Presented by:Fakhruddin Mustaffa

1

What is “Phishing”??? » Technique for acquiring your personal information and subsequently

committing fraud in your name. » Include stealing your identity or emptying your checking and

savings accounts. » A form of cyber-crime that's growing faster than the ability of the

police or courts to deal with it. » Simply a play on the word "fishing" — scammers drop email lures into

the sea of Internet users, hoping to hook your personal information. » More dangerous variation called “spear phishing” » More insidious than regular phishing. » Assume that your sensitive information has been captured or is at risk. » Until you’ve installed and run an anti-spyware program, do not log in

to any of your financial accounts. » Crimeware will record your password and account information and

transmit it to the crooks, who then sell it to the highest bidder. 2

How does it occur??? » Conducted by email. » Receive an authentic-looking email message that

appears to come from a legitimate business. » Ask you to divulge or verify personal data such as an

account number, password, credit card number or Social Security number.

» Possible for you to be phished by mail, telephone or even in person.

» Through the use of Instant Messaging (IM), which can also be used for identity theft as well as spreading viruses and spyware.

3

Who perpetrates it??? » Phishers are scam artists. » Send millions of emails, realizing that even few recipients

give them identifying information. » Purchase software specifically designed to help set up and

manage a phishing scam site.

Who is affected by phishing? » Popular targets are users of online banking services and

auction sites. » Email address has been made public anywhere on the

Internet then you are more susceptible to phishing. » Scammers can use spidering or Web-crawling programs to

search the Internet and collect millions of email addresses.

4

5

• Be on guard

• Don't fill out a form on a Web site unless you know it is secure.

• Regularly check your bank, credit and debit card statements (paper and online).

• Ensure that your browser is up to date.

• Install and maintain antivirus and anti-spyware software

• Consider installing a phish-blocking toolbar on your Web browser.

• Stay informed.

6

7

*Phishing attacks usually target: - Bank information – such as VISA and PayPal accounts. - Username and password information. - Social Security numbers. - Mother maiden’s name can be used to retrieve forgotten

or lost credentials. *The above information allows scammers to: - Make fraudulent charges on your credit or debit card. - Make use of your credentials on different online services

to commit crime without being caught.

8

9

• Disturbing signs of evolving.• Attacks becoming savvier & attackers beginning to

share code and techniques with virus writers called crackers.

• Slow down unless service providers adequately address consumer security concerns in the form of strong authentication.

• Time to educate their users on how to spot a phishing attack.

• Email requests for passwords, credit card numbers, and other private data are never legitimate.

10

11

Date of searching the information on the internet; -15 FEBRUARY 2013 Web;http://www.ncsu.edu/it/essentials/antivirus_security/phishing/

intro.htmlhttp://www.ncsu.edu/it/essentials/antivirus_security/phishing/

recognize.htmlhttp://www.ncsu.edu/it/essentials/antivirus_security/phishing/

receive.htmlhttp://www.ncsu.edu/it/essentials/antivirus_security/phishing/

avoid.htmlhttp://www.ncsu.edu/it/essentials/antivirus_security/phishing/

whatdo.html

12