Phishing AttacksProcess of luring a victim to a fake web site by clicking on a link
Presented By :- Rahul JainSubmitted To :- Prof. Sachindra Dubey
Prof. Anamika Gupta Mam
Made By Rahul Jain
Phishing AttacksProcess of luring a victim to a fake web site by clicking on a link
Dubey SirGupta Mam
Made By Rahul Jain
Examples :-
Click Here www.luckydraw.com to claim your $10000000 Prize!Urgent attention of all true bank account holders.
Made By Rahul Jain
to claim your $10000000 Prize!Urgent attention of all true bank account holders.
Made By Rahul Jain
Methods Of Phishing Attacks
•Impersonation :- Constructing fake Sites and then deceived by visiting
Made By Rahul Jain
Methods Of Phishing Attacks -1
Constructing fake Sites and then deceived by visiting.
Made By Rahul Jain
Methods Of Phishing Attacks
•Forwarding :When victim login to forwarding link data will upload on hostile’s server
Made By Rahul Jain
Methods Of Phishing Attacks -2
Forwarding :- Amazon, Paypal, eBay, When victim login to forwarding link data will upload on hostile’s
Made By Rahul Jain
Methods Of Phishing Attacks
•Popups :- Creative but of Limited Approaches. Behind the popup stealing of data done.
First discovered during barrage of phishing attacks on city bank in 2003.
Made By Rahul Jain
Methods Of Phishing Attacks -3
Creative but of Limited Approaches. Behind the popup
First discovered during barrage of phishing attacks on city bank in
Made By Rahul Jain
Types Of Phishing Attacks
• Man-In-The-Middle-Phishingbetween user and legitimate websites.
• URL Obfuscation Attacks :- Following attackers hyperlink to the attacker’s server. A> Bad Domain Names –B> Friendly Login URL’s -Many web sites use friendly websites to attack and steal the user’s data the general information is URL://username:password@hostname/path
Made By Rahul Jain
Types Of Phishing Attacks -1
Phishing :- Hackers Position themselves between user and legitimate websites.
Following attackers hyperlink to the
Many web sites use friendly websites to attack and steal the user’s data the general information is URL://username:password@hostname/path
Made By Rahul Jain
Types Of Phishing Attacks
C> Third Party Shortened URL’s length of Complexity of many websites
D> Host Name Obfuscationhttp://mybank.com:[email protected]/phishing/fakepage.htm
In some cases, it may be possible to mix formats (http://0322.0x86/161.0043/)
Made By Rahul Jain
Types Of Phishing Attacks -2
Third Party Shortened URL’s :- Due to length of Complexity of many websites www.smallurl.com
Host Name Obfuscation:- e.g, http://mybank.com:[email protected]/phishing/fakepage.htm
In some cases, it may be possible to mix formats (e.g,
Made By Rahul Jain
Types Of Phishing Attacks
E> URL Obfuscation :of intended meaning in communication, making the message confusing, willfully ambiguous, or harder to understand
Made By Rahul Jain
Types Of Phishing Attacks -3
URL Obfuscation :- Obfuscation is the obscuring in communication, making the message
ambiguous, or harder to understand.
Made By Rahul Jain
Types Of Phishing Attacks
E1> Escape Encoding :-Percent Encoding or Escaped Encoding Achieved by encoding the character to be intrepid with the character %.
E2> Unicode Encoding :-storing characters with multiple bytes by providing a unique number.
Made By Rahul Jain
Attacks -4
Percent Encoding or Escaped Encoding Achieved by encoding the character to be intrepid with the character
- Method of Referencing and storing characters with multiple bytes by providing a unique number.
Made By Rahul Jain
Types Of Phishing Attacks
E3> Inappropriate UTF-8 Encoding Characteristics of preserving the full US%CO, %AE, %FO %FX %80 %80
E4> Multiple Encoding :the URL information by encoding characters multiple times. E.g, “\” character may be encoded as %25 originally but could be extended to %35C or %25C%35C%63
Made By Rahul Jain
Types Of Phishing Attacks -5
8 Encoding :-Characteristics of preserving the full US-ASCII character range.
:- Phishers may further obfuscate the URL information by encoding characters multiple times.
” character may be encoded as %25 originally but could be extended to %35C or %25C%35C%63
Made By Rahul Jain
Types Of Phishing Attacks Types Of Phishing Attacks
Hidden Attacks - An attacker may make use of HTML, DHTML and Other Scriptable Code.Whether its man in the middle attack or fake copy of the site hosted on the attackers own systems. A> Hidden Frames
Hidden Attacks - An attacker may make use of HTML, DHTML and Other Scriptable Code.Whether its man in the middle attack or fake copy of the site hosted on the attackers own systems. A> Hidden Frames
Made By Rahul Jain
Types Of Phishing Attacks -6Types Of Phishing Attacks -6
An attacker may make use of HTML, DHTML and Other Scriptable Code.Whether its man in the middle attack or fake copy of the site hosted
An attacker may make use of HTML, DHTML and Other Scriptable Code.Whether its man in the middle attack or fake copy of the site hosted
Made By Rahul Jain
Types Of Phishing Attacks
Overriding Page Content :-
Made By Rahul Jain
Types Of Phishing Attacks -7
Made By Rahul Jain
Types Of Phishing Attacks
Deceptive Phishing :-Malware Based Phishing :-DNA Based Phishing :-Content Injection Phishing :-Search Engine Phishing :-
Made By Rahul Jain
Types Of Phishing Attacks -8
Made By Rahul Jain
How To Avoid Phishing Attacks
1. Be Careful About responding To emails that ask you for sensitive information.2. Go to The Site Your self, Rather than clicking on links in suspicious emails. 3. If You are on sites that asking you to enter sensitive info check for signs of any thing suspicious.4. Be wary of “Fabulous offers” and “fantastic Prizes” that you will some times Across on web.
1. Be Careful About responding To emails that ask you for sensitive information.2. Go to The Site Your self, Rather than clicking on links in suspicious emails. 3. If You are on sites that asking you to enter sensitive info check for signs of any thing suspicious.4. Be wary of “Fabulous offers” and “fantastic Prizes” that you will some times Across on web.
Made By Rahul Jain
How To Avoid Phishing Attacks -1
1. Be Careful About responding To emails that ask you for sensitive
2. Go to The Site Your self, Rather than clicking on links in suspicious
3. If You are on sites that asking you to enter sensitive info check for
4. Be wary of “Fabulous offers” and “fantastic Prizes” that you will
1. Be Careful About responding To emails that ask you for sensitive
2. Go to The Site Your self, Rather than clicking on links in suspicious
3. If You are on sites that asking you to enter sensitive info check for
4. Be wary of “Fabulous offers” and “fantastic Prizes” that you will
Made By Rahul Jain
How To Avoid Phishing Attacks
Use of Browsers that has a phishing filters.
Made By Rahul Jain
How To Avoid Phishing Attacks -2
Use of Browsers that has a phishing filters.
Made By Rahul Jain
Thank You ..!! ☺For Any Query Ask on-- ideasandtechnology.blogspot.in or mail me at-- [email protected]
Made By Rahul JainMade By Rahul Jain
Top Related