SlideShare une entreprise Scribd logo

Phishing & Pharming Explained.pdf

E
Evs, Lahore

The presentation is all about internet scams and specially describe the concept of Phishing & pharming and all its related type with a comprehensive description.

Technologie
1  sur  15
Télécharger pour lire hors ligne
Phishing Phishing is a types of Internet Scam or Cyber Attack, often used to steal user data, including login credentials and credit card numbers. Govt. Science College Presented by Zubair Jamil
How it works? It occurs when an attacker, veiled as a trusted entity, fools a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information. Sometime the attacker trick the victim by presenting himself as popular site with its same user interface and is redirected to the login page and by entering login credentials, victim exposes his identity to the attackers.
Example of Email Phishing In this example attacker present himself as your university‘s administration and ask you to renew your password and when you click the link you are redirected to a malicious site which have the same interface as your university have, and he tricks you and ask your old login credentials for renewing your password.
$57.8 Billion According to the FBI's 2019 Internet Crime Report, more than 114,700 people fell victim to phishing scams in 2019. Collectively, they lost $57.8 million, or about $500 each. More than 50% of the development expenditure of HEC ( Total 108 Billion - 2021) According to the FBI's 2017 Internet Crime Report, more than 300,000 people fell victim to phishing scams in 2017 and lost $1.4 billion.
Some Phishing Techniques The way how Attacker attacks in most of the cases Is known as technique. Some of the most common and popular techniques are mentioned here. Spear Phishing Email Phishing MITM Attack Vishing Smishing Angler Phishing Whaling Pharming
Spear Phishing Spear phishing is an email or electronic commun- ications scam targeted to a specific individual, organ- ization often intended to steal data for malicious purposes. An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims' attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Center for Missing and Exploited Children.
MITM Attack A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites and other websites where logging in is required. Information obtained during an attack could be used for many purposes, including identity theft, unapproved fund transfers or an illicit password change.
Smishing &Vishing Smishing and vishing are types of phishing attacks that use text messaging (SMS) and voice calls to manipulate victims into giving over sensitive data to cybercriminals. Smishing, also called SMS phishing, uses social engineering tactics carried out over text messaging. A criminal can us a phone number to send text messages that appear to be from trusted senders, like a bank, a co-worker, or a popular online retailer. The goal is to get you to give the cybercriminal sensitive information. Vishing (stands for voice phishing), is a type of phishing attack conducted over the phone. Vishing attackers fake their caller ID to appear to be calling from a local area code to the victim. Some attackers may use their real voice to appear more trustworthy, This is a popular attack method to use because VoIP users are not required to provide proof to obtain caller ID data, which means they can easily disguise themselves as anyone. (VoIP stands for Voice Over Internet Protocol phones.)
Angler Phishing People disguise themselves as a customer service agent on social media in order to reach a unhappy customer and obtain their personal information or account credentials. Fake accounts will answer people who are airing complaints on social media, usually via Facebook or Twitter. These fake accounts disguise themselves under a handle that includes the name of the financial institution, hoping that the people who are upset won’t realize that they aren’t a valid account. The fake account will attempt to offer the disgruntled person a link that they claim will take them directly to an agent ready to talk to them. Clicking that link, however, will either install malware onto their computer, or lead them to another website that will try to get information and money from them.
Whaling Whaling is a common cyber attack that occurs when an attacker utilizes spear phishing methods to go after a large, high-profile target. n a whaling attack, attackers send an email that looks and seems like a legitimate email from a trusted source, often a contact within the company or with a partner, vendor, or customer account. A whaling email will contain enough personal details or references gleaned from internet research to convince the recipient that it is legitimate. Whaling attacks may also ask a user to click on a link that leads to a spoofed website that looks identical to a legitimate site, where information can be collected, or malware can be downloaded.
Pharming Pharming is a type of social engineering cyberattack in which criminals redirect internet users trying to reach a specific website to a different, fake site. These “spoofed” sites aim to capture a victim’s personally identifiable information (PII) and log-in credentials, such as passwords, social security numbers, account numbers, and so on, or else they attempt to install pharming malware on their computer. Pharmers often target websites in the financial sector, including banks, online payment platforms, or e- commerce sites, usually with identity theft as their ultimate objective.
How To Protect Ourselves? Security Awareness Training & Education Email Gateway Reputation Based Solutions Urgent call to actions & threats First Time or Infrequent Sender 5 Suspicious Linking 1 2 3 4
What If You Are Under Attack? Change all your social accounts passwords. Must Freeze your bank cards immediately. Run virus scans. Take you machine to computer expert in case of ransomware attack. 1 3 2 4
Some Resources From The Internet Types of Phishing >> https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing 1 Hidden Content behind an Email >> https://www.sciencedirect.com/topics/computer-science/malicious-email 2
Thank You With ❤ by Zubair Jamil at Govt. Science College, Lahore.

Recommandé

Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?Quick Heal Technologies Ltd.
 
Phishing
PhishingPhishing
Phishinganjalika sinha
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 

Recommandé

Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securityAkash Dhiman
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?Quick Heal Technologies Ltd.
 
Phishing
PhishingPhishing
Phishinganjalika sinha
 
Phishing attack
Phishing attackPhishing attack
Phishing attackRaghav Chhabra
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Cybercrime and Security
Cybercrime and SecurityCybercrime and Security
Cybercrime and SecurityNoushad Hasan
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 
Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber crime presentation
Cyber crime presentation Cyber crime presentation
Cyber crime presentation Priya Saluja
 
Phishing
PhishingPhishing
PhishingMaheshwar Singh
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and SecurityHussain777
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
Cyber security
Cyber securityCyber security
Cyber securityKrishanu Ghosh
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentationcharlesgarrett
 
Phishing
PhishingPhishing
PhishingAlka Falwaria
 
Cybercrime
CybercrimeCybercrime
CybercrimeKomal003
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Cyber security
Cyber securityCyber security
Cyber securityRishav Sadhu
 
Phishing
PhishingPhishing
PhishingSagar Rai
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
Cyber security
Cyber securityCyber security
Cyber securityDr. Kishor Nikam
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeRamesh Upadhaya
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniquesSushil Kumar
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law. PROF. PUTTU GURU PRASAD
 
Phishing Attack Awareness and Prevention
Phishing Attack Awareness and PreventionPhishing Attack Awareness and Prevention
Phishing Attack Awareness and Preventionsonalikharade3
 
Cyber security ATTACK on Retired Personnel, MITIGATION and Best Practices
Cyber security ATTACK on Retired Personnel, MITIGATION and Best PracticesCyber security ATTACK on Retired Personnel, MITIGATION and Best Practices
Cyber security ATTACK on Retired Personnel, MITIGATION and Best PracticesOluwatobi Olowu
 

Contenu connexe

Tendances

Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and securitySharath Raj
 
Cyber crime presentation
Cyber crime presentation Cyber crime presentation
Cyber crime presentation Priya Saluja
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and SecurityHussain777
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentationcharlesgarrett
 
Cybercrime
CybercrimeCybercrime
CybercrimeKomal003
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security PresentationAllan Pratt MBA
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniquesSushil Kumar
 

Tendances (20)

Cyber crime and security
Cyber crime and securityCyber crime and security
Cyber crime and security
 
Cyber crime presentation
Cyber crime presentation Cyber crime presentation
Cyber crime presentation
 
Phishing
PhishingPhishing
Phishing
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
 
Cyber crime and Security
Cyber crime and SecurityCyber crime and Security
Cyber crime and Security
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
 
Cyber security
Cyber securityCyber security
Cyber security
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentation
 
Phishing
PhishingPhishing
Phishing
 
Cybercrime
CybercrimeCybercrime
Cybercrime
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Network Security Presentation
Network Security PresentationNetwork Security Presentation
Network Security Presentation
 
Cyber security
Cyber securityCyber security
Cyber security
 
Phishing
PhishingPhishing
Phishing
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Cyber security
Cyber securityCyber security
Cyber security
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
 
Introduction to cyber law.
Introduction to cyber law. Introduction to cyber law.
Introduction to cyber law.
 

Similaire à Phishing & Pharming Explained.pdf

Phishing Attack Awareness and Prevention
Phishing Attack Awareness and PreventionPhishing Attack Awareness and Prevention
Phishing Attack Awareness and Preventionsonalikharade3
 
Cyber security ATTACK on Retired Personnel, MITIGATION and Best Practices
Cyber security ATTACK on Retired Personnel, MITIGATION and Best PracticesCyber security ATTACK on Retired Personnel, MITIGATION and Best Practices
Cyber security ATTACK on Retired Personnel, MITIGATION and Best PracticesOluwatobi Olowu
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesArnav Chowdhury
 
Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...
Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...
Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...Okan YILDIZ
 
What is a phishing attack
What is a phishing attackWhat is a phishing attack
What is a phishing attackAariyaRathi
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10seadeloitte
 
Phish Phry- Analysis paper
Phish Phry- Analysis paper Phish Phry- Analysis paper
Phish Phry- Analysis paper Joydeep Banerjee
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishingMH BS
 
IDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUIDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUBilly Warero
 
Using OTP prevent Phishing attacks
Using OTP prevent Phishing attacksUsing OTP prevent Phishing attacks
Using OTP prevent Phishing attacksriteshsarode1995
 
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptxInternet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptxInternet 2Conf
 

Similaire à Phishing & Pharming Explained.pdf (20)

Phishing Attack Awareness and Prevention
Phishing Attack Awareness and PreventionPhishing Attack Awareness and Prevention
Phishing Attack Awareness and Prevention
 
Cyber security ATTACK on Retired Personnel, MITIGATION and Best Practices
Cyber security ATTACK on Retired Personnel, MITIGATION and Best PracticesCyber security ATTACK on Retired Personnel, MITIGATION and Best Practices
Cyber security ATTACK on Retired Personnel, MITIGATION and Best Practices
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Unit iii: Common Hacking Techniques
Unit iii: Common Hacking TechniquesUnit iii: Common Hacking Techniques
Unit iii: Common Hacking Techniques
 
Phishing
PhishingPhishing
Phishing
 
Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...
Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...
Phishing, Smishing and vishing_ How these cyber attacks work and how to preve...
 
What is a phishing attack
What is a phishing attackWhat is a phishing attack
What is a phishing attack
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10
 
Phish Phry- Analysis paper
Phish Phry- Analysis paper Phish Phry- Analysis paper
Phish Phry- Analysis paper
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishing
 
Phishing
PhishingPhishing
Phishing
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
IDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOUIDENTIFYING CYBER THREATS NEAR YOU
IDENTIFYING CYBER THREATS NEAR YOU
 
Using OTP prevent Phishing attacks
Using OTP prevent Phishing attacksUsing OTP prevent Phishing attacks
Using OTP prevent Phishing attacks
 
Tittl e
Tittl eTittl e
Tittl e
 
Internet Fraud
Internet FraudInternet Fraud
Internet Fraud
 
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptxInternet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
 
Phishing.pdf
Phishing.pdfPhishing.pdf
Phishing.pdf
 

Dernier

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 

Dernier (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 

Phishing & Pharming Explained.pdf

  • 1. Phishing Phishing is a types of Internet Scam or Cyber Attack, often used to steal user data, including login credentials and credit card numbers. Govt. Science College Presented by Zubair Jamil
  • 2. How it works? It occurs when an attacker, veiled as a trusted entity, fools a victim into opening an email, instant message, or text message. The recipient is then tricked into clicking a malicious link, which can lead to the installation of malware, the freezing of the system as part of a ransomware attack or the revealing of sensitive information. Sometime the attacker trick the victim by presenting himself as popular site with its same user interface and is redirected to the login page and by entering login credentials, victim exposes his identity to the attackers.
  • 3. Example of Email Phishing In this example attacker present himself as your university‘s administration and ask you to renew your password and when you click the link you are redirected to a malicious site which have the same interface as your university have, and he tricks you and ask your old login credentials for renewing your password.
  • 4. $57.8 Billion According to the FBI's 2019 Internet Crime Report, more than 114,700 people fell victim to phishing scams in 2019. Collectively, they lost $57.8 million, or about $500 each. More than 50% of the development expenditure of HEC ( Total 108 Billion - 2021) According to the FBI's 2017 Internet Crime Report, more than 300,000 people fell victim to phishing scams in 2017 and lost $1.4 billion.
  • 5. Some Phishing Techniques The way how Attacker attacks in most of the cases Is known as technique. Some of the most common and popular techniques are mentioned here. Spear Phishing Email Phishing MITM Attack Vishing Smishing Angler Phishing Whaling Pharming
  • 6. Spear Phishing Spear phishing is an email or electronic commun- ications scam targeted to a specific individual, organ- ization often intended to steal data for malicious purposes. An email arrives, apparently from a trustworthy source, but instead it leads the unknowing recipient to a bogus website full of malware. These emails often use clever tactics to get victims' attention. For example, the FBI has warned of spear phishing scams where the emails appeared to be from the National Center for Missing and Exploited Children.
  • 7. MITM Attack A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application The goal of an attack is to steal personal information, such as login credentials, account details and credit card numbers. Targets are typically the users of financial applications, SaaS businesses, e-commerce sites and other websites where logging in is required. Information obtained during an attack could be used for many purposes, including identity theft, unapproved fund transfers or an illicit password change.
  • 8. Smishing &Vishing Smishing and vishing are types of phishing attacks that use text messaging (SMS) and voice calls to manipulate victims into giving over sensitive data to cybercriminals. Smishing, also called SMS phishing, uses social engineering tactics carried out over text messaging. A criminal can us a phone number to send text messages that appear to be from trusted senders, like a bank, a co-worker, or a popular online retailer. The goal is to get you to give the cybercriminal sensitive information. Vishing (stands for voice phishing), is a type of phishing attack conducted over the phone. Vishing attackers fake their caller ID to appear to be calling from a local area code to the victim. Some attackers may use their real voice to appear more trustworthy, This is a popular attack method to use because VoIP users are not required to provide proof to obtain caller ID data, which means they can easily disguise themselves as anyone. (VoIP stands for Voice Over Internet Protocol phones.)
  • 9. Angler Phishing People disguise themselves as a customer service agent on social media in order to reach a unhappy customer and obtain their personal information or account credentials. Fake accounts will answer people who are airing complaints on social media, usually via Facebook or Twitter. These fake accounts disguise themselves under a handle that includes the name of the financial institution, hoping that the people who are upset won’t realize that they aren’t a valid account. The fake account will attempt to offer the disgruntled person a link that they claim will take them directly to an agent ready to talk to them. Clicking that link, however, will either install malware onto their computer, or lead them to another website that will try to get information and money from them.
  • 10. Whaling Whaling is a common cyber attack that occurs when an attacker utilizes spear phishing methods to go after a large, high-profile target. n a whaling attack, attackers send an email that looks and seems like a legitimate email from a trusted source, often a contact within the company or with a partner, vendor, or customer account. A whaling email will contain enough personal details or references gleaned from internet research to convince the recipient that it is legitimate. Whaling attacks may also ask a user to click on a link that leads to a spoofed website that looks identical to a legitimate site, where information can be collected, or malware can be downloaded.
  • 11. Pharming Pharming is a type of social engineering cyberattack in which criminals redirect internet users trying to reach a specific website to a different, fake site. These “spoofed” sites aim to capture a victim’s personally identifiable information (PII) and log-in credentials, such as passwords, social security numbers, account numbers, and so on, or else they attempt to install pharming malware on their computer. Pharmers often target websites in the financial sector, including banks, online payment platforms, or e- commerce sites, usually with identity theft as their ultimate objective.
  • 12. How To Protect Ourselves? Security Awareness Training & Education Email Gateway Reputation Based Solutions Urgent call to actions & threats First Time or Infrequent Sender 5 Suspicious Linking 1 2 3 4
  • 13. What If You Are Under Attack? Change all your social accounts passwords. Must Freeze your bank cards immediately. Run virus scans. Take you machine to computer expert in case of ransomware attack. 1 3 2 4
  • 14. Some Resources From The Internet Types of Phishing >> https://www.webroot.com/us/en/resources/tips-articles/what-is-phishing 1 Hidden Content behind an Email >> https://www.sciencedirect.com/topics/computer-science/malicious-email 2
  • 15. Thank You With ❤ by Zubair Jamil at Govt. Science College, Lahore.