Presentation is loading. Please wait.

Presentation is loading. Please wait.

By The Blank Mind Group Dana Fellows Jason Kohut Rick Barton Darrell Fraser Kuo-Luen Chang Darrell Fraser Kuo-Luen Chang.

Published byHope Blair Modified over 9 years ago

Similar presentations

Presentation on theme: "By The Blank Mind Group Dana Fellows Jason Kohut Rick Barton Darrell Fraser Kuo-Luen Chang Darrell Fraser Kuo-Luen Chang."— Presentation transcript:

1 By The Blank Mind Group Dana Fellows Jason Kohut Rick Barton Darrell Fraser Kuo-Luen Chang Darrell Fraser Kuo-Luen Chang

2  Definition  History  Problematic Behaviors  Laws  Compliance Guidelines  Penalties  Current Management Application  Client Based Anti-Phishing Programs

3  According to Merriam-Webster, “phishing” is “a scam by which an email user is duped into revealing personal or confidential information which the scammer can use illicitly.”  Wikipedia states “in the field of computer security phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in electronic communication.”

4 Spear Phishing Whale Phishing When phishers personalize their attacks to their intended targets to increase the probability of success. A sneaky attempt by scammers to hijack the personal computers of top-ranking business executives.

5  Phishing has existed in different forms for years Mail scamsTelephone scamsHas evolved along with technologyNow used electronically

6 Gullible consumers easily duped Mass emailing capability increases probability of hooking victims Phishing is a Global problem and therefore difficult to regulate or prosecute United States is the World Leader in Phishing sites. See Jason Kohut’s BlogBlog

7  Federal Level ◦ CAN-SPAM (Controlling the Assault of Non-Solicited Pornography And Marketing) Act of 2003  Signed into law by George W. Bush  Sets standards for sending commercial email  It is a misdemeanor to send spam with falsified header information!

8  Anti-Phishing Act of 2004(never got past committee)  Introduced by Senator Patrick Leahy  Anti-Phishing Act of 2005(never enacted)  This law, had it passed, would have placed large fines and lengthy prison sentences for “fake websites and bogus websites” developed for the purpose of defrauding individuals  First law to differentiate and target “phishing” specifically

9  No State/Local Laws in Missouri ◦ Other states have enacted laws within their borders.  Federal Laws Control Phishing because it’s Interstate Fraud  Phishing has not yet been addressed by the lawmakers of Missouri

10  Commercial email allowed as long as it conforms to three types of compliances: Compliance #1-Unsubscribe A method to unsubscribe from future emails must be provided Compliance #2 – Content: Relevant Subject Lines Accurate “From” lines Legitimate Physical address of the publisher/advertiser Content is exempt if it consists of national security messages, political messages, or religious messages

11  Social Networking Websites ◦ Due to their popularity, social networking websites have become popular phishing holes.  Criminals pretending to be the IRS to attain sensitive information from U.S. taxpayers. ◦ IRS Video Warning About Phishing IRS Video Warning About Phishing

12 After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $63.80. Please submit the tax refund request and allow us 6-9 days in order to process it. A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline. To access the form for your tax refund, please click here Regards, Internal Revenue Service

13  Compliance #3 – Sending Behavior Message cannot be sent through an open relay Message cannot be sent to a harvested email address Message cannot contain a false header

14  Jeffrey Brett Goodin  First person prosecuted under CAN-SPAM Act  Conned AOL customers by sending emails that appeared to be from AOL’s billing department, which required users to reveal their personal and credit card information  Sentenced in 2007 to 70 months  Ordered to pay over 1 million dollars to his victims.

15  Management needs to inform employees about the potential threats of phishing and the signs to look for. ◦ Don’t give out company login information to suspicious emails. ◦ Never login through an email from a business partner if asked. Go to their corporate website and login how you normally would.

16  Update internet browsers to the latest versions. ◦ Make sure your browser has the SSL (Secure Socket Layer) certificate selected.  Computer Security Programs ◦ Avira Premium Security Suite ◦ McAfee SiteAdvisor ◦ ESET Smart Security ◦ Phishtank (SiteChecker)  Windows Mail  eBay Toolbar

17  Definition  History  Problematic Behaviors  Laws  Compliance Guidelines  Penalties  Current Management Application  Client Based Anti-Phishing Programs

Download ppt "By The Blank Mind Group Dana Fellows Jason Kohut Rick Barton Darrell Fraser Kuo-Luen Chang Darrell Fraser Kuo-Luen Chang."

Similar presentations

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
How to protect yourself, your computer, and others on the internet

How to protect yourself, your computer, and others on the internet
Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.

Internet Safety Gleneagles Computer Club February 16, 2015 by Deborah Benson.
Phishing Tales: Honestly, the problem is ‘this big’ Peter Black, Queensland University of Technology

Phishing Tales: Honestly, the problem is ‘this big’ Peter Black, Queensland University of Technology
Protect Yourself Against Phishing. The good news: The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million.

Protect Yourself Against Phishing. The good news: The number of US adult victims of identity fraud decreased from 9.3 million in 2005, to 8.4 million.
How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.

How It Applies In A Virtual World. Phishing Definition: n. To request confidential information over the Internet under false pretenses in order to fraudulently.
What is identity theft, and how can you protect yourself from it?

What is identity theft, and how can you protect yourself from it?
1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.

1 Identity Theft: What You Need to Know. 2 Identity Theft Identity theft is a crime of stealing key pieces of someone’s identifying information, such.
Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.

Phishing and Pharming New Identity Theft Threats Presentation by Jason Guthrie.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.

Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
Jason Rich CIS - 158 1.  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.

Jason Rich CIS  The purpose of this project is to inform the audience about the act of phishing. Phishing is when fake websites are created.
PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques.

PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques.
Phishing (pronounced “fishing”) is the process of sending e-mail messages to lure Internet users into revealing personal information such as credit card.

Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Internet Phishing Not the kind of Fishing you are used to.

Internet Phishing Not the kind of Fishing you are used to.
Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.

Malicious Attacks By Chris Berg-Jones, Ethan Ungchusri, and Angela Wang.
Phishing – Read Behind The Lines Veljko Pejović

Phishing – Read Behind The Lines Veljko Pejović
Phishing, Pharming, and Spam Margaret StewartTuesday, Oct. 21, 2006.

Phishing, Pharming, and Spam Margaret StewartTuesday, Oct. 21, 2006.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 

BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

Similar presentations

Ads by Google