O365 Phishing Slides

•Als PPTX, PDF herunterladen•

0 gefällt mir•58 views

AltinetLtd

Technologie

Spear phishing emails target
specific individuals, using public
information like their name and
service providers to create a
false narrative.
The aim of these emails is to
manipulate the target into
giving away their confidential
data – usually by clicking a
malicious link or entering their
details into a form on a phony
website.
There’s only so much threat
protection services can do when
a user is tricked into complying
like this, so learning how to spot
a fake email is crucial.

1. Check Email Addresses
The display name might look authentic, but
email addresses are much harder to falsify.
With many companies purchasing their own
domain names, attackers often have to alter
the spelling slightly – in our example you can
see that the domain misses a letter O,
spelling ‘microsft’ rather than ‘microsoft’.

2. Missing Details
As already mentioned, spear phishers
will use public information on their
target to make their narrative seem
more realistic, but not everything is
available publicly.
If an email, like our example, uses no
personal information other than your
name, ask yourself, what would this
company’s emails usually include?
A username? An account number?

3. Hyperlinks
If an email from an unknown source includes
lots of pushy links or buttons be wary; they
can often harbour malicious software that
can log your keystrokes or take you to a
convincing website where they can steal
your login details.
Avoiding links altogether is the best practice,
but if it seems to be for an important page
try using a trusted search engine to find it
instead, or hover over the link before clicking
to reveal the URL.

4. Scare-tactics
Phishing attackers will typically use fear to
manipulate their targets, as opposed to other
attacks which may offer a reward or service.
The constructed narrative will usually involve a
large payment being owed or an account breach.
This specific example is a more subtle approach;
instead of scaring the target with large fines, it
uses a ‘one-time’ code with a time limit, pushing
the user to click the link quickly in fear of losing
their private message.

For more topics and training material visit the Boxphish website.

Empfohlen

Apple Ransomware SlidesAltinetLtd

Amazon Social Engineering slidesAltinetLtd

GMP Ransomware SlidesAltinetLtd

Debenhams Social Engineering SlidesAltinetLtd

CEO Fraud SlidesAltinetLtd

2024 State of Marketing Report – by HubspotMarius Sescu

Everything You Need To Know About ChatGPTExpeed Software

Product Design Trends in 2024 | Teenage EngineeringsPixeldarts

Empfohlen

Apple Ransomware SlidesAltinetLtd

Amazon Social Engineering slidesAltinetLtd

GMP Ransomware SlidesAltinetLtd

Debenhams Social Engineering SlidesAltinetLtd

CEO Fraud SlidesAltinetLtd

2024 State of Marketing Report – by HubspotMarius Sescu

Everything You Need To Know About ChatGPTExpeed Software

Product Design Trends in 2024 | Teenage EngineeringsPixeldarts

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung

IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge

Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2

🐬 The future of MySQL is Postgres 🐘RTylerCroy

Histor y of HAM Radio presentation slidevu2urc

A Domino Admins Adventures (Engage 2024)Gabriella Davis

Finology Group – Insurtech Innovation Award 2024The Digital Insurer

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93

Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge

Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun

The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los

08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls

08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls

What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco

How to convert PDF to text with Nanonetsnaman860154

2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong

CNv6 Instructor Chapter 6 Quality of Servicegiselly40

Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal

Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous

How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow

AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork

Weitere ähnliche Inhalte

Kürzlich hochgeladen

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung

IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge

Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2

🐬 The future of MySQL is Postgres 🐘RTylerCroy

Histor y of HAM Radio presentation slidevu2urc

A Domino Admins Adventures (Engage 2024)Gabriella Davis

Finology Group – Insurtech Innovation Award 2024The Digital Insurer

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93

Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge

Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun

The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los

08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls

08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls

What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco

How to convert PDF to text with Nanonetsnaman860154

2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong

CNv6 Instructor Chapter 6 Quality of Servicegiselly40

Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal

Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous

Kürzlich hochgeladen (20)

Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...

IAC 2024 - IA Fast Track to Search Focused AI Solutions

Exploring the Future Potential of AI-Enabled Smartphone Processors

🐬 The future of MySQL is Postgres 🐘

Histor y of HAM Radio presentation slide

A Domino Admins Adventures (Engage 2024)

Finology Group – Insurtech Innovation Award 2024

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

Driving Behavioral Change for Information Management through Data-Driven Gree...

Data Cloud, More than a CDP by Matt Robison

The 7 Things I Know About Cyber Security After 25 Years | April 2024

08448380779 Call Girls In Civil Lines Women Seeking Men

08448380779 Call Girls In Diplomatic Enclave Women Seeking Men

What Are The Drone Anti-jamming Systems Technology?

How to convert PDF to text with Nanonets

2024: Domino Containers - The Next Step. News from the Domino Container commu...

CNv6 Instructor Chapter 6 Quality of Service

Understanding Discord NSFW Servers A Guide for Responsible Users.pdf

Strategies for Landing an Oracle DBA Job as a Fresher

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Empfohlen

How Race, Age and Gender Shape Attitudes Towards Mental HealthThinkNow

AI Trends in Creative Operations 2024 by Artwork Flow.pdfmarketingartwork

Skeleton Culture CodeSkeleton Technologies

PEPSICO Presentation to CAGNY Conference Feb 2024Neil Kimberley

Content Methodology: A Best Practices Report (Webinar)contently

How to Prepare For a Successful Job Search for 2024Albert Qian

Social Media Marketing Trends 2024 // The Global Indie InsightsKurio // The Social Media Age(ncy)

Trends In Paid Search: Navigating The Digital Landscape In 2024Search Engine Journal

5 Public speaking tips from TED - Visualized summarySpeakerHub

ChatGPT and the Future of Work - Clark Boyd Clark Boyd

Getting into the tech field. what next Tessa Mero

Google's Just Not That Into You: Understanding Core Updates & Search IntentLily Ray

How to have difficult conversations Rajiv Jayarajah, MAppComm, ACC

Introduction to Data ScienceChristy Abraham Joy

Time Management & Productivity - Best PracticesVit Horky

The six step guide to practical project managementMindGenius

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...RachelPearson36

Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...Applitools

12 Ways to Increase Your Influence at WorkGetSmarter

ChatGPT webinar slidesAlireza Esmikhani

Empfohlen (20)

How Race, Age and Gender Shape Attitudes Towards Mental Health

AI Trends in Creative Operations 2024 by Artwork Flow.pdf

Skeleton Culture Code

PEPSICO Presentation to CAGNY Conference Feb 2024

Content Methodology: A Best Practices Report (Webinar)

How to Prepare For a Successful Job Search for 2024

Social Media Marketing Trends 2024 // The Global Indie Insights

Trends In Paid Search: Navigating The Digital Landscape In 2024

5 Public speaking tips from TED - Visualized summary

ChatGPT and the Future of Work - Clark Boyd

Getting into the tech field. what next

Google's Just Not That Into You: Understanding Core Updates & Search Intent

How to have difficult conversations

Introduction to Data Science

Time Management & Productivity - Best Practices

The six step guide to practical project management

Beginners Guide to TikTok for Search - Rachel Pearson - We are Tilt __ Bright...

Unlocking the Power of ChatGPT and AI in Testing - A Real-World Look, present...

12 Ways to Increase Your Influence at Work

ChatGPT webinar slides

O365 Phishing Slides

1. HOW TO SPOT A SPEAR PHISHING EMAIL

2. Spear phishing emails target specific individuals, using public information like their name and service providers to create a false narrative. The aim of these emails is to manipulate the target into giving away their confidential data – usually by clicking a malicious link or entering their details into a form on a phony website. There’s only so much threat protection services can do when a user is tricked into complying like this, so learning how to spot a fake email is crucial.

3. 1. Check Email Addresses The display name might look authentic, but email addresses are much harder to falsify. With many companies purchasing their own domain names, attackers often have to alter the spelling slightly – in our example you can see that the domain misses a letter O, spelling ‘microsft’ rather than ‘microsoft’.

4. 2. Missing Details As already mentioned, spear phishers will use public information on their target to make their narrative seem more realistic, but not everything is available publicly. If an email, like our example, uses no personal information other than your name, ask yourself, what would this company’s emails usually include? A username? An account number?

5. 3. Hyperlinks If an email from an unknown source includes lots of pushy links or buttons be wary; they can often harbour malicious software that can log your keystrokes or take you to a convincing website where they can steal your login details. Avoiding links altogether is the best practice, but if it seems to be for an important page try using a trusted search engine to find it instead, or hover over the link before clicking to reveal the URL.

6. 4. Scare-tactics Phishing attackers will typically use fear to manipulate their targets, as opposed to other attacks which may offer a reward or service. The constructed narrative will usually involve a large payment being owed or an account breach. This specific example is a more subtle approach; instead of scaring the target with large fines, it uses a ‘one-time’ code with a time limit, pushing the user to click the link quickly in fear of losing their private message.

7. For more topics and training material visit the Boxphish website.