Presentation is loading. Please wait.

Presentation is loading. Please wait.

Phishing, what you should know

Published byTheresa Mason Modified over 6 years ago

Similar presentations

Presentation on theme: "Phishing, what you should know"— Presentation transcript:

1 Phishing, what you should know
Office of Information Technology “Lkout” Initiative Phishing, what you should know

2 Important Note The information published hereafter is just a collection of selected IT industry best practices and tips that might assist you in improving the security levels against computer related threats while exercising your computing activities. The information published hereafter is not meant in any way to provide a comprehensive solution nor to ensure full protection against computer related threats.

3 What is Phishing? Phishing is a form of social engineering that is executed via electronic means and can lead to identity theft and fraud.

4 Social Engineering A social engineer is a polite cracker!!
A social engineer is a person who will deceive or con others into divulging information that they wouldn’t normally share (credit card numbers, bank account information, passwords…etc.). He/she will build inappropriate trust relationship with insiders.

5 Social Engineering He/she may seem: Unassuming and respectable
Possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. Social Engineers use these techniques: Appeal to vanity Appeal to authority Appeal to old-fashioned eavesdropping

6 Social Engineering Human Based: In Person.
Third-party authorization: The social engineer obtains the name of someone who has the authority to grant access to information. Impersonation: A social engineer might impersonate any character and use certain privileges.

7 Social Engineering Electronic Based: Targeted e-mail messages
Spam, chain letters and hoaxes attachments Pop windows Spoofed Websites Instant Messaging and Chat rooms Cell phone text messages (SMS) (details in slides ahead)

8 Phishing: Real Life Example 1 - AUB

9 Phishing: Real Life Example 1 - AUB

10 Phishing: Real Life Example 2 - AUB

11 Phishing: Real Life Example 2 - AUB

12 Phishing: Real Life Example 3 - Common Tricks
Same old story, but a different version

13 Phishing: Real Life Example 4 - Silly Reasoning
Yeah, right

14 Phishing: Real Life Example 5 - Fake Sites
This one is Easy! This is not eBay site but a fake One.

15 Phishing: Real Life Example 6 - Tricky URLs

16 Phishing: Real Life Example 6 - Tricky URLs

17 Phishing: Real Life Example 7 - Spyware

18 How to Avoid Becoming a Phishing Victim?
IMPORTANT NOTICE - ALERT Rule 1: NEVER provide your PASSWORD to anyone Rule 2: AUB staff will NEVER request your PASSWORD via You may have read or heard of fraudulent s that encourage recipients to provide their personal details such as user names and passwords. At AUB, we will never request your password via . If you receive such an request, please delete it immediately.

19 How to Avoid Becoming a Phishing Victim?
Phishers’ s are typically NOT personalized, while valid messages from your bank or e-commerce company generally are. Phishers typically include upsetting (usually a threat) information to get people to react immediately (i.e., claiming they will shut off your account). Is it that urgent?

20 How to Avoid Becoming a Phishing Victim?
Phishers typically include exciting (but false) statements in their s or pop ups to entice people to access their web sites, i.e. claiming that you have won a prize, lottery or inherited wealth. Never respond to requests for personal or confidential information via . When in doubt: Call the institution that claims to have sent you the . Login to their web site by typing their address at the browser address bar. Does this sound too good to be true? Who is this person?

21 How to Avoid Becoming a Phishing Victim?
If you suspect the message might not be authentic, don't use the links within the to get to a web page, the web page can be spoofed. Never fill out forms in messages that ask for confidential information, you should only communicate confidential information via a secure website.

22 How to Avoid Becoming a Phishing Victim?
Always ensure that you're using a secure website when submitting credit card or other sensitive information via your web browser. Check the beginning of the Web address in your browsers address bar - it should be ‘ rather than just ‘ Look for the locked padlock icon on your browser (IE; Netscape/Mozilla)

23 How to Avoid Becoming a Phishing Victim?
Never continue to a secure web site that has a problem with its security certificate. Internet browsers do present the user with an error message (example: IE7 message below).

24 How to Avoid Becoming a Phishing Victim?
Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate and if anything is suspicious, contact your bank and all card issuers Ensure that your browser and OS software is up-to-date and that security patches are applied (Example: MS Outlook signatures of spam s) Ensure antivirus and anti-spyware software is installed and current.

25 How to Avoid Becoming a Phishing Victim?
Ensure that your browser phishing filter is turned ON. Example: IE7 phishing filter controls.

26 What to do if you Suspect a Phishing e-mail?
Stop, never reply, or use any of the URL links embedded in the body, or open attachments, or fill in online forms embedded in the body. Report to IT:

27 What to do if you Think you were a Victim?
If you believe you might have revealed sensitive AUB information or might have revealed information that could be used for identity theft or fraud, contact

28 Test your Phishing IQ Check this Website:
See website put example

29 Acknowledgements Office of Information Technology team
Work-Study students: Marwa Abdul Baki Donna Bazzi Comic strips are reproduced with permission. Please visit for more material.

Download ppt "Phishing, what you should know"

Similar presentations

Phishing, what you should know L kout Initiative.

Phishing, what you should know L kout Initiative.
Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.
You are responsible for security of your internet banking transactions ONLINE.

You are responsible for security of your internet banking transactions ONLINE.
Phishing, what you should know L kout Initiative Office of Information Technology.

Phishing, what you should know L kout Initiative Office of Information Technology.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Keeping Your Identity Your Own Amy Ginther, Project NEThics Coordinator OIT Town Meeting August 24, 2005.

Keeping Your Identity Your Own Amy Ginther, Project NEThics Coordinator OIT Town Meeting August 24, 2005.
1 Identity Theft and Phishing: What You Need to Know.

1 Identity Theft and Phishing: What You Need to Know.
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.

1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.

Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.

Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
How It Applies In A Virtual World

How It Applies In A Virtual World
STAY SAFE ONLINE. STAY SAFE ONLINE! PLEASE MAKE SURE YOU LOGIN AT THE CORRECT BANK URL / ADDRESS 1.NEVER LOGIN VIA EMAIL LINKS 2.NEVER REVEAL YOUR PIN.

STAY SAFE ONLINE. STAY SAFE ONLINE! PLEASE MAKE SURE YOU LOGIN AT THE CORRECT BANK URL / ADDRESS 1.NEVER LOGIN VIA LINKS 2.NEVER REVEAL YOUR PIN.
Social Engineering Training. Why Social Engineering Training? The Department of Energy (DOE) authorized the Red Team to perform vulnerability assessments.

Social Engineering Training. Why Social Engineering Training? The Department of Energy (DOE) authorized the Red Team to perform vulnerability assessments.
Scholarship Scams Avoiding Scholarship Scams, Phishing & Identity Theft at All Cost.

Scholarship Scams Avoiding Scholarship Scams, Phishing & Identity Theft at All Cost.
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Day 3 Cybersafety Presented by FJUHSD Teacher Librarian.

Day 3 Cybersafety Presented by FJUHSD Teacher Librarian.

Similar presentations

Ads by Google