Presentation is loading. Please wait.

Presentation is loading. Please wait.

Spear Phishing Awareness

Published byAlvin Chapman Modified over 5 years ago

Similar presentations

Presentation on theme: "Spear Phishing Awareness"— Presentation transcript:

1 Spear Phishing Awareness
DCSS Spring 2019 Marc DeBonis V1.0

2 Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. Typically carried out by  spoofing or instant messaging, it often directs users to enter personal information at a fake website, the look and feel of which are identical to the legitimate site. Phishing is an example of social engineering techniques being used to deceive users. Users are often lured by communications purporting to be from trusted parties such as social web sites, auction sites, banks, online payment processors or IT administrators. Attempts to deal with phishing incidents include legislation, user training, public awareness, and technical security measures — because phishing attacks also often exploit weaknesses in current web security. Phishing attempts directed at specific individuals or companies have been termed spear phishing. In contrast to bulk phishing, spear phishing attackers often gather and use personal information about their target to increase their probability of success. The term whaling has been coined for spear phishing attacks directed specifically at senior executives and other high-profile targets. In these cases, the content will be crafted to target an upper manager and the person's role in the company. The content of a whaling attack may be an executive issue such as a subpoena or customer complaint. Obligatory Wikipedia Presentation time limit is 10 minutes.

3 Public awareness/ User Training
Tech support posting 2/8 Microsoft Users Group 2/14 Phishing Mitigation Poster plans User Training Spot the phish training (Google specific-ish) ITSO sponsored "Securing the Human" Securing the Human Signup/Seat Request Updated KB article KB "How to protect yourself from phishing attacks" Presentation time limit is 10 minutes.

4 Technical security measures (1 of 3)
Report Message Add-In The Report Message add-in for Outlook and Outlook on the web enables people to easily report misclassified , whether safe or malicious, to Microsoft and our administrators. Microsoft uses these submissions to improve the effectiveness of protection technologies. This is already enabled in OWA! You can enable individually in Outlook 2016! We will be enabling it for all customers in the VT O365 tenant (Q1 2019) Presentation time limit is 10 minutes. OWA Gmail Outlook 2016

5 Technical security measures (2 of 3)
Microsoft Advanced Threat Protection (ATP) Microsoft provides a service to help protect organizations from malicious attacks. scans attachments for malware (remote detonation) scans URLs in s and Office docs (URL re-write) checks messages for spoofing (domain) detects when someone attempts to impersonate your users and your organization’s custom domains (VIP targeting) Events and Planned Action Items Critical Needs Request (CNR) for university wide ATP (faculty, staff, and students) Microsoft Campus Update on 3/20 – ATP Demo Presentation time limit is 10 minutes.

6 Technical security measures (3 of 3)
Google Enhanced Spam and Malware Protection Already enabled Attachment scanning Links and External Image scanning Enhanced Pre-Delivery Message scanning Spoofing and authentication scanning Planning to enable Protect against address not in directory This require we re-enable general Google directory visibility.   Current HB1 legislation seems to be complicating this for students. Protect against message pretending to be from your domain We have many 3rd party senders of that are not in our official SPF\DKIM records.  We need to get them onboard and in a sub- domain or else they will be flagged. Caveat:  Most of these warnings are web UI based and require that you use the Gmail web interface! Presentation time limit is 10 minutes.

7 Q&A (if time allows) Questions, concerns, comments, criticisms, kudos?
Presentation time limit is 10 minutes.

8 Spear Phishing Awareness
DCSS Spring 2019 Marc DeBonis V1.0

Download ppt "Spear Phishing Awareness"

Similar presentations

Phishing Scams use spoofed emails and websites as lures to prompt people to voluntarily hand over sensitive information Phishing emails may contain.

Phishing Scams use spoofed s and websites as lures to prompt people to voluntarily hand over sensitive information Phishing s may contain.
Protect Yourself Against Phishing. The good news: The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million.

Protect Yourself Against Phishing. The good news: The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million.
Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing emails are designed.

Hacker’s tricks for online users to reveal their sensitive information such as credit card, bank account, and social security. Phishing s are designed.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.

Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services

Cyber Security - Threats James Clement Network Specialist ETS: Communications & Network Services
Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.

Norman SecureTide Powerful cloud solution to stop spam and threats before it reaches your network.
SHASHANK MASHETTY Email security. Introduction Electronic mail most commonly referred to as email or e- mail. Electronic mail is one of the most commonly.

SHASHANK MASHETTY security. Introduction Electronic mail most commonly referred to as or e- mail. Electronic mail is one of the most commonly.
Information Security Phishing Update CTC

Information Security Phishing Update CTC
PHISHING AND SPAM EMAIL INTRODUCTION There’s a good chance that in the past week you have received at least one email that pretends to be from your bank,

PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.

Your Trusted Partner In All Things IT. 20 Years of IT Experience University Automotive Food Service Banking Insurance Legal Medical Dental Software Development.
PHISHING FINANCIAL THREATS ON THE INTERNET -Alisha Esshaki 8a.

PHISHING FINANCIAL THREATS ON THE INTERNET -Alisha Esshaki 8a.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.

Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.

Web Spoofing Steve Newell Mike Falcon Computer Security CIS 4360.
What is Phishing?.  Phishing attempts are attempts to get valuable personal information from people via the internet.  Attempts usually come in the.

What is Phishing?.  Phishing attempts are attempts to get valuable personal information from people via the internet.  Attempts usually come in the.
Chapter 7 Phishing, Pharming, and Spam. Phishing Phishing is a criminal activity using computer security techniques. Phishers try to acquire information.

Chapter 7 Phishing, Pharming, and Spam. Phishing Phishing is a criminal activity using computer security techniques. Phishers try to acquire information.
CCT355H5 F Presentation: Phishing November 22. 2012 Jennifer Li.

CCT355H5 F Presentation: Phishing November Jennifer Li.
About Phishing Phishing is a criminal activity using social engineering techniques.criminalsocial engineering Phishers attempt to fraudulently acquire.

About Phishing Phishing is a criminal activity using social engineering techniques.criminalsocial engineering Phishers attempt to fraudulently acquire.

Similar presentations

Ads by Google