SlideShare ist ein Scribd-Unternehmen logo

PPT on Phishing

Als PPTX, PDF herunterladen
P
Pankaj Yadav

A brief description about phishing and its types.

Internet
1 von 19
Submitted To: Submitted By: Er. Sadik Khan Pankaj Yadav 131234040031 Phishing
Content  Introduction  Phishing Techniques  Phishing Examples  Types of Phishing  Causes of Phishing  Anti Phishing  Effects of Phishing  Defend against Phishing Attacks  Conclusion  Reference
Introduction  Phishing is the act of attempting to acquire information such as username, password and credit card details as a trustworthy entity in an electronic communication.  Communications purporting to be from popular social web sites ,auction sites, online payment process or IT administrators are commonly used to lure the unsuspecting public .Phishing emails may contain links to websites that are infected with malware.
Phishing Techniques  LINK MANIPULATION
Phishing Techniques  FILTER EVASION : (By Pass cheat code)
Phishing Techniques WEBSITE FORGERY : Some phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original bar and opening up a new one with the legitimate URL
Phishing Techniques PHONE PHISHING :
Phishing Examples  In this example, targeted at South Trust Bank users, the phisher has used an image to make it harder for anti-phishing filters to detect by scanning for text commonly used in phishing emails.
Phishing Examples
Types of Phishing  Deceptive - Sending a deceptive email, in bulk, with a “call to action” that demands the recipient click on a link.  Malware-Based - Running malicious software on the user’s machine. Various forms of malware-based phishing are :  Key Loggers & Screen Loggers  Session Hijackers (Cookies )  Web Trojans  Data Theft
Types of Phishing  DNS-Based - Phishing that interferes with the integrity of the lookup process for a domain name. Forms of DNS-based phishing are:  Hosts file poisoning  Polluting user’s DNS cache  Proxy server compromise  Man-in-the-Middle Phishing - Phisher positions himself between the user and the legitimate site.
Types of Phishing  Content-Injection – Inserting malicious content into legitimate site. Three primary types of content-injection phishing:  Hackers can compromise a server through a security vulnerability and replace or augment the legitimate content with malicious content.  Malicious content can be inserted into a site through a cross-site scripting vulnerability.  Malicious actions can be performed on a site through a SQL injection vulnerability.
Causes of Phishing  Misleading e-mails  No check of source address  Vulnerability in browsers  No strong authentication at websites of banks and financial institutions  Limited use of digital signatures  Non-availability of secure desktop tools  Lack of user awareness  Vulnerability in applications
Anti Phishing  A. Social responses  B. Technical approaches  1. Helping to identify legitimate websites.  2. Browsers alerting users to fraudulent websites.  3. Eliminating Phishing mail.  4. Monitoring and takedown.  C. Legal approaches
Effects of Phishing  Internet fraud  Identity theft  Financial loss to the original institutions  Difficulties in Law Enforcement Investigations  Erosion of Public Trust in the Internet.
Defend against Phishing Attacks  Preventing a phishing attack before it begins  Detecting a phishing attack  Preventing the delivery of phishing messages  Preventing deception in phishing messages and sites  Counter measures  Interfering with the use of compromised information
Conclusion  No single technology will completely stop phishing.  However, a combination of good organization and practice, proper application of current technologies, and improvements in security technology has the potential to drastically reduce the prevalence of phishing and the losses suffered from it.
Reference  www.phishtank.com  https://en.wikipedia.org/wiki/Phishing  https://safety.yahoo.com/Security/PHISHING-SITE.html 
PPT on Phishing

Empfohlen

Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
SysCloud
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
Phishing
PhishingPhishing
Phishing
Sagar Rai
 
Phishing
PhishingPhishing
Phishing
SouganthikaSankaresw
 
Anti phishing
Anti phishingAnti phishing
Anti phishing
Shethwala Ridhvesh
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 

Empfohlen

Phishing
PhishingPhishing
Phishing
SaurabhKantSahu1
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
SysCloud
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
Aryan Ragu
 
Phishing
PhishingPhishing
Phishing
Sagar Rai
 
Phishing
PhishingPhishing
Phishing
SouganthikaSankaresw
 
Anti phishing
Anti phishingAnti phishing
Anti phishing
Shethwala Ridhvesh
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
shindept123
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
ControlScan, Inc.
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
bensonoo
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
Nikolaos Georgitsopoulos
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
pooja_doshi
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
Quick Heal Technologies Ltd.
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
Sachin Saini
 
Spoofing
SpoofingSpoofing
Spoofing
Sanjeev
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
Jorge Sebastiao
 
Phishing
PhishingPhishing
Phishing
anjalika sinha
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
Raghav Chhabra
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
Sanjay Kumar
 
Phishing
PhishingPhishing
Phishing
Alka Falwaria
 
Social engineering
Social engineeringSocial engineering
Social engineering
Alexander Zhuravlev
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
Jagan Mohan
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation
AniketPandit18
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
Nalneesh Gaur
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing Techniques
Raza_Abidi
 
Spear Phishing Attacks
Spear Phishing AttacksSpear Phishing Attacks
Spear Phishing Attacks
n|u - The Open Security Community
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
Ramiro Cid
 
PHISHING attack
PHISHING attack PHISHING attack
PHISHING attack
Shubh Thakkar
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
Sushil Kumar
 
phishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptxphishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptx
MaheshDhope1
 
phishingppt-160209144204.pdf
phishingppt-160209144204.pdfphishingppt-160209144204.pdf
phishingppt-160209144204.pdf
vinayakjadhav94
 

Weitere ähnliche Inhalte

Was ist angesagt?

Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
pooja_doshi
 
Spoofing
SpoofingSpoofing
Spoofing
Sanjeev
 

Was ist angesagt? (20)

P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation
 
Social engineering presentation
Social engineering presentationSocial engineering presentation
Social engineering presentation
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
 
Phishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS WorkingPhishing attack, with SSL Encryption and HTTPS Working
Phishing attack, with SSL Encryption and HTTPS Working
 
Spoofing
SpoofingSpoofing
Spoofing
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 
Phishing
PhishingPhishing
Phishing
 
Phishing attack
Phishing attackPhishing attack
Phishing attack
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phishing
PhishingPhishing
Phishing
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing Attacks
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation
 
Phishing: Swiming with the sharks
Phishing: Swiming with the sharksPhishing: Swiming with the sharks
Phishing: Swiming with the sharks
 
Spoofing Techniques
Spoofing TechniquesSpoofing Techniques
Spoofing Techniques
 
Spear Phishing Attacks
Spear Phishing AttacksSpear Phishing Attacks
Spear Phishing Attacks
 
Social engineering attacks
Social engineering attacksSocial engineering attacks
Social engineering attacks
 
PHISHING attack
PHISHING attack PHISHING attack
PHISHING attack
 
Phishing techniques
Phishing techniquesPhishing techniques
Phishing techniques
 

Ähnlich wie PPT on Phishing

phishingppt-160209144204.pdf
phishingppt-160209144204.pdfphishingppt-160209144204.pdf
phishingppt-160209144204.pdf
vinayakjadhav94
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing Framework
IJAEMSJORNAL
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
theijes
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdf
anjandavid
 
Using OTP prevent Phishing attacks
Using OTP prevent Phishing attacksUsing OTP prevent Phishing attacks
Using OTP prevent Phishing attacks
riteshsarode1995
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detection
ijtsrd
 

Ähnlich wie PPT on Phishing (20)

phishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptxphishing-technology-730-J1A0e1Q.pptx
phishing-technology-730-J1A0e1Q.pptx
 
phishingppt-160209144204.pdf
phishingppt-160209144204.pdfphishingppt-160209144204.pdf
phishingppt-160209144204.pdf
 
Phishing
PhishingPhishing
Phishing
 
A Review on Antiphishing Framework
A Review on Antiphishing FrameworkA Review on Antiphishing Framework
A Review on Antiphishing Framework
 
Phis
PhisPhis
Phis
 
Exploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In PhishingExploring And Investigating New Dimensions In Phishing
Exploring And Investigating New Dimensions In Phishing
 
Improving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association MiningImproving Phishing URL Detection Using Fuzzy Association Mining
Improving Phishing URL Detection Using Fuzzy Association Mining
 
need help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdfneed help with a term paper 8 pages Write a term paper that discusse.pdf
need help with a term paper 8 pages Write a term paper that discusse.pdf
 
IJSRED-V2I4P0
IJSRED-V2I4P0IJSRED-V2I4P0
IJSRED-V2I4P0
 
Using OTP prevent Phishing attacks
Using OTP prevent Phishing attacksUsing OTP prevent Phishing attacks
Using OTP prevent Phishing attacks
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
 
Phishing: Analysis and Countermeasures
Phishing: Analysis and CountermeasuresPhishing: Analysis and Countermeasures
Phishing: Analysis and Countermeasures
 
E Mail Phishing Prevention and Detection
E Mail Phishing Prevention and DetectionE Mail Phishing Prevention and Detection
E Mail Phishing Prevention and Detection
 
Phishing
PhishingPhishing
Phishing
 
Web spoofing (1)
Web spoofing (1)Web spoofing (1)
Web spoofing (1)
 
Computer 4 ict
Computer 4 ictComputer 4 ict
Computer 4 ict
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 
Phishing technology
Phishing technologyPhishing technology
Phishing technology
 

Kürzlich hochgeladen

一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
pxcywzqs
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
ydyuyu
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
galaxypingy
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
ayvbos
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
EleniIlkou
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
ydyuyu
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
JOHNBEBONYAP1
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
ydyuyu
 

Kürzlich hochgeladen (20)

一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
一比一原版(Offer)康考迪亚大学毕业证学位证靠谱定制
 
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime NagercoilNagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
Nagercoil Escorts Service Girl ^ 9332606886, WhatsApp Anytime Nagercoil
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
PowerDirector Explination Process...pptx
PowerDirector Explination Process...pptxPowerDirector Explination Process...pptx
PowerDirector Explination Process...pptx
 
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
一比一原版(Curtin毕业证书)科廷大学毕业证原件一模一样
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53APNIC Updates presented by Paul Wilson at ARIN 53
APNIC Updates presented by Paul Wilson at ARIN 53
 
Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.Meaning of On page SEO & its process in detail.
Meaning of On page SEO & its process in detail.
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
Microsoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck MicrosoftMicrosoft Azure Arc Customer Deck Microsoft
Microsoft Azure Arc Customer Deck Microsoft
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
Power point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria IuzzolinoPower point inglese - educazione civica di Nuria Iuzzolino
Power point inglese - educazione civica di Nuria Iuzzolino
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
20240510 QFM016 Irresponsible AI Reading List April 2024.pdf
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 

PPT on Phishing

  • 1. Submitted To: Submitted By: Er. Sadik Khan Pankaj Yadav 131234040031 Phishing
  • 2. Content  Introduction  Phishing Techniques  Phishing Examples  Types of Phishing  Causes of Phishing  Anti Phishing  Effects of Phishing  Defend against Phishing Attacks  Conclusion  Reference
  • 3. Introduction  Phishing is the act of attempting to acquire information such as username, password and credit card details as a trustworthy entity in an electronic communication.  Communications purporting to be from popular social web sites ,auction sites, online payment process or IT administrators are commonly used to lure the unsuspecting public .Phishing emails may contain links to websites that are infected with malware.
  • 5. Phishing Techniques  FILTER EVASION : (By Pass cheat code)
  • 6. Phishing Techniques WEBSITE FORGERY : Some phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original bar and opening up a new one with the legitimate URL
  • 8. Phishing Examples  In this example, targeted at South Trust Bank users, the phisher has used an image to make it harder for anti-phishing filters to detect by scanning for text commonly used in phishing emails.
  • 10. Types of Phishing  Deceptive - Sending a deceptive email, in bulk, with a “call to action” that demands the recipient click on a link.  Malware-Based - Running malicious software on the user’s machine. Various forms of malware-based phishing are :  Key Loggers & Screen Loggers  Session Hijackers (Cookies )  Web Trojans  Data Theft
  • 11. Types of Phishing  DNS-Based - Phishing that interferes with the integrity of the lookup process for a domain name. Forms of DNS-based phishing are:  Hosts file poisoning  Polluting user’s DNS cache  Proxy server compromise  Man-in-the-Middle Phishing - Phisher positions himself between the user and the legitimate site.
  • 12. Types of Phishing  Content-Injection – Inserting malicious content into legitimate site. Three primary types of content-injection phishing:  Hackers can compromise a server through a security vulnerability and replace or augment the legitimate content with malicious content.  Malicious content can be inserted into a site through a cross-site scripting vulnerability.  Malicious actions can be performed on a site through a SQL injection vulnerability.
  • 13. Causes of Phishing  Misleading e-mails  No check of source address  Vulnerability in browsers  No strong authentication at websites of banks and financial institutions  Limited use of digital signatures  Non-availability of secure desktop tools  Lack of user awareness  Vulnerability in applications
  • 14. Anti Phishing  A. Social responses  B. Technical approaches  1. Helping to identify legitimate websites.  2. Browsers alerting users to fraudulent websites.  3. Eliminating Phishing mail.  4. Monitoring and takedown.  C. Legal approaches
  • 15. Effects of Phishing  Internet fraud  Identity theft  Financial loss to the original institutions  Difficulties in Law Enforcement Investigations  Erosion of Public Trust in the Internet.
  • 16. Defend against Phishing Attacks  Preventing a phishing attack before it begins  Detecting a phishing attack  Preventing the delivery of phishing messages  Preventing deception in phishing messages and sites  Counter measures  Interfering with the use of compromised information
  • 17. Conclusion  No single technology will completely stop phishing.  However, a combination of good organization and practice, proper application of current technologies, and improvements in security technology has the potential to drastically reduce the prevalence of phishing and the losses suffered from it.
  • 18. Reference  www.phishtank.com  https://en.wikipedia.org/wiki/Phishing  https://safety.yahoo.com/Security/PHISHING-SITE.html 