phishing

Attack

Submitted BY
Name : Nityananda Jena
Redgno:2121326049
Sem:6th
Branch :CSE
GANDHI INSTITUTE FOR EDUCATION AND TECHNOLOGY
 TABLE OF CONTENTS

 INTRODUCTION

 WHAT IS PHISHING

 HOW DOES PHISHING WORK ?

 PHISHING EXAMPLES

 WHAT ARE THE DANGER OF PHISHING ATTACK

 TYPES OF PHISHING

 HOW DO I PROTECT AGAINST PHISHING ATTACK

 CONCLUSIONN
 introduction
- Let's delve into the world of Phishing Attacks and enhance our knowledge in the realm of cybersecurity.
 Phishing is the most powerful and popular
attack in the Hacking World.
 On the average around 30,000 Phishing attack
preformed
Every Day.
 Every year ,most of the biggest cyber crime
case involve this attack.
 So we must know what is phishing and how to
protect your accounts from phishing attack.
WHAT IS PHISHING ?

2019

 Phishing is the act of fooling a computer user in

to submitting personal information by creating a
counterfeit it website that looks like a real (and
trusted) site.
 It is a hacker technique of “fishing” for password and
other secret financial information .
 WHAT IS PHISHING ?

 It is type of cybercrime in which a cyber criminal sends

fraudulent email or text messages that appear to be form
a legitimate source such as a bank , Credit card company
, or goverment agency.
 The goal of phishing trick the recipient into clicking on a
malicious link or providing sensitive information such as
credentials or credit card number and more sensitive
information .
.
 HOW DOES PHISHING WORK
Attacker sends an email

VICTIM
ATTACKER 1

Attacker collects
victims credentials
2 Victim click on the
email and goes to
the phishing
website
Attacker use 3
victim
credentials to
access a
website PHISHING WEBSITE

Internet Service Providers

LEGITIMATE WEBSITE Governments
EXAMPLE OF PHISHING
EXAMPLE OF PHISHING
EXAMPLE OF PHISHING
EXAMPLE OF PHISHING
 TYPE OF PHISHING
DECEPTIVE PHISHING

SPERAR PHISHING

SECURITY

PHARMING
. WHALING
• Infographic Style TYPE OF PHISHING
DECEPTIVE PHISHING

 Sending a deceptive E-mail, in bulk with a “call to

action” that demands the recipient click on a link
Simple Portfolio Presentation
 In this case an attacker attempts to obtain
confidential information from the victims
Simple Portfolio
 Attackers use the information to steal money or to
launch other attacks,

 E . Presentation
Portfolio G A fake
email from a bank asking you to click a
link and verify your account details.
 TYPE OF PHISHING
SPEAR PHISHING

 Spear phishing targets specific individuals instead of a

wide group of people .

 Attackers often research their victims on social media

and other sites.

 That way , they can customize their communication

and appear more authentic .

 Spear phishing is often the first step used to penetrate

a
Company’s defenses and carry out a targeted attack.
 TYPE OF PHISHING
WHALING

 When attackers go after a “big fish” like CEO its called

whaling .

 These attackers often spend considerable time profiling

the target to find the opportune moment and means of
stealing login credentials .

 Whaling is of particular concern because high-level

executives are able to access a great deal of company
information .
 TYPE OF PHISHING
PHARMING
 Similar to phishing . Pharming sends user to a
fraudulent website that appears to be legitimate .

 However , in this case victim do not even have to

click a malicious link to be taken to the bogus site .

 Attackers can infect either the user’s computer or

the website’s DNS server and redirect the user to a
fake site even
If the correct URL is typed in .
WHAT THE ARE DANGERS OF PHISHING
ATTACKS ?
Sometimes attackers are satisfied with getting a
victim’s credit card information or other
personal data for financial gain

Other times , phishing E-mails are sent to obtain

employee login information or other details for
use in an advanced attack against a specific
company .
HOW DO I PROTECT AGAINST PHISHING
ATTACK ?
USER EDUCATION

One way to protect your organization form

phishing is user education .

Education is should involve all employees.

High-level executives are often a target teach

them how to recognize a phishing E-mail and
what to do when they receive one .

Simulation exercises are also key for assessing

how your employees react to a staged phishing
,attack .
.
 SECURITY TECHNOLOGY

No single cyber security technology can prevent

phishing attacks.

Instead , organization must take a layered approach to

reduce the number of attacks and lessen their impact
when they do occur .

Network security technologies that should be

implemented include email and web security ,malware
protection , user behaviour monitoring and access
control .
CAUSES OF PHISHING
Misleading E-mails .

No check of source address .

. Vulnerability in browsers

No strong authentication at websites of banks and

financial institutions .

Limited use of digital signature.

Non-availability of secure desktop tools

Lack of user awareness

Vulnerability in application .
EFFECTS OF PHISHING

 Internet Fraud

Identity Theft .

Financial Loss To The Original Institutions .

Difficulties in Law Enforcement Investigation

Erosion Of Public Trust In The Internet .

CONCLUSION

No single technology will complete stop phishing .

However, a combination of good organization and practice

,proper application of current technologies . And
improvements in security technology has the potential to
drastically reduce the prevalence of phishing and the
losses suffered form it .
THANK YOU