Phishing is a cybercrime where targets are exploited by someone posing as a legitimate institution to lure individuals into providing sensitive data such as personally identifiable information, banking and credit card details, and passwords.
2. HISTORY
Originofname
Earliest hackers were known
as phreaks.
Phreaking means exploration,
experimenting and study of
telecommunication systems.
The “ph” spelling was used to
link phishing scams with these
underground communities.
A good reason for the use of
“ph” in place of the “f” in the
spelling of the term.
FirstRecordedmention
The first time that the term
“phishing” was used and
recorded was on January 2,
1996. The mention occurred in
a Usenet newsgroup
called AOHell.
Phishingbegins
Traced back to the early 1990s
via America Online, or AOL.
A group of hackers and pirates
that branded the warez
community are considered the
first “phishers.”
Created an algorithm that
allowed them to generate
random credit card numbers.
Successful hits were used to
make phony AOL accounts.
These accounts were used to
spam others in AOL’s
community.
3. HISTORY
Originofname
Earliest hackers were known
as phreaks.
Phreaking means exploration,
experimenting and study of
telecommunication systems.
The “ph” spelling was used to
link phishing scams with
these underground
communities.
A good reason for the use of
“ph” in place of the “f” in the
spelling of the term.
FirstRecordedmention
The first time that the term
“phishing” was used and
recorded was on January 2,
1996. The mention occurred
in a Usenet newsgroup
called AOHell.
Phishingbegins
By 1995, AOL was able to
stop the random credit card
generators
Then the warez group moved
on to other methods,
specifically pretending to be
AOL employees and
messaging people via AOL
Messenger for their
information.
This quickly became such a
problem that on January 2,
1996, the word “phishing”
was first posted in a Usenet
group dedicated to American
Online.
4. WHAT IS PHISHING?
Phishing is a cybercrime where targets are exploited
by someone posing as a legitimate institution to lure
individuals into providing sensitive data such as
personally identifiable information, banking and
credit card details, and passwords.
The information is then used to access
important accounts and can result in identity theft
and financial loss.
6. COMMON TYPES
• Deceptive - Sending a deceptive email, in bulk, with a “call to action” that demands the recipient click
on a link.
7. COMMON TYPES
• Malware-Based - Running malicious software on the user’s machine. Various forms of malware-based
phishing are:
• Key Loggers & Screen Loggers
• Session Hijackers
• Web Trojans
• Data Theft
8. COMMON TYPES
• DNS-Based - Phishing that interferes with the integrity of the lookup process for a domain name. Forms
of DNS-based phishing are:
• Hosts file poisoning
• Polluting user’s DNS cache
• Proxy server compromise
9. COMMON TYPES
• Content-Injection – Inserting malicious content into legitimate site.
• Three primary types of content-injection phishing:
• Hackers can compromise a server through a security vulnerability and replace or augment the legitimate
content with malicious content.
• Malicious content can be inserted into a site through a cross-site scripting vulnerability.
• Malicious actions can be performed on a site through a SQL injection vulnerability.
10. COMMON TYPES
• Man-in-the-Middle Phishing - Phisher positions himself between the user and the legitimate site.
• Search Engine Phishing - Create web pages for fake products, get the pages indexed by search engines,
and wait for users to enter their confidential information as part of an order, sign-up, or balance
transfer.
11. CAUSES OF PHISHING EFFECTS OF PHISHING
Misleading e-mails
No check of source address
Vulnerability in browsers
No strong authentication at websites
of banks and financial institutions
Limited use of digital signatures
Non-availability of secure desktop
tools
Lack of user awareness
Vulnerability in applications
Internet fraud
Identity theft
Financial loss to the original
institutions
Difficulties in Law Enforcement
Investigations
Erosion of Public Trust in the
Internet.
12. EFFECTS OF PHISHING
• Internet fraud
• Identity theft
• Financial loss to the original institutions
• Difficulties in Law Enforcement Investigations
• Erosion of Public Trust in the Internet.
13. HOW TO COMBAT PHISHING
• Educate application users
• Think before you open
• Never click on the links in an email , message boards or mailing lists
• Never submit credentials on forms embedded in emails
• Inspect the address bar and SSL certificate
• Never open suspicious emails
• Ensure that the web browser has the latest security patch applied
• Install latest anti-virus packages
• Destroy any hard copy of sensitive information
• Verify the accounts and transactions regularly
• Report the scam via phone or email.
14. HOW TO COMBAT PHISHING
• Formulate and enforce Best practices
• Authorization controls and access privileges for systems, databases and applications.
• Access to any information should be based on need-to-know principle
• Segregation of duties.
• Media should be disposed only after erasing sensitive information.
15. HOW TO COMBAT PHISHING
• Content Validation
• Never inherently trust the submitted data
• Never present the submitted data back to an application user without sanitizing the same
• Always sanitize data before processing or storing
• Check the HTTP referrer header
16. HOW TO COMBAT PHISHING
Session Handling
• Make session identifiers long, complicated and difficult to guess.
• Set expiry time limits for the SessionID’s and should be checked for every client request.
• Application should be capable of revoking active SessionID’s and not recycle the same SessionID.
• Any attempt the invalid SessionID should be redirected to the login page.
• Never accept session information within a URL.
• Protect the session via SSL.
• Session data should be submitted as a POST.
• After authenticating, a new SessionID should be used (HTTP & HTTPS).
• Never let the users choose the SessionID.