1 Phishing the Open Net Lure 101 Zane Brys, Nicholas Bingell,and Omar Heniene.

Slides:



Advertisements
Similar presentations
Phishing Scams How to Spot A Phising Scam? Kim Settle and Tara Moody CIS 2010 July 11, 2005.
Advertisements

Providing protection from potential security threats that exist for any internet-connected computer is termed e- security. It is important to be able to.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Unit 1 Living in the Digital WorldChapter 1 Lets Communicate Internet Safety.
Tips and tools to keep you and your information safe on-line. We will go over a lot of information today, so it is important to pay attention and follow.
Phishing Scams use spoofed s and websites as lures to prompt people to voluntarily hand over sensitive information Phishing s may contain.
SECURITY CHECK Protecting Your System and Yourself Source:
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Fraud, Scams and ID Theft …oh my! Deb Ramsay ESD 101 Chief Information Officer Technology Division.
What is identity theft, and how can you protect yourself from it?
8 Mistakes That Expose You to Online Fraud to Online Fraud.
1 What is Phishing? …listening to music by the band called Phish or perhaps …a hobby, sport or recreation involving the ocean, rivers or streams…nope.
Bsharah Presentation Threats to Information Security Protecting Your Personal Information from Phishing Scams.
Phishing (pronounced “fishing”) is the process of sending messages to lure Internet users into revealing personal information such as credit card.
Phishing into the Future Starr Alexander Sugato Bose Annie Chanchaisri Philip Fort David Salley Allen Walker Thomas Witnauer.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Internet Fraud By: Noelle Woodman.
Teach a man (person) to Phish Recognizing scams, spams and other personal security attacks July 17 th, 2013 High Tea at IT, Summer, 2013.
BTT12OI.  Do you know someone who has been scammed? What happened?  Been tricked into sending someone else money (not who they thought they were) 
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?
Internet safety Viruses A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your.
Viruses & Security Threats Unit 1 – Understanding Computer Systems JMW 2012.
PHISHING AND SPAM INTRODUCTION There’s a good chance that in the past week you have received at least one that pretends to be from your bank,
Cyber Crimes.
Matthew Hardaway CSCI101 Thursday 3:30pm.  Fishing (Encyclopedia Britannica): ◦ Sport of catching fish—freshwater or saltwater— typically with rod, line,
Safe Internet Use Mark Wheatley CSI Onsite
WEB SPOOFING by Miguel and Ngan. Content Web Spoofing Demo What is Web Spoofing How the attack works Different types of web spoofing How to spot a spoofed.
The Internet = A World of Opportunities Look what’s at your fingertips A way to communicate with friends, family, colleagues Access to information and.
Reliability & Desirability of Data
Scams & Schemes Common Sense Media.
IT security By Tilly Gerlack.
Adam Soph, Alexandra Smith, Landon Peterson. Phishing is a way of attempting to acquire information such as usernames, passwords, and credit card details.
People use the internet more and more these days so it is very important that we make sure everyone is safe and knows what can happen and how to prevent.
Phishing, Spoofing, Spamming and Security How To Protect Yourself Additional Credits: Educause/SonicWall, Hendra Harianto Tuty, Microsoft Corporation,
 A viruses is a program that can harm or track your computer. E.g. browser hijacker.  When a viruses accesses the computer it can accesses the HDD and.
 A computer virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. It is deliberately.
Network problems Last week, we talked about 3 disadvantages of networks. What are they?
Phishing Pharming Spam. Phishing: Definition  A method of identity theft carried out through the creation of a website that seems to represent a legitimate.
BTT12OI.  Do you know someone who has been scammed online? What happened?  Been tricked into sending someone else money (not who they thought they were)
Information Security Sharon Welna Information Security Officer.
Malware and Phishing By: Sydney Langley. MALWARE- includes viruses and spyware to steal your personal information PHISHING- is an internet scam sending.
Malware & Phishing By: mackenzie olson. Internet fraudsters send out spam, pop-ups, appealing websites, and desirable downloads.
Phishing Internet scams. Phishing phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and.
BY : MUHAMMAD KHUZAIMI B. ISHAK 4 ADIL PUAN MAZITA INFORMATION AND COMMUNICATION OF TECHNOLOGY.
SCAMS & SCHEMES PROTECTING YOUR IDENTITY. SCAMS WHAT IS A SCAM? ATTEMPT TO TRICK SOMEONE, USUALLY WITH THE INTENTION OF STEALING MONEY OR PRIVATE INFORMATION.
Copyright ©2005 CNET Networks, Inc. All rights reserved. Practice safety Learn how to protect yourself against common attacks.
Internet Safety Internet Safety LPM
Alert against Online Shopping Frauds. Online Shopping A form of electronic commerce whereby consumers directly buy goods or services from a seller over.
Module  Introduction Introduction  Techniques and tools used to commit computer crimes Techniques and tools used to commit computer crimes.
Cyber Safety Jamie Salazar.
Protecting Yourself from Fraud including Identity Theft Personal Finance.
Unit 2 Assignment 1. Spyware Spyware is a software that gathers information about a person or site and uses it without you knowing. It can send your information.
Cybersecurity Test Review Introduction to Digital Technology.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
Managing Money Workshop The National Autistic Society AGM
Zeus Virus By: Chris Foley. Overview  What is Zeus  What Zeus Did  The FBI investigation  The virus for phones  Removal and detection  Conclusion.
Computer Security Keeping you and your computer safe in the digital world.
Analysing s Michael Jones. Overview How works Types of crimes associated with Mitigations Countermeasures Michael Jones2Analsysing s.
Yes, it’s the holidays... A time of joy, a time of good cheer, a time of celebration... From the Office of the Chief Human Capital Officer (CHCO ) Privacy.
Phishing and Internet Scams. Definitions and recent statistics Why is it dangerous? Phishing techniques and identifiers Examples of phishing and scam.
Cyber security. Malicious Code Social Engineering Detect and prevent.
Important Information Provided by Information Technology Center
Done by… Hanoof Al-Khaldi Information Assurance
Identity theft vector of the electronic age
ISYM 540 Current Topics in Information System Management
Information Security and Privacy Pertaining to Phishing and Internet Scams Brian Corl COSC 316 Information Security and Privacy.
Information Security Session October 24, 2005
Protecting Yourself from Fraud including Identity Theft
Founded in 2002, Credit Abuse Resistance Education (CARE) educates high school and college students on the responsible use of credit and other fundamentals.
Presentation transcript:

1 Phishing the Open Net Lure 101 Zane Brys, Nicholas Bingell,and Omar Heniene

2 What is Phishing? The word "phishing" comes from the analogy that Internet scammers are using lures to " fish" for passwords and financial data from the sea of Internet users. The term was coined in the 1996 timeframe by hackers who were stealing America On-Line accounts by scamming passwords from unsuspecting AOL users. The first mention on the Internet of phishing is on the alt.2600 hacker newsgroup in January 1996, however the term may have been used even earlier in the printed edition of the hacker newsletter "2600". "Ph“ is a common hacker replacement for "f", and is a nod to the original form of hacking, known as " phreaking ". Phreaking was coined by the first hacker, John Draper (aka. "Captain Crunch"). John invented "hacking" by creating the infamous Blue Box, a device that he used to hack telephone systems in the early 1970s.

3 What is Phishing? phishing (FISH.ing) pp. Creating a replica of an existing Web page to fool a user into submitting personal,financial, or password data. —adj. — phisher n. Phishing = Password + Fishing Combination of Technology Social engineering

4 How does it work? “Phishers use many different tactics to lure you, including and Web sites that mimic well-known, trusted brands. A common phishing practice involves "spamming" recipients with fake messages that resemble a valid message from a well- known Web site or a company that the recipients might trust, such as a credit card company, bank, charity, or e-commerce online shopping site.“ (Laurie )

5 Step 1Gather Addresses Step 2Mass everyone on the list and make it appear as if it is coming from a legitimate organization. – Change the “From” line – Use HTML and include legitimate logos\colors –Include a link for them to click on that appears to be legit but takes them to a fake website Step 3Users click on the link and, hopefully, enter their personal information. Step 4 Profit! (Steal their money, identity and ruin their lives.) BONUSDownload malware onto the person’s PC and convert it into part of your botnet to be used to target other people. Steps to Start Phishing

6 Who are the perpetrators? A single hacker/phisher was originally the most predominate technique but today’s attacks also come from organized crime groups with global syndication. For example, there have been instances in which a phishing Web site is hosted in one country, the spam attack is launched from a second country, and the financial fraud transaction occurs in a third country for a user of another country.

7 Who are the victims? A common practice is identity theft, whereby the criminal steals your personal information, takes on your identity, and can then do the following: Apply for and get credit in your name. Empty your bank account and max out your credit cards. Transfer money from your investment or credit line accounts into your checking account, and then use a copy of your debit card to withdraw cash from your checking account at ATMs around the world.

8 What does a phishing scam look like? As scam artists become more sophisticated, so do their phishing messages and pop-up windows. They often include official-looking logos from real organizations and other identifying information taken directly from legitimate Web sites.

9 What does a phishing scam look like?

10 What does a phishing scam look like?

11 What does a phishing scam look like?

12 What does a phishing scam look like?

13 What does a phishing scam look like?

14 Prevention Tips 1. NEVER TRUST AN SENDER Did you know that you can fake the return address in an ? For the less computer literate, that's the bit of the that tells you who it's from. The sender can choose any name/supposed address they want, so never trust an just because it appears to be from a legitimate address. It is a well known fact that over 95% of phishing attacks use spoofed addresses to appear more authentic. 2. ALWAYS CHECK THE CONTENT A common technique used by scammers is to include all of the 's text as an image, and have the whole image link to a spoof website when clicked. This is a tactic to avoid scanners that can scan the text in an but not images. If you can't click and select the text as normal with the mouse, simple, it's a scam. Authentic s are never constructed like this. Also, bad spelling and grammar is also a dead giveaway, as are places that seem unable to spell their own names, e.g. ‘Alert from Ciitibnk'. Banks and the like don't send out s with mistakes as bad as these.

15 Prevention Tips 3. DON'T OPEN ATTACHMENTS OR FILL OUT FORMS Sometimes a spoof will come with an attachment. Don't open it! It may be harmless, but there is no need to take the risk. This is the most common way that viruses are spread, and as well as being a scam the may try and infect your computer with programs that steal information from you without your knowledge. 90% of computer viruses are distributed via , so don't take the risk. 4. UPDATE YOUR COMPUTER SECURITY – Get an antivirus program (and keep it updated).. – Get an spyware removal program (and keep it updated). Update your operating system regularly

16 What if You Get Phished? Don’t panic! Quickly contact the real bank or company and tell them what has happened. Close the account and open a new one. Change your passwords and details so the details you gave out are no longer valid. Start checking your free credit report.

17 Reporting Phishing Scams Always report "phishing" or “spoofed” s to the following groups: – forward the to – forward the to the Federal Trade Commission at – forward the to the "abuse" address at the company that is being spoofed (e.g. – when forwarding spoofed messages, always include the entire original with its original header information intact – notify The Internet Crime Complaint Center of the FBI by filing a complaint on their website:

18 Security Indicators “Look for the lock at the bottom of your browser and ‘https’ in front of the website address.”

19 More Security Indicators Spoofstick

20 More Security Indicators Netcraft Toolbar

21 More Security Indicators Trustbar

22 Test Your Phishing Phishing Quiz Lets go phishing!

23 Workload Distribution Zane Brys: research, rough draft ideas, editing power point, and presenting. Omar Heniene: research, rough draft ideas, power point preparation, and presenting. Nicholas Bingell: research, typing of the documents, finalizing of report, and presenting.

24 Resources Microsoft Phishing Information Website us/outlook/HA aspx money.howstuffworks.com

25 Questions/Comments?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.