INTRODUCTION Coined in 1996 by computer hackers. Hackers use e-mail to fish the internet hoping to hook users into supplying them the logins, passwords.

Slides:

Advertisements

Similar presentations

The Third International Forum on Financial Consumer Protection & Education “Fostering Greater Consumer Protection & Education” Preventing Identity Theft.

Advertisements

Security and Trust in E- Commerce. The E-commerce Security Environment: The Scope of the Problem  Overall size of cybercrime unclear; amount of losses.

Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill Technology Education Copyright © 2006 by The McGraw-Hill Companies,

ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.

Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.

PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques.

Cyber Crime Game Players By Marharyta Abreu & Iwona Sornat.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.

Internet Phishing Not the kind of Fishing you are used to.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.

The Ecommerce Security Environment For most law-abiding citizens, the internet holds the promise of a global marketplace, providing access to people and.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

FIT3105 Security and Identity Management Lecture 1.

Saravana Venkatesh Chellam Supervisor : Josef Pieprzyk.

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

The OWASP Foundation OWASP Chennai Phishing.

Bank Crime Investigation Techniques by means of Forensic IT

Lecture 11 Electronic Business (MGT-485). Recap – Lecture 10 Transaction costs Network Externalities Switching costs Critical mass of customers Pricing.

COMPUTER CRIME AND TYPES OF CRIME Prepared by: NURUL FATIHAH BT ANAS.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.

Internet safety By Lydia Snowden.

STAY SAFE ONLINE. STAY SAFE ONLINE! PLEASE MAKE SURE YOU LOGIN AT THE CORRECT BANK URL / ADDRESS 1.NEVER LOGIN VIA LINKS 2.NEVER REVEAL YOUR PIN.

Confidential On-line Banking Risks & Countermeasures By Vishal Salvi – CISO HDFC Bank IBA Banking Security Summit 2009.

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,

PART THREE E-commerce in Action Norton University E-commerce in Action.

1 Getting A Hook On Phishing Laurie Werner Miami University Chuck Frank Northern Kentucky University.

Matthew Hardaway CSCI101 Thursday 3:30pm.  Fishing (Encyclopedia Britannica): ◦ Sport of catching fish—freshwater or saltwater— typically with rod, line,

Preventing Identity Theft in Aspen Falls Helping citizens protect themselves IdentityTheft.

BUSINESS B1 Information Security.

Tutorial Chapter 5. 2 Question 1: What are some information technology tools that can affect privacy? How are these tools used to commit computer crimes?

Viruses & Destructive Programs

 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.

Types of Electronic Infection

Company LOGO Malicious Attacks Brian Duff Nidhi Doshi Timmy Choi Dustin Hellstern.

Ch9QQ T F 1.Hacking is an example of unauthorized access. T F 2.A Trojan horse is a type of malware that masquerades as another type of program. T F 3.A.

Week 10-11c Attacks and Malware III. Remote Control Facility distinguishes a bot from a worm distinguishes a bot from a worm worm propagates itself and.

Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.

VENKAT DEEP RAJAN SUMALATHA REDDY KARTHIK INJARAPU CPSC 620 CLEMSON UNIVERSITY.

Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.

Module 11: Designing Security for Network Perimeters.

321 Phishing Vishing SMiShing Social Engineering Techniques.

Security Distributed Systems Lecture # 14. Why care about security? Authentication Use another person’s ID for sending Non-repudiation E-commerce.

Internet Security. 2 Computers on the Internet are almost constantly bombarded with viruses, other malware and other threats.

LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.

E-commerce Security By John Doran. What is e-commerce?  the buying and selling of products or services over the internet [3].  Most e-commerce transactions.

Be Safe Online. Agree, Disagree, Maybe if…  Worksheet Activity  Discussion.

Phishing & Pharming Methods and Safeguards Baber Aslam and Lei Wu.

WHAT IS IDENTITY THEFT?  Identity thieves take your personal information and use it to harm you in various ways, including these:  User names, passwords,

Spoofing The False Digital Identity. What is Spoofing?  Spoofing is the action of making something look like something that it is not in order to gain.

SAP – our anti-hacking software. Banking customers can do most transactions, payments and transfer online, through very secure encrypted connections.

Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.

Internet Security TEAMS March 18 th, ISP:Internet Service Provider.

FRAUD EXAMINATION ALBRECHT, ALBRECHT, & ALBRECHT Fraud in E-Commerce Chapter 17.

Securing Information Systems

An Introduction to Phishing and Viruses

how to prevent them from being successful

Learn how to protect yourself against common attacks

INFORMATION SECURITY The protection of information from accidental or intentional misuse of a persons inside or outside an organization Comp 212 – Computer.

Phishing is a form of social engineering that attempts to steal sensitive information.

Securing Information Systems

Malware, Phishing and Network Policies

ONLINE SECURITY, ETHICS AND ETIQUETTES EMPOWERMENT TECHNOLOGY.

Presentation transcript:

INTRODUCTION Coined in 1996 by computer hackers. Hackers use to fish the internet hoping to hook users into supplying them the logins, passwords and/or credit card information. In a typical phishing attack a user will receive an message impersonated to be sent by a financial institution. 1%-20% users respond to such attacks.

PHISHING ATTACKS Phishing attacks are combined with malicious code attacks such as Mimail, Bank Withdrawal Trojan, Mydoom.m worm etc In such blended attacks these virus/worms carry the payloads which harness addresses from the internet and affected systems and further launch phishing attacks.

PHISHING EXAMPLES Example 1.

Example 2.

PHISHING TRENDS APWG is an industry association focused on eliminating the identity theft and fraud that result from phishing and spoofing. This group provides forums to discuss phishing issues, trials and evaluations of potential technology solutions. Publish Phishing Attack Trends Report

TECHNOLOGICAL SOLUTIONS Ultimate solution is training the end users not to reveal any sensitive information. Basic approach for an effective anti-phishing effort includes detection, prevention and awareness. Counter measures are in the form of technological solutions, policy guidelines and user awareness.

Anti-phishing solution includes: a. Detection: scanning, flitering and alerting b. Mail server authentication c. Secure web-authentication d. Digitally signed e. Mail gateway filtering f. Desktop filtering

Secure web-authentication

Digitally signed

Other counter-measures are: a. Changes in policy of financial institutions b. User awareness c. Anti-phishing techniques

CONCLUSION The phishing attacks are major threat to e-commerce and e- banking applications. The scammers are making huge losses by stealing financial data from the users. There is need for adoption of counter-measure steps by the financial institutions and individual customers for fighting phishing attacks. Digital signature usage should be promoted for secure mail transactions.