PHISHING

WHY SHOULD YOU

KNOW ?
•Phishing attacks can cause financial loss for
victims and put their personal information at risk. 

•76% of organizations say they experienced

phishing attacks in 2018.

•92.4% of malware is delivered via email.

•By the end of 2017, the average user was

receiving 16 malicious emails per month.
WEBSITE SPOFFED
Example
Gmail account phishing scam
PAYPAL SCAM
FACEBOOK EXAMPLE
 OBJECTIVES

 Define phishing
 How its been carried out.
 Identify various types of phishing scams.
 Recognize common baiting tactics used in phishing
scams.
 Examine real phishing messages.
 Understand how to protect yourself from being hooked
by a phishing scam.
PHISHING
 Phishing is the fraudulent attempt to obtain
sensitive information such as usernames,
passwords and credit card details by disguising as
a trustworthy entity in an electronic
communication.
HOW TO IDENTIFY A PHISHING EMAIL
l.
 WRONG COMPANY 
 These e-mails are sent out to thousands of different e-mail addresses and
often the person sending these e-mails has no idea who you are. If you
have no affiliation with the company the e-mail address is supposedly
coming from, it is fake.
 Spelling and grammar -
 Improper spelling and grammar are almost always a dead giveaway. Look
for obvious errors.
 No mention of account information  - If the company were
sending you information regarding errors to your account, they would
mention your account or username in the e-mail. In the above example, the
e-mail just says "eBay customer," if this was eBay they would mention
your username. However, be cautious of spear phishing, which is a type of
phishing where the attacker knows some personal information.
Deadlines -
E-mail requests an immediate response or a specific deadline. For example, in the above
example, the requirement to log in and change your account information within 24 hours.

Links -
Although many phishing e-mails are getting better at hiding the true URL you are visiting,
often these e-mails will list a URL that is not related to the company's URL. For example,
in our above eBay example, "http://fakeaddress.com/ebay" is not an eBay URL, just a
URL with an "ebay" directory. If you are unfamiliar with how a URL is structured, see the 
URL definition for additional information
HOW IT’S BEEN CARRIED OUT
Target Audience
TYPES OF PHISHING ATTACKS

 Link Manipulation
 Deceptive phishing
 Spear phishing
 Voice Phishing
DECEPTIVE PHISHING

 Sending a deceptive email, in bulk, with a

“call to action” that demands the recipient
click on a link.
 example…
SPEAR PHISHING

 This is a more targeted version of the phishing scam

whereby an attacker chooses specific individuals or
enterprises. They then tailor their messages based on
characteristics, job positions, and contacts belonging to
their victims to make their attack less conspicuous. .
PRECAUTIONS
HOW TO AVOID PHISHING SCAMS

1. Keep Informed About Phishing Techniques –  

2. Think Before You Click! – 

3. Install an Anti-Phishing Toolbar –

4. Verify a Site’s Security –

5. Check Your Online Accounts Regularly . 

6. Keep Your Browser Up to Date –

7. Use Firewalls 

8. Be Wary of Pop-Ups –

9. Never Give Out Personal Information – As a

general rule, you should never share
 10. Use Antivirus Software –
Thank you for
your attention

Stay Alert. Be Safe