PowerPoint Presentation

Arc PresentationPresents

Topic: - PhishingComputer Science SeminarPresented By:- Archit

1- Introduction2- Phishing Techniques3- Phishing Examples4- Types of Phishing5- Causes of Phishing6- Anti Phishing7- Effects of Phishing8- Defend against Phishing 9- Attacks10- ConclusionContents

Phishing is the act of attempting to acquire information such as username, password and credit card details as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites ,auction sites, online payment process or IT administrators are commonly used to lure the unsuspecting public .Phishing emails may contain links to websites that are infected with malware. Introduction

1- LINK MANIPULATION 2- FILTER EVASION 3- WEBSITE FORGERY 4- PHONE PHISHINGDeceptive - Sending a deceptive email, in bulk, with a call to action that demands the recipient click on a link.Malware-Based - Running malicious software on the users machine. Various forms of malware-based phishing are:Key Loggers & Screen LoggersSession HijackersWeb TrojansData TheftPhishing TechniquesTypes Of Phishing

DNS-Based - Phishing that interferes with the integrity of the lookup process for a domain name. Forms of DNS-based phishing are:Hosts file poisoningPolluting users DNS cacheProxy server compromiseMan-in-the-Middle Phishing - Phisher positions himself between the user and the legitimate site.Content-Injection Inserting malicious content into legitimate site.Three primary types of content-injection phishing:

Hackers can compromise a server through a security vulnerability and replace or augment the legitimate content with malicious content. Malicious content can be inserted into a site through a cross-site scripting vulnerability. Malicious actions can be performed on a site through a SQL injection vulnerability.

Examples Of Phishing

1- Misleading e-mails2- No check of source address3- Vulnerability in browsers4- No strong authentication at websites of banks and financial institutions5- Limited use of digital signatures6- Non-availability of secure desktop tools7- Lack of user awareness8- Vulnerability in applicationsCauses Of Phishing

1- Internet fraud 2- Identity theft3- Financial loss to the original institutions4- Difficulties in Law Enforcement Investigations5- Erosion of Public Trust in the Internet.

Effects Of Phishing

A. Social responsesB. Technical approaches1. Helping to identify legitimate websites.2. Browsers alerting users to fraudulent websites.3. Eliminating Phishing mail.4. Monitoring and takedown.C. Legal approaches

Anti-Phishing

How typical internet user identify phishing

Top 10 Countries Hosting Phishing Sites

1- Preventing a phishing attack before it begins2- Detecting a phishing attack3- Preventing the delivery of phishing messages 4- Preventing deception in phishing messages and sites5- Counter measures6- Interfering with the use of compromised information

Defend against Phishing Attacks

1- DONT CLICK THE LINKType the site name in your browser (such as www.paypal.com)2- Never send sensitive account information by e-mailAccount numbers, SSN, passwords3- Never give any password out to anyone4- Verify any person who contacts you (phone or email). If someone calls you on a sensitive topic, thank them, hang up and call them back using a number that you know is correct, like from your credit card or statement. How To Avoid Phishing

No single technology will completely stop phishing. However, a combination of good organization and practice, proper application of current technologies, and improvements in security technology has the potential to drastically reduce the prevalence of phishing and the losses suffered from it. Conclusion

Audiomachine - A Feast for Crows - YouTube (480p)WinX HD Video Converter Deluxenull252856.05