Phising a Threat to Network Security
-
Upload
anjuselina -
Category
Education
-
view
406 -
download
5
Transcript of Phising a Threat to Network Security
![Page 1: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/1.jpg)
PHISHING A THREAT TO NETWORK SECURITY
1Presented by,
Anju ThomasRoll No:09
S5MCA
![Page 2: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/2.jpg)
OUTLINE……
IntroductionWhat Is Phishing??What Kind Of Information
Do The Hackers Want?How Phishing Is Done?Techniques Of PhishingPreventionConclusion
2
![Page 3: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/3.jpg)
INTRODUCTION
Origin of word “Phishing” from two words – ‘Password’ & ‘Harvesting’.
3
![Page 4: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/4.jpg)
There are a number of different phishing techniques used to obtain personal information from users.
As technology becomes more advanced, the phishing techniques being used are also more advanced.
To prevent Internet phishing, users should have knowledge of various types of phishing techniques and we should also be aware of anti-phishing techniques to protect ourselves from getting phished.
4
![Page 5: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/5.jpg)
PHISHINGPhishing is a type of deception designed to
steal your valuable personal data, such as credit card numbers, passwords, account data, or other information.
5
![Page 6: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/6.jpg)
WHAT KIND OF INFORMATION DO THE HACKERS WANT ??
Your name, address and
date of birth Social Security number Driver’s License number Credit Card numbers ATM cards Telephone calling cards
6
![Page 7: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/7.jpg)
SECTORS WHICH PHISHING IS DONE 7
![Page 8: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/8.jpg)
8HOW PHISHING IS DONE ??
![Page 9: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/9.jpg)
http://fbaction.net/
9
![Page 10: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/10.jpg)
10
![Page 11: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/11.jpg)
11
![Page 12: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/12.jpg)
12
Difference between https and httpIf You are using Hypertext Transfer Protocol
Secure (HTTPS) Instead of Hypertext Transfer Protocol (HTTP), then your website is safe and no one can steal your information.
If No, Then The website You are working with is not safe….!
![Page 13: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/13.jpg)
• To verify the website you are connecting to is the genuine website.
• To ensure the privacy of your data during transit.• To ensure the integrity of your data during transit.
Why do we use TLS or SSL? 13
![Page 14: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/14.jpg)
Using https, the computers agree on a “code”
This “code” is running in TLS or SSL so that no one can steal Your personal Information.
14
Why https is safe?
![Page 15: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/15.jpg)
TYPES OF PHISHING
Clone phishingSpear phishing
Whaling phishing
15
![Page 16: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/16.jpg)
Clone Phishing 16 Content of original mail (including link)
copied to create duplicate email. But the link may be replaced with phishers fake or harmful links.
Spear PhishingPhishing attempts directed at specific individuals or companies have been termed Spear Phishing.
Whaling PhishingPhishing attacks have been directed specifically at senior executives and other high profile targets within businesses is known as Whaling Phishing.
![Page 17: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/17.jpg)
Techniques of Phishing
Phishing
Link manipul-
ation
Key loggers
Session hacking
Phone phishing
17
![Page 18: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/18.jpg)
Link manipulation
18
![Page 19: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/19.jpg)
1)Link manipulationLink manipulation is the technique
in which the phisher sends fake link to A website that is usually visited by the victim or the user.
Two Types Of Fake Links.Link Which Redirected to Phishers
website.Malware Links.
19
![Page 20: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/20.jpg)
20
Link Which Redirected to Phishers website.
![Page 21: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/21.jpg)
Malware Links. 21
![Page 22: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/22.jpg)
22
![Page 23: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/23.jpg)
23
Example
![Page 24: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/24.jpg)
24
![Page 25: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/25.jpg)
HOW TO PREVENT? One of the anti-phishing techniques used to prevent
link manipulation is to move the mouse over the link to view the actual address.
To check the http”s” connection in address bar , meaning its a secure connection.
25
![Page 26: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/26.jpg)
KEY LOGGERS
26
![Page 27: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/27.jpg)
WHY KEYLOGGERS ARE A THREAT?key loggers doesn't make any threat to the
system itselfA key logger is a type of software can record
instant messages, e-mail, and any information you type at any time using your keyboard.
As a result, cyber criminals can get PIN codes and account numbers for e-payment systems, passwords to online gaming accounts, email addresses, user names, email passwords etc.
27
![Page 28: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/28.jpg)
HOW TO DETECT AND PREVENT?? Make entries through the virtual keyboard. install an antivirus product and keep its database up
to date. Use anti-spyware software's.
28
![Page 29: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/29.jpg)
29
SESSION HIJACKING
![Page 30: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/30.jpg)
• Session Hijacking (a.k.a. Session Side jacking) is a form of Man In The Middle (MITM) attack.
• In which a malicious attacker has access to the transport layer and can eavesdrop on communications.
• When communications are not protected they can steal the unique session ID and imitate the victim on the target site.
• This grants the attacker access to your account and data.
SESSION HIJACKING 30
![Page 31: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/31.jpg)
Example…! 31
![Page 32: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/32.jpg)
Steps in Session Hijacking1. Place yourself between the victim and the target .2. Monitor the flow of packets3. Predict the sequence number4. Kill the connection to the victim’s machine5. Take over the session6. Start injecting packets to the target server
32
Prevention of session hijacking1.Encription and connectivity.2.Use anti-virus software.
![Page 33: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/33.jpg)
PHONE PHISHING
33
![Page 34: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/34.jpg)
Phone phishingMobile Phishing is a social engineering
technique where the attack is invited via mobile texting rather than email.
Using Fake Calls and will say to dial something. Using fake SMS.
34
![Page 35: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/35.jpg)
Examples of phone phishing 35
![Page 36: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/36.jpg)
So be careful when you use Mobile banking and all..!
36
![Page 37: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/37.jpg)
Email Spoofing Email Trap By Using Fake Email Address. This is the trick
Used by spammers.
37
![Page 38: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/38.jpg)
Defensive tips against email spoofing
Firstly check the salutation Take care of grammar mistakes Must check the links in email Claiming that an email has
come from reliable source Forward spoofed emails to
FTC (Federal Trade Commission)
38
![Page 39: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/39.jpg)
Prevention Against Phishing Attack 39
![Page 40: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/40.jpg)
1.Never respond to emails that request personal financial information 4
0
![Page 41: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/41.jpg)
2.Visit bank’s websites by typing the URL into the address bar
41
![Page 42: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/42.jpg)
3.Keep a regular check on your Accounts and Credit cards. 4
2
![Page 43: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/43.jpg)
4.Be cautious with emails and personal data .43
5.Keep your computer secure
![Page 44: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/44.jpg)
6.Use anti-spam software
44
7.Use anti-spyware software
![Page 45: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/45.jpg)
8. Use Firewall. 9. Check the website you are
visiting is secure.10. Always report suspicious
activity
45
![Page 46: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/46.jpg)
11. GET EDUCATED ABOUT PHISHING PREVENTION ATTACK
“It is better to be safer now, than feel sorry later”
46
![Page 47: Phising a Threat to Network Security](https://reader034.fdocuments.in/reader034/viewer/2022042723/58860c881a28abe63e8b4627/html5/thumbnails/47.jpg)
47