Professional Documents
Culture Documents
Phishing
Phishing
DE F INITION
2
EXAMPLES
3
EXAMPLES
4
EXAMPLES
5
TYPES OF PHISHING
6
TYPES OF PHISHING
7
TYPES OF PHISHING
8
TYPES OF PHISHING
9
TYPES OF PHISHING
10
TYPES OF PHISHING
Search Engine Phishing - Create web pages for fake products, get
the pages indexed by search engines, and wait for users to enter their
confidential information as part of an order, sign-up, or balance transfer.
11
CAUSES OF PHISHING
Misleading e-mails
No check of source address
Vulnerability in browsers
No strong authentication at websites of banks and financial
institutions
Limited use of digital signatures
Non-availability of secure desktop tools
Lack of user awareness
Vulnerability in applications
… and more
12
EFFECTS OF PHISHING
Internet fraud
Identity theft
Financial loss to the original institutions
Difficulties in Law Enforcement Investigations
Erosion of Public Trust in the Internet.
13
INDUSTRIES AFFECTED
14
PHISHING TRENDS
15
PHISHING TRENDS
16
HOW TO COMBAT PHISHING?
17
HOW TO COMBAT PHISHING?
Formulate and enforce Best practices
18
HOW TO COMBAT PHISHING?
19
HOW TO COMBAT PHISHING?
2. Content Validation
20
HOW TO COMBAT PHISHING?
3. Session Handling
21
HOW TO COMBAT PHISHING?
4. URL Qualification
22
HOW TO COMBAT PHISHING?
5. Authentication Process
23
HOW TO COMBAT PHISHING?
6. Transaction non-repudiation
To ensure authenticity and integrity of the transaction
24
HOW TO COMBAT PHISHING?
7. Image Regulation
Image Cycling
Session-bound images
25
ORGANIZATIONS
26
WHAT DOES ALL THE ABOVE IMPLY?
27
REFERENCES
• http://www.antiphishing.org/reports/apwg_report_november_2006.pdf
• http://72.14.235.104/search?q=cache:-T6-
U5dhgYAJ:www.avira.com/en/threats/what_is_phishing.html+Phishin
g+consequences&hl=en&gl=in&ct=clnk&cd=7
• Phishing-dhs-report.pdf
• Report_on_phishing.pdf
• http://www.cert-in.org.in/training/15thjuly05/phishing.pdf
• http://www.antiphishing.org/consumer_recs.html
28
Questions?
29
Thank You!
30