loads page, it queries blacklist to determine whether currently visited URL is on this list. If so, appropriate countermeasures can be taken. Otherwise, the page is considered legitimate. ➤ The drawback of this approach is that the blacklist usually cannot cover all phishing websites since newly created fraudulent website takes considerable time before it can be added to the list. Phishing Detection Using Blacklist
➤ The proposed heuristics in are: 1) Extract company name from the suspected URL. 2) Search for the extracted company name in Google, and return the rest 10 results. 3) If the suspected URL belongs to the rst 10 returned Google results, then the page is legitimate. 4) If the suspected URL does not belong to the rst 10 returned Google results, then the suspected URL is classfied as phishing. 5) If the suspected URL is classfied as phishing, it will be saved in a database. A Phishing Sites Blacklist Generator
➤ CANTINA is an Internet Explorer toolbar that decides whether a visited page is a phishing page by analyzing its content. ➤ CANTINA uses Term Frequency-Inverse Document Frequency (TF-IDF), search engines. Phishing Detection Using CANTINA
➤ The following procedures are performed by CANTINA to detect phishing websites: 1) TF-IDF of each term on a suspected web page is calculated. 2) Top 5 terms with highest TF-IDF values are taken to represent the document. 3) Submit the 5 terms into a search engine Google search query and store domain names of the first returned n entries. (e.g.http://www.google.ae/search?q=t1,t2,t3,t4,t5,) 4) If the suspected domain name is found within the n number of returned results, then the site is legitimate.
➤ Social Security number ➤ Drivers license number ➤ Account, credit card, and debit card numbers ➤ Mothers maiden name ➤ Passwords, access codes and PINs ➤ Pets name and name of first school (often used for forgotten password resets) What kind of information should I protect ?
➤ PhishGuard’s implementation is a proof of concept that only detects phishing attacks based on testing HTTP Digest authentications. ➤ The work in bases its protection against phishing on the idea that phishing websites do not often verify user credentials, but merely store them for later use by the phisher. PhishGuard: A Browser Plug-in
1) The user visits a page. 2) If the visited page sends an authentication request, and if the user submitted the authentication form, then PhishGuard starts its testing procedures. 3) PhishGuard would send the same user ID, followed by a random password that does not match the real password, for random n times. 4) If the page responded with HTTP 200 OK message, then it would mean the page is a phishing site, and is simply returning fake authentication success messages.
5) If the page responded with HTTP 401 Unauthorized message, then it could possibly mean: • The site is a phishing site that blindly responds with failure authentication messages. • The site is a legitimate site. 6) To distinguish between the two possibilities above, PhishGuard would send real credentials to the website for the n + 1 time.
➤ The proposed solution aims toward providing: ● Better protection against zero-hour attacks than blacklists. ● A solution that requires relatively minimal resources (11 rules), which is far lower than number of rules in SpamAssassin ; at the time of writing the paper SpamAssassin used 795 rules. ● Minimum false positives. Phishwish: A Stateless Phishing Filter Using Minimal Rules
The proposed rules are (where positive indicates phishiness): • Rule 1: If a URL is a login page that is not a business’s real login page, the result is positive. The paper specifies that this is analyzed based on data returned from search engines. • Rule 2: If the email is formatted as HTML, and an included URL uses Transport Layer Security (TLS) while the actual Hypertext Reference (HREF) attribute does not use TLS, then the result is positive. • Rule 3: If the host-name portion of a URL is an IP address, the result is positive. • Rule 4: If a URL mentions an organization’s name (e.g. PayPal) in a URL path but not in the domain name, the result is positive. • Rule 5: If URL’s displayed domain does not match the domain name as specified in HREF attribute, the result is positive
➤ Phishing has becoming a serious network security problem, causing financial loss of billions of dollars to both consumer send e-commerce companies. ➤ As a future , We educate the user about this policy will results in avoiding user to give his sensitive information to phished Website. CONCLUSION:-
➤ Rao, Routhu Srinivasa, and Syed Taqi Ali. "PhishShield: A desktop application to detect phishing webpages through heuristic approach." Procedia Computer Science 54 (2015): 147-156. ➤ 1.M. Khonji, Y. Iraqi, Andrew Jones. “Phishing detection: A Literature Survey”, Communications Survey & Tutorials, IEEE, pp. 2091-2121, Vol. 15, No. 4, Fourth Quarter 2013. ➤ 1.B. B. Gupta , Aakanksha Tewari , Ankit Kumar Jain, Dharma P. Agrawal “Fighting against phishing attacks: state of the art and future challenges” Review ,Springer, March 2016. ➤Anti-Phishing Working Group (APWG), “Phishing activity trends report — second half 2010,” http://apwg.org/reports/apwg report h2 2010.pdf, 2010, accessed December 2011 REFERENCES
THANKS..!!!

Recommended

Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
CheapSSLsecurity
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
Sushil Kumar
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
SysCloud
 
Phishing
PhishingPhishing
Phishing
anjalika sinha
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 
Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
bensonoo
 

Recommended

Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
CheapSSLsecurity
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
Sushil Kumar
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
SysCloud
 
Phishing
PhishingPhishing
Phishing
anjalika sinha
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
Pankaj Yadav
 
Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
bensonoo
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
Phishing
PhishingPhishing
Phishing
Alka Falwaria
 
Phishing
PhishingPhishing
Phishing
SouganthikaSankaresw
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
Jagan Mohan
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
Phishing
PhishingPhishing
Phishing
Maheshwar Singh
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
Nalneesh Gaur
 
Phishing
PhishingPhishing
Phishing
Sagar Rai
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
Quick Heal Technologies Ltd.
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
Jorge Sebastiao
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
Cyber security
Cyber securityCyber security
Cyber security
Manjushree Mashal
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
Nikolaos Georgitsopoulos
 
Cyber crime types
Cyber crime typesCyber crime types
Cyber crime types
kiran yadav
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
Preeti Papneja
 
phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptx
vdgtkhdh
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet Security
Gerard Lamusse
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation
AniketPandit18
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
Sanjay Kumar
 
Email hacking
Email hackingEmail hacking
Email hacking
ShreyaBhoje
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
IRJET Journal
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 

More Related Content

What's hot

phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptx
vdgtkhdh
 

What's hot (20)

Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phishing
PhishingPhishing
Phishing
 
Phishing
PhishingPhishing
Phishing
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Phishing
PhishingPhishing
Phishing
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
 
Phishing
PhishingPhishing
Phishing
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Cyber security
Cyber securityCyber security
Cyber security
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
 
Cyber crime types
Cyber crime typesCyber crime types
Cyber crime types
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
phishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptxphishing-awareness-powerpoint.pptx
phishing-awareness-powerpoint.pptx
 
Computer & internet Security
Computer & internet SecurityComputer & internet Security
Computer & internet Security
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Email hacking
Email hackingEmail hacking
Email hacking
 

Similar to Phishing Attack : A big Threat

E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detection
ijtsrd
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10
seadeloitte
 
The Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hackingThe Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hacking
at MicroFocus Italy ❖✔
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
theijes
 

Similar to Phishing Attack : A big Threat (20)

Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detection
 
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
Intelligent Phishing Website Detection and Prevention System by Using Link Gu...
 
IT2252_Presentation_Group03.pptx
IT2252_Presentation_Group03.pptxIT2252_Presentation_Group03.pptx
IT2252_Presentation_Group03.pptx
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
Phishing
PhishingPhishing
Phishing
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10
 
Phishing.pdf
Phishing.pdfPhishing.pdf
Phishing.pdf
 
Phishing
PhishingPhishing
Phishing
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking Techniques
 
IRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing TechniquesIRJET- Phishing and Anti-Phishing Techniques
IRJET- Phishing and Anti-Phishing Techniques
 
phishing attack - man in the middle.pptx
phishing attack - man in the middle.pptxphishing attack - man in the middle.pptx
phishing attack - man in the middle.pptx
 
Edu 03 assingment
Edu 03 assingmentEdu 03 assingment
Edu 03 assingment
 
Cyber Crime and Security Presentation
Cyber Crime and Security PresentationCyber Crime and Security Presentation
Cyber Crime and Security Presentation
 
The Major Types of Cybercrime
The Major Types of CybercrimeThe Major Types of Cybercrime
The Major Types of Cybercrime
 
The Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hackingThe Business of Hacking - Business innovation meets the business of hacking
The Business of Hacking - Business innovation meets the business of hacking
 
Business of Hacking
Business of HackingBusiness of Hacking
Business of Hacking
 
November 2017: Part 6
November 2017: Part 6November 2017: Part 6
November 2017: Part 6
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
 

Recently uploaded

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Recently uploaded (20)

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 

Phishing Attack : A big Threat

  • 1. PHISHING ATTACKS (Not The Kind of Fishing You are Used to) Sourav Newatia 31603206 Mtech Cyber Security
  • 2. ➤ Motivation ➤ Introduction ➤ Phishing Attack Motives ➤ Statistics of Phishing ➤ Types of Phishing ➤ Anti-Phishing Tools ➤ Case-Study ➤ Phishing Detection ➤ Conclusion TABLE OF CONTENT:-
  • 3. ➤ India lost around $53 million (about Rs 328 crore) due to phishing scams with the country facing over 3,750 attacks in 2014. ➤ 4th Largest target of phishing attacks in the world. ➤ 7% of global phishing attacks are targeted in India. ➤ US tops the rank with 27% of phishing attacks. http://www.business-standard.com/article/technology/india-fourth-most-targeted-country-by-phishing-attacks- 113120200343_1.html MOTIVATION:-
  • 4. ➤ Phishing is a fraudulent attempt, usually made through email,to steal your personal information. ➤ Phishing is the attempt to obtain sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons through an electronic communication(such as Email). What is Phishing ?
  • 5. ➤ Financial gain : Phishers can use stolen banking credential to their Financial benefits. ➤ Identity hiding : instead of using stolen identities directly, phishers might sell the identities to others whom might be criminals seeking ways to hide their identities and activities (e.g. purchase of goods). ➤ Fame and notoriety: phishers might attack victims for the sake of peer recognition. Phishing Motives:-
  • 8. Phishing Attack (July- September 2016)
  • 9. Targeted Industry Sectors By Phishing Attacks:-
  • 10. ➤ eBay and PayPal are two of the most targeted companies, and online banks are also common targets. ➤ Attractive targets include ☗ Financial institutions ☗ Gaming industry ☗ Social media ☗ Security companies v
  • 11. In this example ,Spelling mistake in the E-mail ,and the presence of an IP Address in the Link (Visible in the tooltip under the yellow box ) are both clues that this is a phishing attempt.
  • 12. In this Example , targeted at South Trust Bank Users , the phisher has used an image to make it harder for anti-phishing filters to detect by scanning for text commonly used in phishing Emails.
  • 14. ➤ Deceptive Phishing The Common method is deceptive phishing is E-mail. Phisher Sends a bulk of deceptive emails which command the user to click on link provided. ➤ Malware -Based Phishing Running malicious software on the user’s machine. ☗ Key-Loggers & Screen-Loggers ☗ Session HIjackers TYPES OF PHISHING ATTACKS :-
  • 15. ➤ DNS-Based Phishing ☗ It is used to Pollute the DNS Cache with Incorrect Information which directs the user to the other location. ☗ This type of phishing can be done directly when the user has a misconfigured DNS cache. TYPES OF PHISHING ATTACKS :-
  • 16. ➤ Content-Injection Phishing ☗ In this Attack , a Malicious content is injected into a legitimate site. ☗ This malicious content can direct the user to some other sites or it can install malwares on the computers. TYPES OF PHISHING ATTACKS :-
  • 17. ➤ NETCraft ☗ It alerts the user when connect to the phishing sites. ☗ When a user connects to a phishing site it block the user by showing a warning sign. ☗ It traps suspicious URLs in which the character have no common purpose other than to deceive the user. ANTI-PHISHING TOOLS:-
  • 18.
  • 19. ➤ ThreatFire ☗ ThreatFire Provides Behaviour based security monitoring solution protecting unsafe system. ☗ It Continuously analyses the programs and processes on the system and if it find any suspicious actions. ☗ It can be Used with the normal antivirus programs or firewall which adds an additional level of security of the system.
  • 20.
  • 21. ☗ It is an adware and spyware utility which identifies and clears any potential adware , trojans ,key-loggers , spyware , and other malware of the system. ☗ It also features browser monitoring immunization again ActiveX controls , and automatic cookie deletion. ➤ Spyware Doctor
  • 22.
  • 23. ➤ PhishTank SiteChecker ➤ Spoof-Guard ➤ Trust-Watch Toolbar ➤ Adware Inspector Other Anti-Phishing Tools :-
  • 24. ➤ ACTIVE WARNING The warning does not block the content-area and enables the user to view both the content and the warning as in the snapshot. ➤ PASSIVE WARNING The warning blocks the content-data, which prohibits the user from viewing the content-data while the warning is displayed. PHISHING ATTACK WARNINGS:-
  • 25.
  • 27. ➤ The US and Egyptian fraudsters were accused of using phishing scams to steal account details from hundreds, possibly thousands, of people, and transferring about $1.5 million into fake accounts they controlled. ➤ The group of fraudsters were accused of targeting US financial institutions and victimising a number of account holders by fraudulently using their personal financial information after they were successfully Phished. ➤ American authorities charged 53 people, while Egypt charged 47, with offences including conspiracy to commit bank fraud, computer fraud, money laundering and aggravated identity theft. The bank fraud alone could lead to jail sentences of 20 years. CASE STUDY I (The Largest International Phishing Case)
  • 28. ➤ A few customers of ICICI Bank received an email asking for their Internet login name and password to their account. ➤ The email seemed so genuine that some users even clicked on the URL given in the mail to a Web page that very closely resembled the official site. ➤ The scam was finally discovered when an assistant manager of ICICI Bank's information security cell received emails forwarded by the bank's customers seeking to crosscheck the validity of the emails with the bank. ➤ Lost 43 Lakhs Approx. CASE STUDY II (ICICI BANK PHISHING CASE)
  • 29. ➤ The Hackers compromised the EA Games server by exploiting one of the vulnerabilities in an outdated WebCalendar application and used it as a weapon to create the fake "My Apple ID" page designed to look like the legitimate Apple login page, as shown. Once the users submit the details, they are redirected to the legitimate Apple ID website. ➤ Using hijacked Apple ID details, hackers can gain access users' personal data stored on iCloud, including email, contacts, calendars, and photos, that could even be used to clone an iPhone or iPad by restoring an iCloud backup to a device in their possession. CASE STUDY III (EA Games website hacked; Phishing page hosted to steal Apple IDs)
  • 30. ➤ In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. ➤ FireEye identified a new domain (csecurepay[.]com) that was registered on October 23 this year and appears to be an online payment gateway but actually is a phishing website that leads to the capturing of customer information from 26 banks operating in the country, the company said in a statement on Thursday. ➤ In this phishing attack, victims are asked to enter their account number, mobile number, email address, one time password (OTP) and other details. Once the information is collected, the website displays a fake failed login message to the victim. CASE STUDY IV (Phishing website spoof 26 banks, including SBI, BOB )
  • 31. ➤ Awareness and training programs 1. Making use of regular communications to explain the phishing Problem. 2. Establishing a simple mechanism for reporting phishing attacks 3. Posting alerts on security website
  • 32. ➤ Blacklists hold URLs that refer to sites that are considered malicious. Whenever a browser loads page, it queries blacklist to determine whether currently visited URL is on this list. If so, appropriate countermeasures can be taken. Otherwise, the page is considered legitimate. ➤ The drawback of this approach is that the blacklist usually cannot cover all phishing websites since newly created fraudulent website takes considerable time before it can be added to the list. Phishing Detection Using Blacklist
  • 33. ➤ The proposed heuristics in are: 1) Extract company name from the suspected URL. 2) Search for the extracted company name in Google, and return the rest 10 results. 3) If the suspected URL belongs to the rst 10 returned Google results, then the page is legitimate. 4) If the suspected URL does not belong to the rst 10 returned Google results, then the suspected URL is classfied as phishing. 5) If the suspected URL is classfied as phishing, it will be saved in a database. A Phishing Sites Blacklist Generator
  • 34. ➤ CANTINA is an Internet Explorer toolbar that decides whether a visited page is a phishing page by analyzing its content. ➤ CANTINA uses Term Frequency-Inverse Document Frequency (TF-IDF), search engines. Phishing Detection Using CANTINA
  • 35. ➤ The following procedures are performed by CANTINA to detect phishing websites: 1) TF-IDF of each term on a suspected web page is calculated. 2) Top 5 terms with highest TF-IDF values are taken to represent the document. 3) Submit the 5 terms into a search engine Google search query and store domain names of the first returned n entries. (e.g.http://www.google.ae/search?q=t1,t2,t3,t4,t5,) 4) If the suspected domain name is found within the n number of returned results, then the site is legitimate.
  • 36. ➤ Social Security number ➤ Drivers license number ➤ Account, credit card, and debit card numbers ➤ Mothers maiden name ➤ Passwords, access codes and PINs ➤ Pets name and name of first school (often used for forgotten password resets) What kind of information should I protect ?
  • 37. ➤ PhishGuard’s implementation is a proof of concept that only detects phishing attacks based on testing HTTP Digest authentications. ➤ The work in bases its protection against phishing on the idea that phishing websites do not often verify user credentials, but merely store them for later use by the phisher. PhishGuard: A Browser Plug-in
  • 38. 1) The user visits a page. 2) If the visited page sends an authentication request, and if the user submitted the authentication form, then PhishGuard starts its testing procedures. 3) PhishGuard would send the same user ID, followed by a random password that does not match the real password, for random n times. 4) If the page responded with HTTP 200 OK message, then it would mean the page is a phishing site, and is simply returning fake authentication success messages.
  • 39. 5) If the page responded with HTTP 401 Unauthorized message, then it could possibly mean: • The site is a phishing site that blindly responds with failure authentication messages. • The site is a legitimate site. 6) To distinguish between the two possibilities above, PhishGuard would send real credentials to the website for the n + 1 time.
  • 40. ➤ The proposed solution aims toward providing: ● Better protection against zero-hour attacks than blacklists. ● A solution that requires relatively minimal resources (11 rules), which is far lower than number of rules in SpamAssassin ; at the time of writing the paper SpamAssassin used 795 rules. ● Minimum false positives. Phishwish: A Stateless Phishing Filter Using Minimal Rules
  • 41. The proposed rules are (where positive indicates phishiness): • Rule 1: If a URL is a login page that is not a business’s real login page, the result is positive. The paper specifies that this is analyzed based on data returned from search engines. • Rule 2: If the email is formatted as HTML, and an included URL uses Transport Layer Security (TLS) while the actual Hypertext Reference (HREF) attribute does not use TLS, then the result is positive. • Rule 3: If the host-name portion of a URL is an IP address, the result is positive. • Rule 4: If a URL mentions an organization’s name (e.g. PayPal) in a URL path but not in the domain name, the result is positive. • Rule 5: If URL’s displayed domain does not match the domain name as specified in HREF attribute, the result is positive
  • 42. ➤ Phishing has becoming a serious network security problem, causing financial loss of billions of dollars to both consumer send e-commerce companies. ➤ As a future , We educate the user about this policy will results in avoiding user to give his sensitive information to phished Website. CONCLUSION:-
  • 43. ➤ Rao, Routhu Srinivasa, and Syed Taqi Ali. "PhishShield: A desktop application to detect phishing webpages through heuristic approach." Procedia Computer Science 54 (2015): 147-156. ➤ 1.M. Khonji, Y. Iraqi, Andrew Jones. “Phishing detection: A Literature Survey”, Communications Survey & Tutorials, IEEE, pp. 2091-2121, Vol. 15, No. 4, Fourth Quarter 2013. ➤ 1.B. B. Gupta , Aakanksha Tewari , Ankit Kumar Jain, Dharma P. Agrawal “Fighting against phishing attacks: state of the art and future challenges” Review ,Springer, March 2016. ➤Anti-Phishing Working Group (APWG), “Phishing activity trends report — second half 2010,” http://apwg.org/reports/apwg report h2 2010.pdf, 2010, accessed December 2011 REFERENCES

Editor's Notes

  1. And
  2. Phishing website spoof 26 banks, including SBI, ICICI