SlideShare ist ein Scribd-Unternehmen logo
1 von 13
Downloaden Sie, um offline zu lesen
GENERAL SIR JOHN KOTELAWALA DEFENCE UNIVERSITY
SUBJECT: INFORMATION SECURITY
(MEG 4137)
Prepared by : KDU/MEG/03/09 - W.M. Nilantha Piyasiri
MBA IN E-GOVERNANCE - Programme III
Submission Date : 03 April 2016
Phishing
And
pharming
The Evil Twins
Identity theft
Is it really happening?
Thanks to advances in technology, the types
of transactions we can now complete online
are virtually endless.
We use “User Names, Passwords, Credit
Cards, Debit Cards, PINs, birthdates,mothers
maiden name, etc.
Stealing above
identities is called
“Identity theft”
Identity theft is a federal
crime. It happens when
one person’s identification
(which can include name,
social security number,
bank account number, or
any other account number)
is used or
transferred by another
Phishing and Pharming are two of the most
organized crimes of the 21st
centurey and
these are at the forefront of Internet piracy
and idetity theft.
The Deadly Duo
The information that steal from these act
are used by fraudsters to their evil needs,
such as trasfer money from accounts, buy
murchandise, etc..
What is Phishing ?
(fish´ing) (n.) - The act of sending a
message to a user falsely claiming to be an
established legitimate enterpirse in an
attempt to scam the user into surrendering
private information that will be used for
identity theft.
Did you get it?
Steps of a Phishing Attack
● Phisher prepare for the attack.
● Phisher will register a domain which may
sound simillar when pronounce or look
similar to a legitimate website. Domain
could be made like www.boc-secure.lk to
deceive people who visit www.boc.lk.● Sometimes they make website which says they offer
reduce rates for their merchandise if they enter user
name and password or PIN of an accounts of reputed
eCommerce website, etc.
Step 1
Initiation
Steps of a Phishing Attack
● Phisher tries to lure victims into
trap/bait by using different attack
vectors.
● The Common method is sending
an email to the victim.
● The other method is social
engineering where the user will be
compelled to go to website and
login.
● Or install a malware (keylogger,
Step 2
Execution
Steps of a Phishing Attack
Step 3
User Action Y
The victim falls into the trap.
He/She will respond either one
of the attack vectors.
Victim will enter his/her
sensitive and confidential data
such as credit card details,
user credentials, account
balance, etc; to the website
without taking any
precausionary measure.
Steps of a Phishing Attack
Step 4
Completion Y
The victim falls into the trap.
He/She will respond either one
of the attack vectors.
Victim will enter his/her
sensitive and confidential data
such as credit card details,
user credentials, account
balance, etc; to the website
without taking any
phishing and pharming - evil twins

Weitere ähnliche Inhalte

Was ist angesagt?

Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharksNalneesh Gaur
 
Phishing
PhishingPhishing
PhishingSyahida
 
Seminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemSeminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemNarendra Singh
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gtemi
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishingMH BS
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingSachin Saini
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniquesSushil Kumar
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threatsourav newatia
 

Was ist angesagt? (20)

PHISHING attack
PHISHING attack PHISHING attack
PHISHING attack
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
 
Phishing
PhishingPhishing
Phishing
 
Seminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII SemSeminaar Report of Phishing VIII Sem
Seminaar Report of Phishing VIII Sem
 
Phishing
PhishingPhishing
Phishing
 
Intro phishing
Intro phishingIntro phishing
Intro phishing
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacks
 
ICT-phishing
ICT-phishingICT-phishing
ICT-phishing
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Phishing attack till now
Phishing attack till nowPhishing attack till now
Phishing attack till now
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
 
Phishing Attack : A big Threat
Phishing Attack : A big ThreatPhishing Attack : A big Threat
Phishing Attack : A big Threat
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing
PhishingPhishing
Phishing
 
Phishing
PhishingPhishing
Phishing
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
 
Phishing
PhishingPhishing
Phishing
 
Anti phishing
Anti phishingAnti phishing
Anti phishing
 

Ähnlich wie phishing and pharming - evil twins

Lesson iv on fraud awareness (cyber frauds)
Lesson  iv on fraud awareness   (cyber frauds)Lesson  iv on fraud awareness   (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)Kolluru N Rao
 
Lesson iv on fraud awareness (cyber frauds)
Lesson  iv on fraud awareness   (cyber frauds)Lesson  iv on fraud awareness   (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)CA.Kolluru Narayanarao
 
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptxInternet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptxInternet 2Conf
 
Email phishing: Text classification using natural language processing
Email phishing: Text classification using natural language processingEmail phishing: Text classification using natural language processing
Email phishing: Text classification using natural language processingCSITiaesprime
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfKALPITKALPIT1
 
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptxSJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptxAalbert Albert
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and SecurityMd Nishad
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE  1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE  1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docxwlynn1
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10seadeloitte
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxCUInnovationTeam
 
Identity Theft in South-east Asia.pdf
Identity Theft in South-east Asia.pdfIdentity Theft in South-east Asia.pdf
Identity Theft in South-east Asia.pdfnaimj2000
 
E0334035040
E0334035040E0334035040
E0334035040theijes
 

Ähnlich wie phishing and pharming - evil twins (20)

Lesson iv on fraud awareness (cyber frauds)
Lesson  iv on fraud awareness   (cyber frauds)Lesson  iv on fraud awareness   (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
 
Lesson iv on fraud awareness (cyber frauds)
Lesson  iv on fraud awareness   (cyber frauds)Lesson  iv on fraud awareness   (cyber frauds)
Lesson iv on fraud awareness (cyber frauds)
 
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptxInternet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
Internet 2.0 Conference Reviews Legit Ways To Spot Phishing Scam Offenses.pptx
 
cyber_crim.pptx
cyber_crim.pptxcyber_crim.pptx
cyber_crim.pptx
 
Email phishing: Text classification using natural language processing
Email phishing: Text classification using natural language processingEmail phishing: Text classification using natural language processing
Email phishing: Text classification using natural language processing
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
THE CYBER WORLD.pptx
THE CYBER WORLD.pptxTHE CYBER WORLD.pptx
THE CYBER WORLD.pptx
 
ccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdfccs12-18022310494mghmgmyy3 (1).pdf
ccs12-18022310494mghmgmyy3 (1).pdf
 
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptxSJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
SJCTNC-A.ALBERT RAVI-PCM1017Q-E COMMERCE-UNIT-V- TYPES OF CYBER CRIMES.pptx
 
Cyber Crime and Security
Cyber Crime and SecurityCyber Crime and Security
Cyber Crime and Security
 
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE  1 .docxRunning head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE  1 .docx
Running head HOW TO AVOID INTERNET SCAMS AT THE WORKPLACE 1 .docx
 
cyber crime.pptx
cyber crime.pptxcyber crime.pptx
cyber crime.pptx
 
Module vi mis
Module vi misModule vi mis
Module vi mis
 
IT Sample Paper
IT Sample PaperIT Sample Paper
IT Sample Paper
 
Phishing.pdf
Phishing.pdfPhishing.pdf
Phishing.pdf
 
Cyber crime
Cyber crime Cyber crime
Cyber crime
 
December 2019 Part 10
December 2019 Part 10December 2019 Part 10
December 2019 Part 10
 
First Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptxFirst Lecture- Cyber Security-Bangladesh.pptx
First Lecture- Cyber Security-Bangladesh.pptx
 
Identity Theft in South-east Asia.pdf
Identity Theft in South-east Asia.pdfIdentity Theft in South-east Asia.pdf
Identity Theft in South-east Asia.pdf
 
E0334035040
E0334035040E0334035040
E0334035040
 

Kürzlich hochgeladen

WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024Jan Löffler
 
Bio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxBio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxnaveenithkrishnan
 
Computer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteComputer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteMavein
 
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfLESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfmchristianalwyn
 
Presentation2.pptx - JoyPress Wordpress
Presentation2.pptx -  JoyPress WordpressPresentation2.pptx -  JoyPress Wordpress
Presentation2.pptx - JoyPress Wordpressssuser166378
 
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdfIntroduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdfShreedeep Rayamajhi
 
Zero-day Vulnerabilities
Zero-day VulnerabilitiesZero-day Vulnerabilities
Zero-day Vulnerabilitiesalihassaah1994
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...APNIC
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSlesteraporado16
 
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsVision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsRoxana Stingu
 
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSTYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSedrianrheine
 
Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Shubham Pant
 

Kürzlich hochgeladen (12)

WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
 
Bio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptxBio Medical Waste Management Guideliness 2023 ppt.pptx
Bio Medical Waste Management Guideliness 2023 ppt.pptx
 
Computer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a WebsiteComputer 10 Lesson 8: Building a Website
Computer 10 Lesson 8: Building a Website
 
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdfLESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
LESSON 5 GROUP 10 ST. THOMAS AQUINAS.pdf
 
Presentation2.pptx - JoyPress Wordpress
Presentation2.pptx -  JoyPress WordpressPresentation2.pptx -  JoyPress Wordpress
Presentation2.pptx - JoyPress Wordpress
 
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdfIntroduction to ICANN and Fellowship program  by Shreedeep Rayamajhi.pdf
Introduction to ICANN and Fellowship program by Shreedeep Rayamajhi.pdf
 
Zero-day Vulnerabilities
Zero-day VulnerabilitiesZero-day Vulnerabilities
Zero-day Vulnerabilities
 
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
Benefits of doing Internet peering and running an Internet Exchange (IX) pres...
 
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASSLESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
LESSON 10/ GROUP 10/ ST. THOMAS AQUINASS
 
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced HorizonsVision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
Vision Forward: Tracing Image Search SEO From Its Roots To AI-Enhanced Horizons
 
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDSTYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
TYPES AND DEFINITION OF ONLINE CRIMES AND HAZARDS
 
Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024Check out the Free Landing Page Hosting in 2024
Check out the Free Landing Page Hosting in 2024
 

phishing and pharming - evil twins

  • 1. GENERAL SIR JOHN KOTELAWALA DEFENCE UNIVERSITY SUBJECT: INFORMATION SECURITY (MEG 4137) Prepared by : KDU/MEG/03/09 - W.M. Nilantha Piyasiri MBA IN E-GOVERNANCE - Programme III Submission Date : 03 April 2016
  • 3. Identity theft Is it really happening?
  • 4. Thanks to advances in technology, the types of transactions we can now complete online are virtually endless. We use “User Names, Passwords, Credit Cards, Debit Cards, PINs, birthdates,mothers maiden name, etc.
  • 5. Stealing above identities is called “Identity theft” Identity theft is a federal crime. It happens when one person’s identification (which can include name, social security number, bank account number, or any other account number) is used or transferred by another
  • 6. Phishing and Pharming are two of the most organized crimes of the 21st centurey and these are at the forefront of Internet piracy and idetity theft. The Deadly Duo The information that steal from these act are used by fraudsters to their evil needs, such as trasfer money from accounts, buy murchandise, etc..
  • 7. What is Phishing ? (fish´ing) (n.) - The act of sending a message to a user falsely claiming to be an established legitimate enterpirse in an attempt to scam the user into surrendering private information that will be used for identity theft.
  • 9. Steps of a Phishing Attack ● Phisher prepare for the attack. ● Phisher will register a domain which may sound simillar when pronounce or look similar to a legitimate website. Domain could be made like www.boc-secure.lk to deceive people who visit www.boc.lk.● Sometimes they make website which says they offer reduce rates for their merchandise if they enter user name and password or PIN of an accounts of reputed eCommerce website, etc. Step 1 Initiation
  • 10. Steps of a Phishing Attack ● Phisher tries to lure victims into trap/bait by using different attack vectors. ● The Common method is sending an email to the victim. ● The other method is social engineering where the user will be compelled to go to website and login. ● Or install a malware (keylogger, Step 2 Execution
  • 11. Steps of a Phishing Attack Step 3 User Action Y The victim falls into the trap. He/She will respond either one of the attack vectors. Victim will enter his/her sensitive and confidential data such as credit card details, user credentials, account balance, etc; to the website without taking any precausionary measure.
  • 12. Steps of a Phishing Attack Step 4 Completion Y The victim falls into the trap. He/She will respond either one of the attack vectors. Victim will enter his/her sensitive and confidential data such as credit card details, user credentials, account balance, etc; to the website without taking any