Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation,

Slides:



Advertisements
Similar presentations
Phishing Scams How to Spot A Phising Scam? Kim Settle and Tara Moody CIS 2010 July 11, 2005.
Advertisements

Phishing Scams use spoofed s and websites as lures to prompt people to voluntarily hand over sensitive information Phishing s may contain.
Victoria ISD Common Sense Media Grade 6: Scams and schemes
ICT & Crime Data theft, phishing & pharming. Data loss/theft Data is often the most valuable commodity any business has. The cost of creating data again.
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
What is identity theft, and how can you protect yourself from it?
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation,
CSCD 303 Essential Computer Security Winter 2014 Lecture 3 - Social Engineering1 Phishing Reading: See links at end of lecture.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
1 What is Phishing? …listening to music by the band called Phish or perhaps …a hobby, sport or recreation involving the ocean, rivers or streams…nope.
A few simple steps, hints and tips to figure out if it is indeed fake. - By Emily Breuss.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
DO YOU LOVE FISHING “PHISHING” ? OR Global Wealth Management Group MORGAN STANLEY & SMITH BARNEY A term used to describe fraudulent attempts to steal.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Internet Phishing Not the kind of Fishing you are used to.
Hey check out this cool PHISHING presentation! Benjamin Ross Lyerly.
1 Phishing the Open Net Lure 101 Zane Brys, Nicholas Bingell,and Omar Heniene.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
How It Applies In A Virtual World
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Safe Internet Use Mark Wheatley CSI Onsite
Scams & Schemes Common Sense Media.
IT security By Tilly Gerlack.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
Presented by : Phishing Identity Theft Supervised by : Mr M. ABDELLAOUI Afaf DAHMANI Amal ATMANI Imane ALLAL.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
CCT355H5 F Presentation: Phishing November Jennifer Li.
Survey Scams Sam Roberts. What is a Survey Scam?  A scam where someone asks you to fill out a survey answering personal question, business questions,
Phishing Internet scams. Phishing phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and.
BY : MUHAMMAD KHUZAIMI B. ISHAK 4 ADIL PUAN MAZITA INFORMATION AND COMMUNICATION OF TECHNOLOGY.
How Phishing Works Prof. Vipul Chudasama.
Don’t Be “Phooled” By Phishing Federal Trade Commission National Consumers League Microsoft Corporation March 31, 2005.
SCAMS & SCHEMES PROTECTING YOUR IDENTITY. SCAMS WHAT IS A SCAM? ATTEMPT TO TRICK SOMEONE, USUALLY WITH THE INTENTION OF STEALING MONEY OR PRIVATE INFORMATION.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
A Matter of Your Personal Security Phishing. Beware of Phishing s Several employees received an that looked legitimate, as if it was being.
Inappropriate Content Hackers Phishers Scammers Child Abusers Bullies.
What Does It Mean To You? Internet Security. 1.Use you to spread their worms and viruses. 2.Install spyware programs on your computer so they can monitor.
Scams and Schemes Essential Question: What is identity theft, and how can you protect yourself from it?
A Matter of Your Personal Security Phishing Revised 11/30/15.
Activity 4 Catching Phish. Fishing If I went fishing what would I be doing? On the Internet fishing (phishing) is similar!
Basics What is ? is short for electronic mail. is a method for sending messages electronically from one computer.
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Dr. Harold Cothern, Educause/SonicWall, Hendra Harianto Tuty, Microsoft.
Managing Money Workshop The National Autistic Society AGM
Catching Phish. If I went fishing what would I be doing? On the Internet fishing (phishing) is similar! On the internet people might want to get your.
Yes, it’s the holidays... A time of joy, a time of good cheer, a time of celebration... From the Office of the Chief Human Capital Officer (CHCO ) Privacy.
Fall Phishing - attempt to acquire sensitive information, like bank account information or an account password, by posing as a legitimate entity.
Fraud Protection.
Scams & Schemes Common Sense Media.
Fraud protection.
Learn how to protect yourself against common attacks
Digital Citizenship Middle School
Don’t get phished!, recognize the bait
ISYM 540 Current Topics in Information System Management
Phishing, what you should know
What to be aware of and how to avoid problems.
Phishing is a form of social engineering that attempts to steal sensitive information.
Protect Your Computer Against Harmful Attacks!
Information Security Session October 24, 2005
CSCD 303 Essential Computer Security Fall 2017
Phishing.
Social Engineering Humans are often the weakest point in security
What is Phishing? Pronounced “Fishing”
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation, some images from Anti- Phishing Workgroup’s Phishing Archive,Carnegie Mellon CyLab Dr. Harold L. “Bud” Cothern

Recognize Phishing Scams and Fraudulent s Phishing is a type of deception designed to steal your valuable personal data, such as credit card numbers, passwords, account data, or other information. Con artists might send millions of fraudulent messages that appear to come from Web sites you trust, like your bank or credit card company, and request that you provide personal information.

Phreaking + Fishing = Phishing -Phreaking = making phone calls for free back in 70’s -Fishing = Use bait to lure the target Phishing in 1995 Target: AOL users Purpose: getting account passwords for free time Threat level: low Techniques: Similar names ( for ), socialwww.ao1.comwww.aol.com engineering Phishing in 2001 Target: Ebayers and major banks Purpose: getting credit card numbers, accounts Threat level: medium Techniques: Same in 1995, keylogger Phishing in 2007 Target: Paypal, banks, ebay Purpose: bank accounts Threat level: high Techniques: browser vulnerabilities, link obfuscation History of Phishing

2,000,000 s are sent 5% get to the end user – 100,000 5% click on the phishing link – 5,000 2% enter data into the phishing site – 100 $1,200 from each person who enters data Potential reward: $120,000 A bad day phishin’, beats a good day workin’ In 2005 David Levi made over $360,000 from 160 people using an eBay Phishing scam

What Does a Phishing Scam Look Like? As scam artists become more sophisticated, so do their phishing messages and pop-up windows. They often include official-looking logos from real organizations and other identifying information taken directly from legitimate Web sites.

Employ visual elements from target site DNS Tricks: – – –Unicode attacks JavaScript Attacks –Spoofed SSL lock Certificates –Phishers can acquire certificates for domains they own –Certificate authorities make mistakes Current Phishing Techniques

Socially aware attacks Mine social relationships from public data Phishing appears to arrive from someone known to the victim Use spoofed identity of trusted organization to gain trust Urge victims to update or validate their account Threaten to terminate the account if the victims not reply Use gift or bonus as a bait Security promises Context-aware attacks “Your bid on eBay has won!” “The books on your Amazon wish list are on sale!” Spear-Phishing: Improved Target Selection

Another Example:

But wait… WHOIS : Location: Korea, Republic Of Even bigger problem: I don’t have an account with US Bank! Images from Anti-Phishing Working Group’s Phishing Archive

Here are a few phrases to look for if you think an message is a phishing scam. "Verify your account." Businesses should not ask you to send passwords, login names, Social Security numbers, or other personal information through . If you receive an from anyone asking you to update your credit card information, do not respond: this is a phishing scam. "If you don't respond within 48 hours, your account will be closed." These messages convey a sense of urgency so that you'll respond immediately without thinking. How To Tell If An Message is Fraudulent

How To Tell If An Message is Fraudulent (cont’d) "Dear Valued Customer." Phishing messages are usually sent out in bulk and often do not contain your first or last name. "Click the link below to gain access to your account." HTML-formatted messages can contain links or forms that you can fill out just as you'd fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company's name and are usually "masked," meaning that the link you see does not take you to that address but somewhere different, usually a phony Web site. Resting the mouse pointer on the link reveals the real Web address. The string of cryptic numbers looks nothing like the company's Web address, which is a suspicious sign.

Con artists also use Uniform Resource Locators (URLs) that resemble the name of a well-known company but are slightly altered by adding, omitting, or transposing letters. For example, the URL " could appear instead as: How To Tell If An Message is Fraudulent (cont’d)

Never respond to an asking for personal information Always check the site to see if it is secure. Call the phone number if necessary Never click on the link on the . Retype the address in a new window Keep your browser updated Keep antivirus definitions updated Use a firewall P.S: Always shred your home documents before discarding them.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.