Presentation is loading. Please wait.

Presentation is loading. Please wait.

Phishing, what you should know L kout Initiative Office of Information Technology.

Published byTianna Doggett Modified over 10 years ago

Similar presentations

Presentation on theme: "Phishing, what you should know L kout Initiative Office of Information Technology."— Presentation transcript:

1 Phishing, what you should know L kout Initiative Office of Information Technology

2 2 Important Note The information published hereafter is just a collection of selected IT industry best practices and tips that might assist you in improving the security levels against computer related threats while exercising your computing activities. The information published hereafter is not meant in any way to provide a comprehensive solution nor to ensure full protection against computer related threats.

3 3 Office of Information Technology >Phishing is a form of social engineering that is executed via electronic means and can lead to identity theft and fraud. What is Phishing?

4 4 Office of Information Technology Social Engineering >A social engineer is a polite cracker!! >A social engineer is a person who will deceive or con others into divulging information that they wouldnt normally share (credit card numbers, bank account information, passwords…etc.). >He/she will build inappropriate trust relationship with insiders.

5 5 Office of Information Technology Social Engineering >He/she may seem: Unassuming and respectable Possibly claiming to be a new employee, repair person, or researcher and even offering credentials to support that identity. >Social Engineers use these techniques: Appeal to vanity Appeal to authority Appeal to old-fashioned eavesdropping

6 6 Office of Information Technology Social Engineering >Human Based: In Person. Third-party authorization: The social engineer obtains the name of someone who has the authority to grant access to information. Impersonation: A social engineer might impersonate any character and use certain privileges.

7 7 Office of Information Technology Social Engineering >Electronic Based: Targeted e-mail messages Spam, chain letters and hoaxes E-mail attachments Pop windows Spoofed Websites Instant Messaging and Chat rooms Cell phone text messages (SMS) (details in slides ahead)

8 8 Office of Information Technology Phishing: Real Life Example 1 - AUB

9 9 Office of Information Technology Phishing: Real Life Example 1 - AUB

10 10 Office of Information Technology Phishing: Real Life Example 2 - AUB

11 11 Office of Information Technology Phishing: Real Life Example 2 - AUB

12 12 Office of Information Technology Phishing: Real Life Example 3 - Common Tricks Same old story, but a different version

13 13 Office of Information Technology Phishing: Real Life Example 4 - Silly Reasoning Yeah, right

14 14 Office of Information Technology Phishing: Real Life Example 5 - Fake Sites This one is Easy! This is not eBay site but a fake One.

15 15 Office of Information Technology Phishing: Real Life Example 6 - Tricky URLs

16 16 Office of Information Technology Phishing: Real Life Example 6 - Tricky URLs

17 17 Office of Information Technology Phishing: Real Life Example 7 - Spyware

18 18 Office of Information Technology How to Avoid Becoming a Phishing Victim? IMPORTANT NOTICE - EMAIL ALERT Rule 1: NEVER provide your PASSWORD to anyone Rule 2: AUB staff will NEVER request your PASSWORD via email You may have read or heard of fraudulent e-mails that encourage recipients to provide their personal details such as user names and passwords. At AUB, we will never request your password via e- mail. If you receive such an e-mail request, please delete it immediately.

19 19 Office of Information Technology Phishers emails are typically NOT personalized, while valid messages from your bank or e-commerce company generally are. Phishers typically include upsetting (usually a threat ) information to get people to react immediately (i.e., claiming they will shut off your account). How to Avoid Becoming a Phishing Victim? Is it that urgent?

20 20 Office of Information Technology Phishers typically include exciting (but false) statements in their e-mails or pop ups to entice people to access their web sites, i.e. claiming that you have won a prize, lottery or inherited wealth. Never respond to requests for personal or confidential information via email. When in doubt: Call the institution that claims to have sent you the email. Login to their web site by typing their address at the browser address bar. How to Avoid Becoming a Phishing Victim? Does this sound too good to be true? Who is this person?

21 21 Office of Information Technology If you suspect the message might not be authentic, don't use the links within the email to get to a web page, the web page can be spoofed. Never fill out forms in email messages that ask for confidential information, you should only communicate confidential information via a secure website. How to Avoid Becoming a Phishing Victim?

22 22 Office of Information Technology How to Avoid Becoming a Phishing Victim? Always ensure that you're using a secure website when submitting credit card or other sensitive information via your web browser. Check the beginning of the Web address in your browsers address bar - it should be https:// rather than just http:// Look for the locked padlock icon on your browser (IE; Netscape/Mozilla)

23 23 Office of Information Technology How to Avoid Becoming a Phishing Victim? Never continue to a secure web site that has a problem with its security certificate. Internet browsers do present the user with an error message (example: IE7 message below).

24 24 Office of Information Technology Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate and if anything is suspicious, contact your bank and all card issuers Ensure that your browser and OS software is up-to-date and that security patches are applied (Example: MS Outlook signatures of spam e-mails) Ensure antivirus and anti-spyware software is installed and current. How to Avoid Becoming a Phishing Victim?

25 25 Office of Information Technology Ensure that your browser phishing filter is turned ON. Example: IE7 phishing filter controls. How to Avoid Becoming a Phishing Victim?

26 26 Office of Information Technology What to do if you Suspect a Phishing e-mail? 1. Stop, never reply, or use any of the URL links embedded in the body, or open attachments, or fill in online forms embedded in the e-mail body. 2. Report to IT : spam@aub.edu.lbspam@aub.edu.lb

27 27 Office of Information Technology What to do if you Think you were a Victim? 1.If you believe you might have revealed sensitive AUB information or might have revealed information that could be used for identity theft or fraud, contact auditor@aub.edu.lb. auditor@aub.edu.lb

28 28 Office of Information Technology Test your Phishing IQ Check this Website: http://survey.mailfrontier.com/survey/quiztest.html

29 29 Office of Information Technology Acknowledgements >Office of Information Technology team >Work-Study students: Marwa Abdul Baki Donna Bazzi >Comic strips are reproduced with permission. Please visit www.securityCartoon.com for more material. www.securityCartoon.com >www.CartoonStock.comwww.CartoonStock.com

Download ppt "Phishing, what you should know L kout Initiative Office of Information Technology."

Similar presentations

CSWA Provider: Program and Tech Review

CSWA Provider: Program and Tech Review
1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.

1. XP 2 * The Web is a collection of files that reside on computers, called Web servers. * Web servers are connected to each other through the Internet.
1 Web Based Email A Module of the CYC Course – Internet Basics 8-26-10.

1 Web Based A Module of the CYC Course – Internet Basics
Setting up a Gmail Account & Safety

Setting up a Gmail Account & Safety
1 SLIDE Insurance Company Regulation Division Insurance Market Regulation Division Medical Professional Liability Insurance Claim Reports Online Claim.

1 SLIDE Insurance Company Regulation Division Insurance Market Regulation Division Medical Professional Liability Insurance Claim Reports Online Claim.
Phishing, what you should know L kout Initiative.

Phishing, what you should know L kout Initiative.
Review Ch. 3 – Connecting to the Worlds Information © 2010, 2006 South-Western, Cengage Learning.

Review Ch. 3 – Connecting to the Worlds Information © 2010, 2006 South-Western, Cengage Learning.
Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.

Cyber Stalking Cyber Stalking Phishing Hacker 1. Never reveal your home address !!! This rule is especially important for women who are business professionals.
You are responsible for security of your internet banking transactions ONLINE.

You are responsible for security of your internet banking transactions ONLINE.
Cyber Safety Assessment Review

Cyber Safety Assessment Review
Account HIGHJACKING & IDENTITY THEFT GPCE Credit Union has prepared a slide show presentation to examine the most prevalent financial crimes at work today.

Account HIGHJACKING & IDENTITY THEFT GPCE Credit Union has prepared a slide show presentation to examine the most prevalent financial crimes at work today.
COM Orientation The template can be used to create presentations for community, civic, advocacy and government relations groups. It is also appropriate.

COM Orientation The template can be used to create presentations for community, civic, advocacy and government relations groups. It is also appropriate.
PowerPoint 1: Email fraud/ phishing Lesson 2-2. WHAT IS PHISHING?

PowerPoint 1: fraud/ phishing Lesson 2-2. WHAT IS PHISHING?
1 And Tips to Avoid Becoming a Victim Recent Cyber Crime Cases.

1 And Tips to Avoid Becoming a Victim Recent Cyber Crime Cases.
XP New Perspectives on Browser and E-mail Basics Tutorial 1 1 Browser and E-mail Basics Tutorial 1.

XP New Perspectives on Browser and Basics Tutorial 1 1 Browser and Basics Tutorial 1.
What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via

What is Bad ? Spam, Phishing, Scam, Hoax and Malware distributed via
Kelly Corning Julie Sharp.  Human-based techniques: impersonation  Computer-based techniques: malware and scams.

Kelly Corning Julie Sharp.  Human-based techniques: impersonation  Computer-based techniques: malware and scams.
Keeping Your Identity Your Own Amy Ginther, Project NEThics Coordinator OIT Town Meeting August 24, 2005.

Keeping Your Identity Your Own Amy Ginther, Project NEThics Coordinator OIT Town Meeting August 24, 2005.
COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.

COMPUTER BASICS METC 106. The Internet Global group of interconnected networks Originated in 1969 – Department of Defense ARPANet Only text, no graphics.
1 Identity Theft and Phishing: What You Need to Know.

1 Identity Theft and Phishing: What You Need to Know.

Similar presentations

Ads by Google