ANATOMY OF A PHISHING ATTACK - University of Toronto · 2016-10-24 · Minimize the impact of...

2
ANATOMY OF A PHISHING ATTACK REPLY ADDRESS IS DIFFERENT FROM SENDER ADDRESS SENDER ADDRESS CAN BE SPOOFED LOOKS GENUINE LINKS DON’T MATCH THE TEXT OF THE LINK INDICATES URGENCY NOT EXPECTED ODD OR DOESN’T MAKE SENSE OFTEN HAS SPELLING OR GRAMMATICAL ERRORS CONTAINS DANGEROUS LINK OR ATTACHMENT © 2014 by Schweitzer Engineering Laboratories, Inc. · LM00246-01 · 20140613

Transcript of ANATOMY OF A PHISHING ATTACK - University of Toronto · 2016-10-24 · Minimize the impact of...

Page 1: ANATOMY OF A PHISHING ATTACK - University of Toronto · 2016-10-24 · Minimize the impact of denial-of-service attacks · Send security alarms through a second path TAKE ACTION NOW

ANATOMY OF APHISHING ATTACK

REPLY ADDRESS IS DIFFERENT FROM SENDER ADDRESS

SENDER ADDRESSCAN BE SPOOFED

LOOKS GENUINE

LINKS DON’T MATCHTHE TEXT OF THE LINK

INDICATES URGENCY

NOT EXPECTED

ODD OR DOESN’T MAKE SENSE

OFTEN HAS SPELLING ORGRAMMATICAL ERRORS

CONTAINS DANGEROUSLINK OR ATTACHMENT

© 2014 by Schweitzer Engineering Laboratories, Inc. · LM00246-01 · 20140613

Page 2: ANATOMY OF A PHISHING ATTACK - University of Toronto · 2016-10-24 · Minimize the impact of denial-of-service attacks · Send security alarms through a second path TAKE ACTION NOW

SEL

cybe

rsec

urity

sol

utio

ns a

re e

asy

to u

se a

nd m

aint

ain,

and

pro

vide

rob

ust p

rote

ctio

n th

at s

uppo

rts

your

com

plia

nce

effo

rts

and

wor

ks w

ith e

xist

ing

or n

ew s

yste

ms.

Des

ign

your

sys

tem

onl

y on

ce, a

nd m

ake

sure

you

are

cov

ered

with

sc

alab

le a

nd m

aint

aina

ble

SEL

cybe

rsec

urity

sol

utio

ns. O

ur te

chno

logy

is c

ritic

ally

test

ed to

with

stan

d al

l kno

wn

atta

ck s

cena

rios

and

is v

alid

ated

by

follo

win

g st

rict

pro

cess

es.

Lear

n m

ore

abou

t SEL

cyb

erse

curi

ty a

t ww

w.s

elin

c.co

m/c

yber

secu

rity

.

WIT

H H

IGH

REL

IAB

ILIT

Y A

ND

NO

LIC

ENSI

NG

, SU

PPO

RT,

OR

SU

BSC

RIP

TIO

N C

OST

S, S

EL C

YBER

SECU

RIT

Y SO

LUTI

ON

S A

RE

AN

EA

SY C

HO

ICE.

MEE

T YO

UR

CYB

ERSE

CUR

ITY

GO

ALS

WIT

H S

TRO

NG

A

CCES

S CO

NTR

OL

FRO

M S

EL

KN

OW

ALL

CO

MM

UN

ICAT

ION

S PA

THS

TO

YOU

R A

SSET

S M

ake

sure

to in

clud

e pa

ths

that

are

acc

essi

ble

loca

lly,

such

as

a th

umb

driv

e. D

raw

a p

ictu

re!

·SC

AD

A

·EM

S

·En

gine

erin

g ac

cess

·M

aint

enan

ce

·Te

leph

one

lines

·W

irel

ess

·In

tern

et

·Sy

stem

inte

rcon

nect

ions

and

bri

dges

USE

AN

D M

AN

AG

E ST

RO

NG

PA

SSW

OR

DS

SEL

equi

pmen

t mak

es th

is e

asy:

you

can

use

vir

tual

ly

all p

rint

able

ASC

II ch

arac

ters

. Use

a p

assw

ord

man

ager

, su

ch a

s K

eyP

ass®

or

Last

pass

®, t

o ge

nera

te lo

ng,

com

plex

pas

swor

ds fo

r ea

ch u

niqu

e lo

gin

you

have

. St

reng

then

a p

assw

ord,

like

the

one

belo

w, w

ith a

few

ch

ange

s:

Wea

k: W

ebst

er

Str

ong:

W3b

$Ter

$d1C

t10n

@ry

·D

o no

t use

def

ault

pas

swor

ds

·C

hang

e th

em p

erio

dica

lly

·C

hang

e th

em w

hen

peop

le le

ave

·U

se d

iffer

ent o

nes

in d

iffer

ent r

egio

ns

·C

ontr

ol th

em

SEC

UR

E CO

MM

UN

ICAT

ION

S W

ITH

EN

CR

YPTI

ON

A

ND

AU

THEN

TICA

TIO

N T

OO

LS ·

Wir

e, fi

ber,

and

radi

o

·SC

AD

A, e

ngin

eeri

ng a

cces

s, m

aint

enan

ce, a

nd

info

rmat

iona

l dat

a (b

ulk,

vid

eo, e

tc.)

PR

ACT

ICE

A “

NEE

D-T

O-K

NO

W”

PO

LICY

, CO

MPA

RTM

ENTA

LIZE

KN

OW

LED

GE,

AN

D G

UA

RD

YO

UR

ACC

ESS

TOO

LS

Kee

p yo

ur d

esig

ns s

afe,

and

lim

it ac

cess

to s

yste

m

deta

ils to

thos

e w

ho r

eally

nee

d to

kno

w to

do

thei

r jo

b.

Be

espe

cial

ly c

aref

ul to

pro

tect

:

·C

ompu

ters

·P

assw

ords

·So

ftw

are

·In

stru

ctio

n m

anua

ls

·En

cryp

tion

equi

pmen

t and

key

s

FOR

KEY

ASS

ETS,

HAV

E M

OR

E TH

AN

ON

E (S

ECU

RE!

) CO

MM

UN

ICAT

ION

S PA

TH ·

Min

imiz

e th

e im

pact

of d

enia

l-of

-ser

vice

att

acks

·Se

nd s

ecur

ity a

larm

s th

roug

h a

seco

nd p

ath

TAK

E A

CTIO

N N

OW

D

on’t

wai

t for

a g

over

nmen

t man

date

—en

sure

that

you

r sy

stem

is r

eady

now

. The

re a

re p

ract

ical

ste

ps y

ou c

an

take

toda

y to

pre

pare

you

r te

am a

nd p

reve

nt a

n ev

ent

from

hap

peni

ng in

the

first

pla

ce.

REV

IEW

LO

G F

ILES

ON

FIR

EWA

LLS,

ALA

RM

S,

AN

D A

CCES

S A

CTIV

ITY

DO

N’T

FO

RG

ET P

HYS

ICA

L SE

CU

RIT

Y

PR

ACT

ICE

“SEC

UR

ITY

IN D

EPTH

” ·

Phy

sica

l

·C

yber

·C

omm

unic

atio

ns

·Tr

aini

ng

·C

ultu

re

HAV

E A

N IN

CID

ENT

RES

PO

NSE

PLA

N R

EAD

Y A

HEA

D O

F TI

ME

So a

cyb

er e

vent

hap

pens

—no

w w

hat?

Dur

ing

the

even

t is

not

the

best

tim

e to

cre

ate

a pl

an a

nd tr

y it

out.

You

shou

ld h

ave

a cl

ear,

conc

ise,

and

wel

l-th

ough

t-ou

t pl

an in

pla

ce b

efor

ehan

d ab

out h

ow y

our

com

pany

will

re

spon

d to

a c

yber

inci

dent

.

TEN

TIP

S FO

R IM

PR

OVI

NG

TH

E SE

CUR

ITY

OF

YOU

R A

SSET

SED

MU

ND

O. S

CH

WEI

TZER

, III


Denial of Spectrum Denial - Spectrum Authority

Denial of Spectrum Denial - Spectrum Authority

Phishing awareness

Phishing awareness

What is Phishing | How to Spot a Phishing email or Website 2020 | Antivirus for Phishing Attack

What is Phishing | How to Spot a Phishing email or Website 2020 | Antivirus for Phishing Attack

PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques.

PHISHING By, Himanshu Mishra Parrag Mehta. OUTLINE What is Phishing ? Phishing Techniques Message Delivery Effects of Phishing Anti-Phishing Techniques.

Table of Contents - Sutcliffe Insurance · 2020. 3. 26. · 4 Phishing versus Spear Phishing Often, the terms phishing and spear phishing are used interchangeably. However, there

Table of Contents - Sutcliffe Insurance · 2020. 3. 26. · 4 Phishing versus Spear Phishing Often, the terms phishing and spear phishing are used interchangeably. However, there

Detecting a Phishing Attack with Phishing Intelligence ... · Detecting a Phishing Attack with Phishing Intelligence Engine (PIE) 1 Phishing Statistics: What Every Business Needs

Detecting a Phishing Attack with Phishing Intelligence ... · Detecting a Phishing Attack with Phishing Intelligence Engine (PIE) 1 Phishing Statistics: What Every Business Needs

Table of Contents - RiskSOURCE Clark-Theders › wp-content › uploads › 2019 › 05 › ... · 4 Phishing vs. Spear Phishing Often, the terms phishing and spear phishing are used

Table of Contents - RiskSOURCE Clark-Theders › wp-content › uploads › 2019 › 05 › ... · 4 Phishing vs. Spear Phishing Often, the terms phishing and spear phishing are used

Notifications & Alarms. Notifications Alarms.

Notifications & Alarms. Notifications Alarms.

PHISHING THREAT MALWARE REVIEW - Cofense · PHISHING THREAT AND MALWARE REVIEW: 2019 Figure 1: As identified by the Cofense Phishing Defense Center. PHISHING THREATS BY TYPE October

PHISHING THREAT MALWARE REVIEW - Cofense · PHISHING THREAT AND MALWARE REVIEW: 2019 Figure 1: As identified by the Cofense Phishing Defense Center. PHISHING THREATS BY TYPE October

Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks

Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks

LARGE SCALE BOTNET SPAMMING DETECTION AND PREVENTIONIssue1/paper6.pdf · DETECTION AND PREVENTION Vinit. K1, S.Shruthi2, D.Aravind3, ... phishing attacks, denial of service attacks

LARGE SCALE BOTNET SPAMMING DETECTION AND PREVENTIONIssue1/paper6.pdf · DETECTION AND PREVENTION Vinit. K1, S.Shruthi2, D.Aravind3, ... phishing attacks, denial of service attacks

Phishing ppt

Phishing ppt

© 2018 Sedgwick Claims Management Services, Inc. - Do not … · 2019-07-25 · •ransomware •phishing •man in the middle •denial of service (ddos) •zero day exploits •malicious

© 2018 Sedgwick Claims Management Services, Inc. - Do not … · 2019-07-25 · •ransomware •phishing •man in the middle •denial of service (ddos) •zero day exploits •malicious

Car Alarms & Smoke Alarms [Monitorama]

Car Alarms & Smoke Alarms [Monitorama]

Gone Phishing, an Anti-Phishing Program Journey€¦ · Gone Phishing, an Anti-Phishing Program Journey Ava Logan-Woods, Information Security Specialist Eshante Lovett, Information

Gone Phishing, an Anti-Phishing Program Journey€¦ · Gone Phishing, an Anti-Phishing Program Journey Ava Logan-Woods, Information Security Specialist Eshante Lovett, Information

My Phishing

My Phishing

Phishing and Anti-phishing techniques

Phishing and Anti-phishing techniques

SPEAR PHISHING - dandh.com...SPEAR PHISHING VS PHISHING Spear phishing and phishing attacks both leverage impersonation to commit fraud. The difference between the two is that spear

SPEAR PHISHING - dandh.com...SPEAR PHISHING VS PHISHING Spear phishing and phishing attacks both leverage impersonation to commit fraud. The difference between the two is that spear

UNCLASSIFIED//FOUO DoD Spear-Phishing Awareness Training · Spear Phishing is a GREATER threat!!! Spear Phishing is a highly targeted phishing attempt. The attacker selectively chooses

UNCLASSIFIED//FOUO DoD Spear-Phishing Awareness Training · Spear Phishing is a GREATER threat!!! Spear Phishing is a highly targeted phishing attempt. The attacker selectively chooses

Phishing techniques

Phishing techniques