Professional Documents
Culture Documents
Fishing
Fishing
Define phishing
How its been carried out.
Identify various types of phishing scams.
Recognize common baiting tactics used in phishing
scams.
Examine real phishing messages.
Understand how to protect yourself from being hooked
by a phishing scam.
PHISHING
Phishing is the fraudulent attempt to obtain
sensitive information such as usernames,
passwords and credit card details by disguising as
a trustworthy entity in an electronic
communication.
HOW TO IDENTIFY A PHISHING EMAIL
l.
WRONG COMPANY
These e-mails are sent out to thousands of different e-mail addresses and
often the person sending these e-mails has no idea who you are. If you
have no affiliation with the company the e-mail address is supposedly
coming from, it is fake.
Spelling and grammar -
Improper spelling and grammar are almost always a dead giveaway. Look
for obvious errors.
No mention of account information - If the company were
sending you information regarding errors to your account, they would
mention your account or username in the e-mail. In the above example, the
e-mail just says "eBay customer," if this was eBay they would mention
your username. However, be cautious of spear phishing, which is a type of
phishing where the attacker knows some personal information.
Deadlines -
E-mail requests an immediate response or a specific deadline. For example, in the above
example, the requirement to log in and change your account information within 24 hours.
Links -
Although many phishing e-mails are getting better at hiding the true URL you are visiting,
often these e-mails will list a URL that is not related to the company's URL. For example,
in our above eBay example, "http://fakeaddress.com/ebay" is not an eBay URL, just a
URL with an "ebay" directory. If you are unfamiliar with how a URL is structured, see the
URL definition for additional information
HOW IT’S BEEN CARRIED OUT
Target Audience
TYPES OF PHISHING ATTACKS
Link Manipulation
Deceptive phishing
Spear phishing
Voice Phishing
DECEPTIVE PHISHING
8. Be Wary of Pop-Ups –