2014 From Phish to Phraud Kat Seymour October 10, 2014 #GHC14 2014.

Slides:



Advertisements
Similar presentations
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
Advertisements

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Social Network Security Issues: Social Engineering and Phishing Attacks Jeffrey Allen, Leon Gomez, Marlon Green, Phillip Ricciardi, Christian Sanabria.
The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.
TAX-AIDE Computer Security Chris Hughes Chairman NTC 1 NLT Meeting Aug 2014.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
Security for Today’s Threat Landscape Kat Pelak 1.
© 2014 wheresjenny.com Cyber crime CYBER CRIME. © 2014 wheresjenny.com Cyber crime Vocabulary Defacement : An attack on a website that changes the visual.
Possible Threats To Data. Objectives To understand: Types of threats Importance of security Preventative and remedial actions Personal safety This will.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
McGraw-Hill/Irwin ©2009 The McGraw-Hill Companies, All Rights Reserved CHAPTER 4 ETHICS AND INFORMATION SECURITY Business Driven Information Systems 2e.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
PASSWORD MANAGER Why you need one 1. WHAT IS A PASSWORD MANAGER? A modern Password Manager is a browser extension (Chrome, Internet Explorer, Firefox,
Protecting Against Online Fraud F5 SIT Forum
The OWASP Foundation OWASP Chennai Phishing.
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
Norman SecureSurf Protect your users when surfing the Internet.
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
First Community Bank Prevx Safe Online Rollout & Best Practice Presentation.
Market Trends Enterprise Web Applications Cloud Computing SaaS Applications BYOD Data Compliance Regulations 30 Second Elevator Pitch Web browsers have.
Communications & Data Services The Evolution of Communications Cathy Avgiris EVP/GM May 10, 2012.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Copyright 2009 Trend Micro Inc. Classification 9/9/ Corporate End User Study Employee Online Behavior.
Safe Internet Use Mark Wheatley CSI Onsite
IT security By Tilly Gerlack.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
CCT355H5 F Presentation: Phishing November Jennifer Li.
Topic 5: Basic Security.
DEFINING A VIRUS By saad. Defining a virus A virus is a piece of code or program. A virus is loaded onto the computer and runs without your command All.
Strong Security for Your Weak Link: Implementing People-Centric Security Jennifer Cheng, Director of Product Marketing.
Security A Payments Perspective Terry Dooley EVP & CIO SHAZAM Network.
Identity Theft One of America's fastest growing crimes.
Cybersecurity Test Review Introduction to Digital Technology.
Introduction: Introduction: As technology advances, we have cheaper and easier ways to stay connected to the world around us. We are able to order almost.
Threats To Data 30 Threats To Data 30. Threats To Data 30 We’re now going to look at a range of different threats to people’s data: Opportunity Threats.
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
2015Computer Services – Information Security| Information Security Training Budget Officers.
FIND OUT WHY VIPRE IS STILL OUTPERFORMING ITS RIVALS! Distributed By: & Insert Your Logo Here.
Mobile device security Practical advice on how to keep your mobile device and the data on it safe.
Yes, it’s the holidays... A time of joy, a time of good cheer, a time of celebration... From the Office of the Chief Human Capital Officer (CHCO ) Privacy.
FIND OUT WHY VIPRE IS STILL OUTPERFORMING ITS RIVALS! Distributed By: & Insert Your Logo Here.
BuckeyePass Multi-Factor Authentication. 2 What is Multi-Factor Authentication? Adds a 2 nd layer of security Combines something you know with something.
Important Information Provided by Information Technology Center
Digital Security Identity theft Copyright Laws Plagiarism, and More.
Done by… Hanoof Al-Khaldi Information Assurance
Personal spaces.
Targeted Video Advertising
Information Security 101 Richard Davis, Rob Laltrello.
Protecting our institutional and your personal data
Phishing is a form of social engineering that attempts to steal sensitive information.
Staying Austin College
Securing Information Systems
Cybersecurity Awareness
Practice Safe Computing
Strong Security for Your Weak Link:
Staying safe on the internet
HOW DO I KEEP MY COMPUTER SAFE?
Security Hardening through Awareness August 2018
Information Security Casebook
CYBERSAFETY & Personal information
Security in mobile technologies
Presentation transcript:

2014 From Phish to Phraud Kat Seymour October 10, 2014 #GHC

2 * ** phishing statistics: Approximately 450,000 incidents recorded** Over $5.9 billion in losses** The United States government describes phishing as the use of fraudulent s and copy-cat websites to try and convince you to reveal valuable personal information, such as account numbers, login credentials or your Social Security number, to be used to try and take your money, your identity or both.* What is Phishing

2014 Social engineering tactics & risks 3 Use publicly available information to deploy social engineering tools Vishing Phishing Account take over Initiates malicious action (Trojan, Key Logger) What are the risks? Personal and/or enterprise risk Fraud and identity theft Business disruption Home burglary Reputational damage Theft of confidential documents and/or equipment Financial losses

Weak Phishing Unrecognizable senders Generic salutations Misspellings Check the URL

Use of company brands Use of company words to make the phish look more authentic Generic salutations Check the URL Urgency Unrecognizable senders Strong Phishing

2014 Referers 6

2014 Find IP and check sites using URLQuery 7

2014 Suspicious IP indicators 8 Click Delta Velocity Score

2014 Device Fingerprinting 9 The New Endpoint Desktop Computers Laptops Tablets Mobile phones Internet TV Refrigerators Environment Control Systems Portal Devices

2014 Challenges and opportunities 10 Working with ISPs to remove phishing websites Active monitoring of logs, traffic, websites and registered domain names Work with providers to help authenticate senders and prevent phishing s from ever reaching customer in-boxes What is the industry doing to protect you? Spread out across many countries and ISPs Phishing has been around a long time and new types of attempts are constantly evolving Happens on the client/customer side Systems are outside of our space Challenges of defense

2014 Got Feedback? Rate and Review the session using the GHC Mobile App To download visit

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.