Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.

Slides:



Advertisements
Similar presentations
Phishing Scams use spoofed s and websites as lures to prompt people to voluntarily hand over sensitive information Phishing s may contain.
Advertisements

Protect Yourself Against Phishing. The good news: The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million.
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation,
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
By The Blank Mind Group Dana Fellows Jason Kohut Rick Barton Darrell Fraser Kuo-Luen Chang Darrell Fraser Kuo-Luen Chang.
Internet Phishing Not the kind of Fishing you are used to.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
Threats To A Computer Network
Phishing – Read Behind The Lines Veljko Pejović
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Phishing, Pharming, and Spam Margaret StewartTuesday, Oct. 21, 2006.
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Security Liaisons Information Presentation. Introduction  What’s the big deal with computer security? Don’t we have an IT security department to take.
How It Applies In A Virtual World
COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.
Security Issues: Phishing, Pharming, and Spam
GONE PHISHING ECE 4112 Final Lab Project Group #19 Enid Brown & Linda Larmore.
Web Spoofing John D. Cook Andrew Linn. Web huh? Spoof: A hoax, trick, or deception Spoof: A hoax, trick, or deception Discussed among academics in the.
Cyber crime on the rise. Recent cyber attacks How it happens? Distributed denial of service Whaling Rootkits Keyloggers Trojan horses Botnets Worms Viruses.
Cyber Crimes.
P HI SH I NG !. WHAT IS PHISHING ? In computer security phishing is trying to acquire important information such as; passwords, usernames and credit card.
Matthew Hardaway CSCI101 Thursday 3:30pm.  Fishing (Encyclopedia Britannica): ◦ Sport of catching fish—freshwater or saltwater— typically with rod, line,
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.
The Internet = A World of Opportunities Look what’s at your fingertips A way to communicate with friends, family, colleagues Access to information and.
Reliability & Desirability of Data
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation,
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
IT Banking Advantages and Disadvantages. Advantages IT banking is faster and more convenient for the user as they no longer are required to be at the.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
Chapter 7 Phishing, Pharming, and Spam. Phishing Phishing is a criminal activity using computer security techniques. Phishers try to acquire information.
CCT355H5 F Presentation: Phishing November Jennifer Li.
About Phishing Phishing is a criminal activity using social engineering techniques.criminalsocial engineering Phishers attempt to fraudulently acquire.
Phishing Internet scams. Phishing phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and.
BY : MUHAMMAD KHUZAIMI B. ISHAK 4 ADIL PUAN MAZITA INFORMATION AND COMMUNICATION OF TECHNOLOGY.
Phishing A practical case study. What is phishing? Phishing involves fraudulently acquiring sensitive information (e.g. passwords, credit card details.
Phishing: Trends and Countermeasures Blaine Wilson.
How Phishing Works Prof. Vipul Chudasama.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
A Matter of Your Personal Security Phishing. Beware of Phishing s Several employees received an that looked legitimate, as if it was being.
Saphe surfing! 1 SAPHE Secure Anti-Phishing Environment Presented by Uri Sternfeld.
A Matter of Your Personal Security Phishing Revised 11/30/15.
Internet safety. Dangers of a poor password How people guess your password Your partner, child, or pet's name, possibly followed by a 0 or 1 The last.
PHISHING PRESENTED BY: ARQAM PASHA. AGENDA What is Phishing? Phishing Statistics Phishing Techniques Recent Examples Damages Caused by Phishing How to.
Phishing & Pharming Methods and Safeguards Baber Aslam and Lei Wu.
Malicious Attacks By: Jamie Woznicki Rahul-Anaadi Kurl Alexander Kaufmann Curtis Songer Daniel Cardenas Rivero.
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Dr. Harold Cothern, Educause/SonicWall, Hendra Harianto Tuty, Microsoft.
Yes, it’s the holidays... A time of joy, a time of good cheer, a time of celebration... From the Office of the Chief Human Capital Officer (CHCO ) Privacy.
Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.
Internet Security TEAMS March 18 th, ISP:Internet Service Provider.
CNP Fraud. Occurs when a fraudster falsifies an application to acquire a credit card using an individual’s personal information. (Eg: postal intercept)
Fall Phishing - attempt to acquire sensitive information, like bank account information or an account password, by posing as a legitimate entity.
Important Information Provided by Information Technology Center
Learn how to protect yourself against common attacks
ISYM 540 Current Topics in Information System Management
Information Security and Privacy Pertaining to Phishing and Internet Scams Brian Corl COSC 316 Information Security and Privacy.
Phishing is a form of social engineering that attempts to steal sensitive information.
Protect Your Computer Against Harmful Attacks!
Information Security Session October 24, 2005
HOW DO I KEEP MY COMPUTER SAFE?
Computer Security.
What is Phishing? Pronounced “Fishing”
Phishing “In computing, phishing (also known as carding and spoofing) is a form of social engineering, characterized by attempts to fraudulently acquire.
Spear Phishing Awareness
Cybersecurity Simplified: Phishing
Presentation transcript:

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie

Outline Phishing –Defined –How Phishing Works –Phishing Damage –What Phishing Looks Like –Prevention Pharming –How Pharming Works –Prevention

Phishing Defined “Phishing is a form of criminal activity using social engineering techniques, characterized by attempts to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an apparently official electronic communication, such as an or an instant message.” -Wikipedia

How Phishing Works “Legitimate” s seem to originate from trusted sources – banks or online retailers Social engineering tactics convince the reader that their information is needed –Fear is the #1 tactic –Solicitation of help Links and look very real –Account Update –

How Phishing Works Techniques –Mispelled URLs ( –Spoofing URLs –Javascript –Cross Site Scripting –International Domain Names

How Phishing Works The Stolen Results –Voluntary! Remember you gave it to them. –Login Username Password –Update Information Social Security Number Address Bank Account Number Credit Card Number

Phishing Damage Monetary –May 2004 and May 2005, roughly 1.2 million U.S. computer users suffered phishing losses valued at $929 million –U.S. companies lose more than $2 billion annually as their clients fall victim Identity –New Credit Cards, loans, apartments, bank accounts, etc.

Phishing Damage Courtesy of: The Anti-Phishing Working Group

Phishing Targets Courtesy of: The Anti-Phishing Working Group

Phishing Targets Users lack computer knowledge –Elderly Users lack security knowledge –Elderly –Teens –New Computer Users –Infrequent Computer Users

What Phishing Looks Like #1: The link that appears legitimate #2: The actual destination when you click on the link

Phishing Test Real! Real or Fake?

Phishing Test Fake! Real or Fake?

Phishing Test Fake! Real or Fake?

Phishing Test For the complete test go to: ztest.html ztest.html A similar test was conducted by Rachna Dhamija, J.D. Tygar, and Marti Hearst with 20 websites and s -12 were fraudulent - 8 were legitimate

Phishing Test Results

How to Detect Phishing Software –Specialized “Anti- Phishing” Software –Spam filters –Challenge Questions –Firefox –Opera –IE 7

Prevention Education, education, education Look out for: –Misspelled words –“Dear Valued Customer” –Beware of sign –Unusual company behavior Go to websites directly from browser

How to Detect Phishing Other Resources: –McAfee’s Whitepaper: “Anti-Phishing: Best Practices for Institutions and Consumers”McAfee’s Whitepaper: “Anti-Phishing: Best Practices for Institutions and Consumers” –Why Phishing Works – study by Dhamija, Tygar, and HearstWhy Phishing Works –The FTC “How Not to Get Hooked by a ‘ Phishing’ Scam“ websiteHow Not to Get Hooked by a ‘ Phishing’ Scam

Phishing’s Evil Cousin People are educating themselves and foiling many phishers –Leading many to develop more malicious tools Pharming Spam Viruses Password Stealing Software –Same end result, different method

How Pharming Works Viruses –Alters the computer’s host file DNS Poisoning –Nothing on your computer changes –The company’s website is “hijacked” –Google and Panix.com recent examples Detection is very difficult

Prevention Burden lies on businesses –Server-side scripts –Digital Certificates Browsers can help identify originating location –US customers would be wary of bank IP address from Russia

Conclusion Educate yourself! Keep web applications up-to-date –“Check for Updates” button Be cautious –If it seems suspicious, don’t take a chance

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.