Phishing: Don t Phall Phor It Part 1
|
|
- Angelina Chastity Norris
- 5 years ago
- Views:
Transcription
1 Phishing: Don t Phall Phor It Part 1 Software Training Services Welcome to Part 1 of the online course: Phishing: Don t Fall for it! 1
2 Objectives Definition of Phishing State of Phishing Today Recognizing Phishing/Phishing Tricks Examples Best Practices What to do if you get hooked Summary This course is the first of a two-part series on Phishing. All of the objectives listed will be covered in the complete course. In part 1, the following topics will be discussed: Define phishing and distinguish it from spam Provide phishing statistics to give some insight into the state of phishing today Show how to recognize phishing and expose some phishing tricks And Provide some examples of phishing and point out how to identify these as phishing scams You will want to make sure you watch Part 2 of the presentation in order to complete this course. 2
3 Disclaimer: Many of the links in this presentation are not authentic web addresses, but are intended to illustrate hostile activity. DO NOT type these into your browser, unless they are provided in the Resources section. 3
4 Here s Phil the Phisher. 4
5 Web Address Definition Located in the top portion of the screen Begins with http or https The unique address of the web page Throughout this course we will refer to a web address. It s important that you understand what a web address is, and where to find it. The web address is located in the top portion of the screen and will normally begin with http or https. It is the unique address of the web page. 5
6 Web Address Example In this example, the web address is 6
7 Phishing Defined It s NOT what you do with a worm and a hook on a sunny afternoon Let s start with a definition of phishing. Contrary to what it sounds like, it s NOT what you do with a worm and a hook on a sunny afternoon. 7
8 A Definition of Phishing: The process by which someone obtains private information - often authenticating credentials - through deceptive or illicit means in order to falsely assume another person s identity. Phishing is the process by which someone obtains private information, often authenticating credentials, through deceptive or illicit means. They use this information for the purpose of identify theft 8
9 Phishing Defined Use spoofed s to lead the recipient to counterfeit websites Tricked into divulging credit card information, personal information, account usernames and passwords, social security numbers, etc. Phishing involves the use of spoofed s to lead the victim to counterfeit websites The phisher makes the message appear to come from a legitimate source such as Paypal, E-bay, the victim s bank, credit union, etc. Once at the website, they are tricked into divulging credit card information, personal information, account usernames and passwords, social security numbers, etc. Frequently, people will use the same username and password for multiple (or all) sites so phishers will try to get a username and Password and then try to re-use it on other popular websites to gain access to multiple additional accounts 9
10 Identity Theft Defined A crime in which an imposter obtains key pieces of personal information in order to impersonate someone else: Social Security number Driver's license numbers Identity Theft is a crime in which an imposter obtains key pieces of personal information, such as social security number and drivers license number, in order to impersonate someone else. 10
11 Identity Theft Defined Information can be used to carry out transaction in the name of the victim: Obtain credit Purchase merchandise and services Provides the thief with false credentials Can create a criminal record for the victim Leave outstanding arrest warrants for the person whose identity has been stolen Once the thief has this personal information, one way they may use it is to obtain credit and purchase merchandise and services under the victim s identity. In addition, the thief may also use the information for the purpose of providing them with false credentials. In this manner, they can create a criminal record for the victim resulting in outstanding arrest warrants for the person whose identity has been stolen, as the thief commits crimes under the assumed identity. 11
12 The State of Phishing Today Anti-Phishing Working Group : 5.7 billion Number of phishing s sent each month 9,715 Number of unique phishing websites in January ,877 - Number of unique phishing reports received in January ,000+ sites for 2005 YTD 5 days - Average time online for a site Let s take a look at some of the statistics from the Anti-Phishing Working Group which provides us with a good view of the state of phishing today. 5.7 billion that s the number of phishing s sent each month! Just for the month of January 2006 there were 9,715 unique phishing websites. Those are fake websites set up by phishers to lure unsuspecting users into entering their personal information. It might also surprise you to know that the majority of these fake web sites are originating in the United States. 17,877 is the number of unique phishing reports received for the month of January in 2006 There were more than 16,000 phishing sites for the entire year in days is the average time online for a phishing site. That means it is taking an average of 5 days before the web site is discovered and taken down. Frequently, the phisher just moves the page to another site Keep in mind that these numbers continue to increase the situation is getting worse, not better. 12
13 Identity Theft Statistics From FTC Identity Theft Survey Report 2003: 9.9 million Number of victims $47.6 billion Loss to businesses $5 billion Total loss to victims 2 10,000 hours Range of time spent by victims on resolving the problem (Average was 600 hours) You might be wondering how does this affect me? Well, phishing is used for the purpose of identity theft and the statistics on identity theft are overwhelming: There were 9.9 million victims of identity theft in 2003 The loss to businesses was $47.6 billion and the total loss to victims was $5 billion The amount of time spent by victims on resolving the problem ranges from 2 hours to 10,000 hours with an average of 600 hours. Keep in mind, some of the victims are still clearing records over 10 years since the initial theft as the imposter continues to open accounts in their name. 13
14 The State of Phishing Today Why Phishing Works study found: People do not know how to scrutinize web addresses Even when presented with a choice between a valid and a hoax site, the hoax was selected 40% of the time Spam VS. Phishing Spam Selling Phishing - Stealing A study was conducted to determine why phishing scams are successful and the results showed that people don t know how to scrutinize a web address to determine if it is valid or not. Even when people were presented with a choice between a valid and a hoax site, the hoax was selected 40% of the time. You might be asking, is there a difference between spam and phishing? Are they the same thing? Well, they are not the same thing and it s important to differentiate between the two. Spam is selling someone is trying to sell you a product Viagra, low mortgage rates, Vitamins, etc Phishing is actually stealing they are trying to steal your identity by tricking you into divulging personal information 14
15 Recognizing Phishing Look for the following three components: Build credibility (sounds good) Spoof a real company You may or may not be a member or have an account Create a reason to act Urgency, plausible premise, requires quick response A call to action Click a link or button Subtle changes to web address Actual web address with changed link properties Not going where you think you are going! There are some standard items to look for in an to help you identify it as a phishing scam. Most phishing s will have 3 components: First, they will try to build credibility by spoofing a real company. Typically, the phisher will use very popular and well-known businesses, such as e-bay, paypal, Amazon, or major banks. Second, they will express a sense of urgency to get you to take immediate action. They may try to scare you into believing that someone may have tried to access your account and they need you to verify your account information immediately. Finally, there is a call to action a very quick and convenient method for you to provide the requested information by completing a form or clicking a link. They may even make it look as though you are clicking a valid web address. When in fact, they have modified the link properties so that you are NOT actually going where you think they are. 15
16 Recognizing Phishing Exercise caution when: Notified of internal accounting errors, requesting your cooperation Warnings of your account being closed if action is not taken Requests to update your account or profile Apparent notices from your ISP informing you of problems generated by your PC You should exercise caution any time you are notified of warnings such as internal accounting errors or threats that your account is going to be closed unless you take immediate action. Some other popular ploys include requests to update your account or profile, and notices that seem to come from your Internet Service Provider informing you of problems that have been generated by your pc. All of these are tricks of the phisher to scare you into taking immediate action. By placing urgency on the request they are hoping to increase their chances that you will respond immediately without thinking about the possible consequences. 16
17 For Example Take this example which appears to be coming from Paypal. This request informs the recipient that they have recently enhanced their web site and therefore, they are updating their account information and noticed some discrepancies in the client s account. Notice the simple link to click on in order to be taken to a web page where the account information can be entered. This does contain some tell-tale signs that it is a phishing scheme. Let s take a closer look. 17
18 First, notice the generic Dear paypal customer If this were a legitimate message, the would be personalized to include the account holder s name. In addition, take a look at the improper Grammar used the first sentence includes the phrase to verify that the informations you have provided are accurate. Then, the poorly worded note Unable to do so may result to abnormal account behavior during transactions. Sometimes, poor grammar and misspellings are a good indication of a phishing scheme, but they are not always present. Let s click on the link and see where it takes us that will provide us with additional clues as to the legitimacy of the message 18
19 Takes you to Let s analyze this web page. ANYTIME you enter personal information on the web, you should always verify that the site is secure by looking for https in the web address and a Lock icon in the lower right both should be present. You can see by this example, http is used and not https and there is no lock icon in the lower right. The Secure Log In and lock symbol used towards the top of the page are being used to fool you into believing the web page is secure, when in fact it is not. The lock icon should be located in the status bar at the bottom of the page. 19
20 This is an example of valid, secure web site. Notice the https web address and lock icon are both present. This is the legitimate web site for paypal. 20
21 Https Secure Site Internet Explorer Lock icon: Displayed in lower right Mozilla FireFox Lock icon: Displayed in lower left Netscape Lock icon: Displayed in lower left Throughout this presentation we will use Internet Explorer as the browser. However, you may be using another browser, such as Mozilla FireFox or Netscape. Therefore, on this slide we have provided a sample of the lock icon from all three of these browsers so you are aware of what to look for. Also keep in mind that unlike Internet Explorer where the lock icon is displayed in the lower right, both Mozilla and Netscape display the lock icon in the lower left. This lock icon is not just a picture. You can click the icon or or double-click (depending upon your browser) and examine the security information displayed about the web site. 21
22 Recognizing Phishing The actual domain comes JUST BEFORE the domain suffix Example: Uakron = domain.edu = suffix Suffixes:.com = Commercial business.edu = Educational institutions.gov = Government.org = Non-Profit organizations.mil = Military.net = Network organizations You ll need to understand how to identify domains and suffixes in the web address so keep in mind the following: To help clarify, the actual domain comes just BEFORE the domain suffix. So, for Uakron is the domain and.edu is the suffix. It s helpful to know some common suffixes such as:.com for commercial institutions. Businesses such as ebay, paypal, starbucks, lands end, etc would all use the suffix of.com.edu is for educational institutions, such as The University of Akron.gov is used for government entitities. For example, the United States Postal Service is usps.gov the FBI is fbi.gov.org is used by non-profit organizations, such as the Red Cross, the American Cancer Society, etc..mil is used by military organizations The marines are USmc.mil, the army is army.mil.net is for network organizations and is typically used for Internet Service Providers It helps to be able to identify the domain and suffix in order to determine if a web site is legitimate. 22
23 Recognizing Phishing Look for the following (examples of fraudulent links): Anything after a slash is a subdirectory of the website Let s take a look at what we learned about domains and suffixes and apply it to these web address examples: In the first example ebay.signon.com you see the ebay and immediately assume it is legitimate it s NOT. For the legitimate ebay site, ebay is the domain and in this example signon is the domain, making it invalid. Banesand Noble.com they want you to think it s Barnes and Noble.com they re hoping you glance at it quickly and ignore the missing r. The next one is a good one You might be thinking, this is ebay because it s ebay.com The fact is, whenever there is symbol everything to the left is ignored and the actual address is to the right so, this is really xyz.com and NOT ebay The last one xyz.com/paypal-login.html - Again, you might be thinking it s paypal when in fact anything after the slash is a subdirectory of the website - Therefore, the true domain is xyz and the suffix is.com 23
24 Phishing Tricks Credible-looking web address sign Uses everything to the right of Everything to the left of is forgotten usb/upd.pl Long status line Web address is so long it cannot be completely displayed in the status bar (combine sign) Here s some more credible-looking examples: The first one has the number which is the IP address. Think of the IP address as being similar to a phone number. Sometimes, phishers use the IP address in place of the web address in order to fool you. Any time you see a series of numbers such as this in the web address it should be an indication that the web site it not legitimate. The next one uses symbol the part looks real - too bad it s to the LEFT of symbol. Remember, everything to the left of is ignored. Another trick is to use a very long web address. I ll point out in a minute how you can move your mouse over the link and see the actual web address it points to in the status bar at the bottom of the page. Phishers will make the address so long that when you hover over it the full address it will not be displayed you only see part of the name and it s the part they want you to see. They frequently combine this with symbol so they can put anything they want in front of symbol and none of it is real. We will show you an example of a long web address on the next slide. 24
25 In this example, the phisher is pretty good at disguising the url If we place the mouse over the link labeled internal/loginupdate.html the status bar at the bottom of the screen will display internal/login/update/accounts, etc However, the actual url is really quite long as you can see from the address displayed in the light grey box. What this phisher did was combine a long address with symbol to confuse the recipient. Scan the long address and look for symbol we ve highlighted the text in red to help make it stand out for you. Remember, everything to the left of is ignored, everything to the right is the real address. Therefore, the real address is 25
26 Part 1 Conclusion To advance to Part 2 click the link below: Phishing: Don t Phall Phor It Part 2 Questions? pstrain@uakron.edu AppSupport@uakron.edu This concludes Part 1 of Phising, Don t Phall Phor it! Please don t forget to watch Part 2 of this course. It contains valuable information on advanced phishing tricks and provides advice on what to do should you become a victim of phishing. In addition, many valuable resources are provided in Part 2. Should you have any questions, you may direct them to either pstrain@uakron.edu or AppSupport@uakron.edu 26
Objectives. Disclaimer: Phishing: Don t Phall Phor It Part 1. Software Training Services
Phishing: Don t Phall Phor It Part 1 Software Training Services Objectives Definition of Phishing State of Phishing Today Recognizing Phishing/Phishing Tricks Examples Best Practices What to do if you
More informationTrain employees to avoid inadvertent cyber security breaches
Train employees to avoid inadvertent cyber security breaches TRAIN EMPLOYEES TO AVOID INADVERTENT CYBER SECURITY BREACHES PAGE 2 How much do you know about cyber security? Small business owners often lack
More informationYour security on click Jobs
Your security on click Jobs At Click Jobs is a trading name of Raspberry Recruitment Limited, we're committed to helping you find the right job in a safe and secure environment. On these pages, you can
More informationWebomania Solutions Pvt. Ltd. 2017
The other name for link manipulation is Phishing or you can say link manipulation is type of phishing attack done generally to mislead the user to a replica website or a looka-like of some well-known site.
More informationHow to recognize phishing s
Phishing email messages, websites, and phone calls are designed to steal money, steal data and/or destroy information. Cybercriminals can do this by installing malicious software on your computer or stealing
More informationCOMMON WAYS IDENTITY THEFT CAN HAPPEN:
COMMON WAYS IDENTITY THEFT CAN HAPPEN: OLD FASHIONED STEALING / DUMPSTER DIVING Thieves typically steal wallets and purses. They also steal mail such as credit card and bank statements, pre-approved credit
More informationFAQ. Usually appear to be sent from official address
FAQ 1. What is Phishing Email? A form of fraud by which an attacker masquerades as a reputable entity in order to obtain your personal information. Usually appear to be sent from official email address
More informationIMPORTANT SECURITY CHANGES LOGGING ON. We are replacing the existing enhanced authentication.
IMPORTANT SECURITY CHANGES We are replacing the existing enhanced authentication. All users will be required to reenroll in enhanced authentication. When you are prompted to reenroll, you will be asked
More informationDoD Spear-Phishing Awareness Training. Joint Task Force - Global Network Operations
//FOUO DoD Spear-Phishing Awareness Training Joint Task Force - Global Network Operations Updated: 16 NOV 2006 //FOUO Objective Inform and increase the awareness of all Department of Defense personnel
More informationMalicious s. How to Identify Them and How to Protect Yourself
Malicious Emails How to Identify Them and How to Protect Yourself 1.Identify the Sender This is the first thing you should do whenever you receive an email, especially if: It is requesting sensitive information
More informationPROTECTING YOUR BUSINESS ASSETS
PROTECTING YOUR BUSINESS ASSETS How to Spot Danger Before Your Computer Gets Infected, Your Site Hosts Malware, and Your Credit Card Number Gets Stolen A MyNAMS Presentation by Regina Smola @2012 Regina
More informationOnline Fraud and Identity Theft Guide. A Guide to Protecting Your Identity and Accounts
A Guide to Protecting Your Identity and Accounts As part of SunTrust s commitment to protecting your accounts and identity, we ve created the Online Fraud & Identity Theft Guide, which provides information
More informationOnline Scams. Ready to get started? Click on the green button to continue.
Online Scams Hi, I m Kate. We re here to learn how to protect ourselves from online scams. We ll follow along with Kevin to learn what types of scams are out there, how to recognize the warning signs,
More informationTarget Breach Overview
Target Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more specifics? A: Yes, Target has confirmed that it experienced unauthorized access to its systems
More informationToday s Presentation. Define phishing Explain phishing techniques Examples of phishing Statistics about phishing Defense against Dark Arts Resources
Welcome. Pamela King Professor, Digital Forensics Chestnut Hill College, Philadelphia, PA 17 years law enforcement digital forensics 10 years private industry digital forensics and e-discovery. Academics
More informationHow to Build a Culture of Security
How to Build a Culture of Security March 2016 Table of Contents You are the target... 3 Social Engineering & Phishing and Spear-Phishing... 4 Browsing the Internet & Social Networking... 5 Bringing Your
More informationELECTRONIC BANKING & ONLINE AUTHENTICATION
ELECTRONIC BANKING & ONLINE AUTHENTICATION How Internet fraudsters are trying to trick you What you can do to stop them How multi-factor authentication and other new techniques can help HELPING YOU STAY
More informationNewcomer Finances Toolkit. Fraud. Worksheets
Newcomer Finances Toolkit Fraud Worksheets Ottawa Community Loan Fund Fonds d emprunt Communautaire d Ottawa 22 O Meara St., Causeway Work Centre, Ottawa, ON K1Y 4N6 Tel: 613-594-3535 Fax: 613-594-8118
More informationInternet Basics. Basic Terms and Concepts. Connecting to the Internet
Internet Basics In this Learning Unit, we are going to explore the fascinating and ever-changing world of the Internet. The Internet is the largest computer network in the world, connecting more than a
More informationTIPS TO AVOID PHISHING SCAMS
TIPS TO AVOID PHISHING SCAMS WHAT IS PHISHING? Phishing is the use of fraudulent email, websites, text messages and phone calls to trick people into disclosing personal financial or identity information,
More informationCE Advanced Network Security Phishing I
CE 817 - Advanced Network Security Phishing I Lecture 15 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially obtained
More informationIMPORTANT SECURITY INFORMATION PHISHING
IMPORTANT SECURITY INFORMATION PHISHING Protect Yourself and Your Accounts Important Security Information At Century Savings Bank, security and privacy of your financial information is a top priority.
More informationAges Donʼt Fall for Fake: Activity 1 Don t bite that phishing hook! Goals for children. Letʼs talk
Ages 11-14 Donʼt Fall for : Activity 1 Don t bite that phishing hook! Children play a game where they study various emails and texts and try to decide which messages are legit and which are phishing scams.
More informationCustom Plugin A Solution to Phishing and Pharming Attacks
Custom Plugin A Solution to Phishing and Pharming Attacks Omer Mahmood School of Information Technology Charles Darwin University Darwin, NT, Australia Abstract - This paper proposes a new method to detect,
More informationIT Security Protecting Ourselves From Phishing Attempts. Ray Copeland Chief Information Officer (CIO)
IT Security Protecting Ourselves From Phishing Attempts Ray Copeland Chief Information Officer (CIO) Phishing Defined The fraudulent practice of sending emails claiming to be from reputable people or companies
More informationPhishing Attacks. Mendel Rosenblum. CS142 Lecture Notes - Phishing Attack
Phishing Attacks Mendel Rosenblum Phishing Basic idea: Get unsuspecting users to visit an evil Web site Convince them that the evil Web site is actually a legitimate site (such as a bank or PayPal) Trick
More informationStaying Safe on the Internet. Mark Schulman
Staying Safe on the Internet Mark Schulman 1 Your Presenter Mark Schulman IT professional for almost 40 years No affiliation with any product 2 What We ll Talk About Passwords Email Safety Staying Safe
More informationGuide to credit card security
Contents Click on a title below to jump straight to that section. What is credit card fraud? Types of credit card fraud Current scams Keeping your card and card details safe Banking and shopping securely
More informationCyber Security Guide for NHSmail
Cyber Security Guide for NHSmail Version 3.0 February 2017 Copyright 2017Health and Social Care Information Centre. The Health and Social Care Information Centre is a non-departmental body created by statute,
More informationWho We Are! Natalie Timpone
Who We Are! Natalie Timpone Manager of Security Business Management Office Enterprise Security Awareness Manager Carmelo Walsh Security, Risk, and Compliance Security Awareness Subject Matter Expert Who
More informationFAQ: Privacy, Security, and Data Protection at Libraries
FAQ: Privacy, Security, and Data Protection at Libraries This FAQ was developed out of workshops and meetings connected to the Digital Privacy and Data Literacy Project (DPDL) and Brooklyn Public Library
More informationPersonal Cybersecurity
Personal Cybersecurity The Basic Principles Jeremiah School, CEO How big is the issue? 9 8 7 6 5 4 3 2 1 Estimated global damages in 2018 0 2016 2018 2020 2022 2024 2026 2028 2030 Internet Users Billions
More informationAnti-Phishing Working Group
Phishing Attack Trends Report April, 2004 Phishing attacks use spoofed e-mails and fraudulent websites designed to fool recipients into divulging personal financial data such as credit card numbers, account
More informationFinancial scams. What to look for and how to avoid them.
Financial scams What to look for and how to avoid them. Keep your money secure We take the security and wellbeing of our customers very seriously. So we ve created this guide to highlight the most common
More informationIdentity Theft, Fraud & You. PrePare. Protect. Prevent.
PrePare. Protect. Prevent. Identity Theft, Fraud & You Fraud and identity theft incidents claimed fewer victims in 2010 than in previous years. But don t get too comfortable. Average out-of-pocket consumer
More informationScams and Schemes LESSON PLAN UNIT 1. Essential Question What is identity theft, and how can you protect yourself from it?
LESSON PLAN Scams and Schemes Essential Question What is identity theft, and how can you protect yourself from it? Lesson Overview Students learn strategies for guarding against identity theft and scams
More informationBest Practices Guide to Electronic Banking
Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have
More informationChapter 6 Network and Internet Security and Privacy
Chapter 6 Network and Internet Security and Privacy Learning Objectives LO6.1: Explain network and Internet security concerns LO6.2: Identify online threats LO6.3: Describe cyberstalking and other personal
More informationPhishing. What do phishing s do?
Phishing We have become all too familiar with phishing emails but if that s the case, why do we as a community still fall victim? In this newsletter our goal is to provide you with some basic information
More informationWhy was an extra step of choosing a Security Image added to the sign-in process?
General Information Why was an extra step of choosing a Security Image added to the sign-in process? Criminals can create websites that look very similar to legitimate business websites. We want to take
More informationDuplication and/or selling of the i-safe copyrighted materials, or any other form of unauthorized use of this material, is against the law.
Thank you for your interest in e-safety, and for teaching safe and responsible Internet use to your students. Educators are invited to access and download i-safe curriculum AT NO CHARGE under the following
More informationINTERNET SAFETY IS IMPORTANT
INTERNET SAFETY IS IMPORTANT Internet safety is not just the ability to avoid dangerous websites, scams, or hacking. It s the idea that knowledge of how the internet works is just as important as being
More informationHow Enterprise Tackles Phishing. Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong
How Enterprise Tackles Phishing Nelson Yuen Technology Manager, Cybersecurity Microsoft Hong Kong Hackers turning to easy marks - Social engineering Phishing was the #1 threat vector (> 50%) for Office
More informationProtect Yourself From. Identify Theft
Protect Yourself From Identify Theft What is Identity Theft? Identity theft occurs when someone uses another person identifying information without their permission in order to access resources, obtain
More informationFrequently Asked Questions (FAQ)
Your personal information and account security is important to us. This product employs a Secure Sign On process that includes layers of protection at time of product log in to mitigate risk, and thwart
More informationPhishing Activity Trends Report October, 2004
Phishing Activity Trends Report October, 2004 Phishing is a form of online identity theft that uses spoofed emails designed to lure recipients to fraudulent websites which attempt to trick them into divulging
More informationEmployee Security Awareness Training
Employee Security Awareness Training September 2016 Purpose Employees have access to sensitive data through the work they perform for York. Examples of sensitive data include social security numbers, medical
More informationSecurity Awareness. Presented by OSU Institute of Technology
Security Awareness Presented by OSU Institute of Technology Information Technologies Division Security Awareness Topics Social Engineering Phishing Social Networks Displaying Sensitive Information Wireless
More informationSecurity & Phishing
Email Security & Phishing Best Practices In Cybersecurity Presenters Bill Shieh Guest Speaker Staff Engineer Information Security Ellie Mae Supervisory Special Agent Cyber Crime FBI 2 What Is Phishing?
More informationSecurity and Privacy
E-mail Security and Privacy Department of Computer Science Montclair State University Course : CMPT 320 Internet/Intranet Security Semester : Fall 2008 Student Instructor : Alex Chen : Dr. Stefan Robila
More informationIntroduction to
Introduction to Email gcflearnfree.org/print/email101/introduction-to-email Introduction Do you ever feel like the only person who doesn't use email? You don't have to feel left out. If you're just getting
More informationInternet and Mini.K.G Senior Scientist, FRAD, CMFRI
Internet and E-Mail Mini.K.G Senior Scientist, FRAD, CMFRI Email: mini.anish02@gmail.com 28 Introduction to Internet Internet is a worldwide system of interconnected computer networks. It connects several
More information3.5 SECURITY. How can you reduce the risk of getting a virus?
3.5 SECURITY 3.5.4 MALWARE WHAT IS MALWARE? Malware, short for malicious software, is any software used to disrupt the computer s operation, gather sensitive information without your knowledge, or gain
More informationSecurity Awareness. Chapter 2 Personal Security
Security Awareness Chapter 2 Personal Security Objectives After completing this chapter, you should be able to do the following: Define what makes a weak password Describe the attacks against passwords
More informationWHAT IS CORPORATE ACCOUNT TAKEOVER? HOW DOES IT HAPPEN?
WHAT IS CORPORATE ACCOUNT TAKEOVER? Corporate Account Takeover (also referred to as CATO) is a type of fraud where criminals gain access to a business financial accounts to make unauthorized transactions.
More informationCredit Card Frauds Sept.08, 2016
Credit Card Frauds Sept.08, 2016 Definitions Credit Card A card allowing the holder to purchasing goods or services on credit Debit Card A card allowing transfer of money from a bank a/c electronically
More informationPhishing: What is it?
Objec&ves Define phishing and iden&fy various types of phishing scams Recognize common bai&ng tac&cs used in phishing scams Examine real phishing messages Understand how to protect yourself from being
More informationFrauds & Scams. Why is the Internet so attractive to scam artists? 2006 Internet Fraud Trends. Fake Checks. Nigerian Scam
Frauds & Scams Why is the Internet so attractive to scam artists? Anonymity Low cost Rapid growth Easy to adapt Be Cyber Savvy with C-SAFE 118 2006 Internet Fraud Trends Average Loss Online Auctions 34%
More informationSecurity Using Digital Signatures & Encryption
Email Security Using Digital Signatures & Encryption CONTENTS. Introduction The Need for Email Security Digital Signatures & Encryption 101 Digital Signatures & Encryption in Action Selecting the Right
More informationDo not open attachments on s that you are not sure of.
Avoid free online offers of programs to rid your hard drive of viruses and shred your history completely. It will probably install spyware or infect your hard drive. Do not open attachments on emails that
More informationBRING SPEAR PHISHING PROTECTION TO THE MASSES
E-Guide BRING SPEAR PHISHING PROTECTION TO THE MASSES SearchSecurity phishing. I n this expert tip, David Sherry describes how a combination of technical controls and user awareness training can help put
More information41% Opens. 73% Clicks. 35% Submits Sent
Phishing Awareness Attackers engage with you through your email inbox, and unless you pay close attention, you can become a victim to their masquerade. What tactic are these attackers using? It is called
More informationINTERNET BASICS. GETTING STARTED PAGE 02 Prerequisites What You Will Learn
INTERNET BASICS GETTING STARTED PAGE 02 Prerequisites What You Will Learn BASIC WEB SKILLS/USING A WEB BROWSER PAGE 03 Locate and Open a Web Browser Using a Browser s Menu Options Using the Browser s Navigation
More informationWebroot Phishing Threat Trends
December 2016 Webroot Phishing Threat Trends An update to the 2016 Threat Brief Introduction Who would ever fall for that? That s what many people think when they see a phishing attempt, since less advanced
More informationSpam Protection Guide
Spam Email Protection Guide Version 1.0 Last Modified 5/29/2014 by Mike Copening Contents Overview of Spam at RTS... 1 Types of Spam... 1 Spam Tricks... 2 Imitation of 3 rd Party Email Template... 2 Spoofed
More informationCYBER THREATS: REAL ESTATE FRAUD ADVISORY COUNCIL
CYBER THREATS: REAL ESTATE FRAUD ADVISORY COUNCIL RAHUL GUPTA SENIOR DEPUTY DISTRICT ATTORNEY ORANGE COUNTY DISTRICT ATTORNEYS OFFICE CELL: 714-345-7722 EMAIL: rahul.gupta@da.ocgov.com DAVE WHITE INVESTIGATOR
More informationWhen you provide personal information to us it will only be used in the ways described in this privacy policy.
Website Privacy Policy Overview Welcome to this Global Payroll Management Institute website, owned and produced by the Global Payroll Management Institute, Inc. (GPMI). Our website is available to all
More informationAdobe Security Survey
Adobe Security Survey October 2016 Edelman + Adobe INTRODUCTION Methodology Coinciding with National Cyber Security Awareness Month (NCSAM), Edelman Intelligence, on behalf of Adobe, conducted a nationally
More informationCSE 484 / CSE M 584: Computer Security and Privacy. Usable Security. Fall Franziska (Franzi) Roesner
CSE 484 / CSE M 584: Computer Security and Privacy Usable Security Fall 2017 Franziska (Franzi) Roesner franzi@cs.washington.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner,
More informationCyber Security Practice Questions. Varying Difficulty
Cyber Security Practice Questions Varying Difficulty 1 : This is a class of programs that searches your hard drive and floppy disks for any known or potential viruses. A. intrusion detection B. security
More informationQuick recap on ing Security Recap on where to find things on Belvidere website & a look at the Belvidere Facebook page
Workshop #7 Email Security Previous workshops 1. Introduction 2. Smart phones & Tablets 3. All about WatsApp 4. More on WatsApp 5. Surfing the Internet 6. Emailing Quick recap on Emailing Email Security
More informationFACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? L QUESTIONS?
FACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit
More informationPhishing: When is the Enemy
Phishing: When E-mail is the Enemy Phishing, once only a consumer worry, is creating headaches for e-mail administrators as businesses become the next target. CONTENTS Understanding the Enemy 2 Three Things
More informationPhishing. Eugene Davis UAH Information Security Club April 11, 2013
Phishing Eugene Davis UAH Information Security Club April 11, 2013 Overview A social engineering attack in which the attacker impersonates a trusted entity Attacker attempts to retrieve privileged information
More informationPIN / Password Security
PIN / Password Security www.gatewaycu.com.au INDEX PIN / Password Security 2 Protection of Information 3 Keep Informed 3 Your Protection 4 Online Banking Security 5 Visa Debit Card Security 6 Electronic
More informationCyber Security Guide. For Politicians and Political Parties
Cyber Security Guide For Politicians and Political Parties Indian Election Integrity Initiative Design by ccm.design Cover Image by Paul Dufour Helping to Safeguard the Integrity of the Electoral Process
More informationThe Dilemma: Junk, Spam, or Phishing? How to Classify Unwanted s and Respond Accordingly
The Email Dilemma: Junk, Spam, or Phishing? How to Classify Unwanted Emails and Respond Accordingly Anyone who has used email has experienced this: You open up an email and immediately recognize it s not
More information1 of 11 10/1/ :26 AM
1 of 11 10/1/2010 12:26 AM About Us Careers Calculators Contact Us Search Home Your Money HQ ID Theft & Fraud FRAUD ALERT E-mail Scams ID Theft and Fraud Avoid Becoming a Victim What To Do If You Are a
More informationPhishing Activity Trends
Phishing Activity Trends Report for the Month of September, 2007 Summarization of September Report Findings The total number of unique phishing reports submitted to APWG in September 2007 was 38,514, an
More informationManually Create Phishing Page For Facebook 2014
Manually Create Phishing Page For Facebook 2014 While you are creating phishing page manually you have to do a lot of work Web Templates -- For importing premade template for Gmail, Facebook from SET.
More informationManaging IT Risk: What Now and What to Look For. Presented By Tina Bode IT Assurance Services
Managing IT Risk: What Now and What to Look For Presented By Tina Bode IT Assurance Services Agenda 1 2 WHAT TOP TEN IT SECURITY RISKS YOU CAN DO 3 QUESTIONS 2 IT S ALL CONNECTED Introduction All of our
More information10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS
10 KEY WAYS THE FINANCIAL SERVICES INDUSTRY CAN COMBAT CYBER THREATS WHITE PAPER INTRODUCTION BANKS ARE A COMMON TARGET FOR CYBER CRIMINALS AND OVER THE LAST YEAR, FIREEYE HAS BEEN HELPING CUSTOMERS RESPOND
More informationWhitepaper on AuthShield Two Factor Authentication with SAP
Whitepaper on AuthShield Two Factor Authentication with SAP By AuthShield Labs Pvt. Ltd Table of Contents Table of Contents...2 1.Overview...4 2. Threats to account passwords...5 2.1 Social Engineering
More informationATTACHMENTS, INSERTS, AND LINKS...
Conventions used in this document: Keyboard keys that must be pressed will be shown as Enter or Ctrl. Objects to be clicked on with the mouse will be shown as Icon or. Cross Reference Links will be shown
More informationSafety and Security. April 2015
Safety and Security April 2015 Protecting your smartphone and your data 2 Set a passcode on your smartphone For some smartphone models: 1. Go to Settings. 2. Tap ID & Passcode. 3. Set a 4-digit passcode.
More informationProvide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any
OWASP Top 10 Provide you with a quick introduction to web application security Increase you awareness and knowledge of security in general Show you that any tester can (and should) do security testing
More informationDesigning a Software that Detect and Block Phishing Attacks
Designing a Software that Detect and Block Phishing Attacks 1 Priyanka R. Raut, 2 Samiksha Bharne Abstract Phishing is a significant security threat to the Internet, which causes tremendous economic lost
More informationWebsite Validity DOING QUALITY RESEARCH MR. ERFURTH, 2015
Website Validity DOING QUALITY RESEARCH MR. ERFURTH, 2015 Today s Goal Students can determine the validity and value of information they find on the internet while researching. Open Web vs. Paid Resources
More informationPhishing Activity Trends Report August, 2006
Phishing Activity Trends Report, 26 Phishing is a form of online identity theft that employs both social engineering and technical subterfuge to steal consumers' personal identity data and financial account
More informationKeep the Door Open for Users and Closed to Hackers
Keep the Door Open for Users and Closed to Hackers A Shift in Criminal Your Web site serves as the front door to your enterprise for many customers, but it has also become a back door for fraudsters. According
More informationCAREERBUILDER.COM - PRIVACY POLICY
Effective Date: September 15, 2010 CareerBuilder, LLC and its subsidiaries and divisions (collectively, CareerBuilder, We or Our ) has drafted its Privacy Policy to ensure that you can use CareerBuilder
More informationSouth Central Power Stop Scams
Don t get tricked. People around the country have been receiving emails and phone calls from scammers. South Central Power wants to help you keep your money and prevent scams. Review the helpful tips below.
More informationPhishing for Dollars
Chapter 7 Phishing for Dollars Takumi s Trouble in Tokyo In May 2006, 14-year-old Takumi of Nagoya, Tokyo, became the first Japanese minor charged with the Internet crime of phishing. Takumi tricked users
More informationANNUAL SECURITY AWARENESS TRAINING 2012
UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff ANNUAL SECURITY AWARENESS TRAINING 2012 NETWORK AND COMPUTER USE POLICY Users of information technology
More informationIntroduction to
Introduction to E-mail Ramsey County Library Maplewood Library 3025 Southlawn Drive Maplewood, MN 55109 651-704-2033 Mounds View Library 2576 County Hwy. 10 Mounds View, MN 55112 763-717-3272 New Brighton
More informationThe Rise of Phishing. Dave Brunswick Tumbleweed Communications Anti-Phishing Working Group
The Rise of Phishing Dave Brunswick Tumbleweed Communications Anti-Phishing Working Group 2 The Anti-Phishing Working Group Industry association focused on eliminating identity theft and fraud from the
More informationSecurity Practices & File Encryption
Welcome Clients of Mariner Wealth Advisors Cybersecurity Education Series Email Security Practices & File Encryption Content provided by Presenter: Ray Cool, CEO PBSI Technology Solutions Webinar will
More informationFurl Furled Furling. Social on-line book marking for the masses. Jim Wenzloff Blog:
Furl Furled Furling Social on-line book marking for the masses. Jim Wenzloff jwenzloff@misd.net Blog: http://www.visitmyclass.com/blog/wenzloff February 7, 2005 This work is licensed under a Creative Commons
More informationI G H T T H E A G A I N S T S P A M. ww w.atmail.com. Copyright 2015 atmail pty ltd. All rights reserved. 1
T H E F I G H T A G A I N S T S P A M ww w.atmail.com Copyright 2015 atmail pty ltd. All rights reserved. 1 EXECUTIVE SUMMARY IMPLEMENTATION OF OPENSOURCE ANTI-SPAM ENGINES IMPLEMENTATION OF OPENSOURCE
More informationUsable Security: Phishing
Usable Security: Phishing Dr. Kirstie Hawkey Content from: - Teaching Usable Privacy and Security: A guide for instructors (http:// cups.cs.cmu.edu/course-guide/) - some slides/content from Dr. Lorrie
More information