Using Measured Security Awareness To Combat Phishing Attacks
Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
-
Upload
rahul-jain -
Category
Internet
-
view
165 -
download
6
Transcript of Phishing attacks, Types Of Phishing Attacks, How To Avoid Phishing Attacks
Made By Rahul Jain
Phishing AttacksProcess of luring a victim to a fake web site by clicking on a link
Presented By :- Rahul JainSubmitted To :- Prof. Sachindra Dubey Sir Prof. Anamika Gupta Mam
Made By Rahul Jain
Examples :-
• Click Here www.luckydraw.com to claim your $10000000 Prize!• Urgent attention of all true bank account holders.
Made By Rahul Jain
Methods Of Phishing Attacks -1
•Impersonation :- Constructing fake Sites and then deceived by visiting.
Made By Rahul Jain
Methods Of Phishing Attacks -2
•Forwarding :- Amazon, Paypal, eBay, When victim login to forwarding link data will upload on hostile’s server
Made By Rahul Jain
Methods Of Phishing Attacks -3
•Popups :- Creative but of Limited Approaches. Behind the popup stealing of data done.
• First discovered during barrage of phishing attacks on city bank in 2003.
Made By Rahul Jain
Types Of Phishing Attacks -1
•Man-In-The-Middle-Phishing :- Hackers Position themselves between user and legitimate websites.
•URL Obfuscation Attacks :- Following attackers hyperlink to the attacker’s server. • A> Bad Domain Names –• B> Friendly Login URL’s -Many web sites use friendly websites to
attack and steal the user’s data the general information is URL://username:password@hostname/path
Made By Rahul Jain
Types Of Phishing Attacks -2
• C> Third Party Shortened URL’s :- Due to length of Complexity of many websites www.smallurl.com
• D> Host Name Obfuscation:- e.g, http://mybank.com:[email protected]/phishing/fakepage.htm
• In some cases, it may be possible to mix formats (e.g, http://0322.0x86/161.0043/)
Made By Rahul Jain
Types Of Phishing Attacks -3
• E> URL Obfuscation :- Obfuscation is the obscuring of intended meaning in communication, making the message confusing, willfully ambiguous, or harder to understand.
Made By Rahul Jain
Types Of Phishing Attacks -4
• E1> Escape Encoding :-• Percent Encoding or Escaped Encoding • Achieved by encoding the character to be intrepid with the character
%.
• E2> Unicode Encoding :- Method of Referencing and storing characters with multiple bytes by providing a unique number.
Made By Rahul Jain
Types Of Phishing Attacks -5
• E3> Inappropriate UTF-8 Encoding :- • Characteristics of preserving the full US-ASCII character range.• %CO, %AE, %FO %FX %80 %80
• E4> Multiple Encoding :- Phishers may further obfuscate the URL information by encoding characters multiple times. • E.g, “\” character may be encoded as %25 originally but could be
extended to %35C or %25C%35C%63
Made By Rahul Jain
Types Of Phishing Attacks -6
• Hidden Attacks - An attacker may make use of HTML, DHTML and Other Scriptable Code.• Whether its man in the middle attack or fake copy of the site hosted
on the attackers own systems. • A> Hidden Frames
Made By Rahul Jain
Types Of Phishing Attacks -7
• Overriding Page Content :-
Made By Rahul Jain
Types Of Phishing Attacks -8
• Deceptive Phishing :- • Malware Based Phishing :- • DNA Based Phishing :-• Content Injection Phishing :-• Search Engine Phishing :-
Made By Rahul Jain
How To Avoid Phishing Attacks -1
• 1. Be Careful About responding To emails that ask you for sensitive information.• 2. Go to The Site Your self, Rather than clicking on links in suspicious
emails. • 3. If You are on sites that asking you to enter sensitive info check for
signs of any thing suspicious.• 4. Be wary of “Fabulous offers” and “fantastic Prizes” that you will
some times Across on web.
Made By Rahul Jain
How To Avoid Phishing Attacks -2
• Use of Browsers that has a phishing filters.
Made By Rahul Jain
Thank You ..!! For Any Query Ask on-- ideasandtechnology.blogspot.in or mail me at -- [email protected]