SlideShare a Scribd company logo

Phishing

Download as PPTX, PDF
Naval OPSEC
Naval OPSEC
EducationNews & PoliticsTechnology
1 of 12
Navy IO Center of Excellence Phishing Awareness Naval OPSEC Support Team (NOST) Navy Information Operations Command (NIOC) Norfolk (757) 417-7100 DSN 537 OPSEC@navy.mil www.nioc-norfolk.navy.mil http://www.facebook.com/NavalOPSEC UNCLASSIFIED//FOUO Updated: 27 Mar 2013
Phishing Navy IO Center of Excellence Phishing is an illegal activity using social engineering techniques to fraudulently solicit sensitive information or install malicious software. Phishing attempts solicit sensitive information such as usernames, passwords, personal information, military operations details, financial information and so on. Phishing emails can also include malicious links or attachments. Common phishing techniques: - Phishing - Spear phishing - Whaling - Vishing - Smishing UNCLASSIFIED//FOUO
What is phishing? Navy IO Center of Excellence Phishing: An email scam intended to lure a user into providing sensitive information. • Yahoo link URL spoofing • A fake or forged URL which impersonates a legitimate website. • Requests credit card information • Threatens service interruption UNCLASSIFIED//FOUO
What is spear phishing? Navy IO Center of Excellence Spear phishing: A targeted scam directed at a specific person or department. • Addresses the target/recipient by name or other personal detail • Attacker generally references specific personal information about the target. • Emails appear legitimate • References factually correct details, operational terms, etc. Malicious URL • Links or attachments malicious in nature. • Viruses, malware, URL spoofing UNCLASSIFIED//FOUO
What is whaling? Navy IO Center of Excellence Whaling: A phishing scam directed specifically at high ranking officers or other high profile targets within the government, military or business. • Addresses the high profile target by name or other personal detail • Attacker knows specific personal information about the target. • Emails appear legitimate • Include specific, accurate details, such as names and operational details, to stress legitimacy. Download includes a keystroke logger virus • Links or attachments malicious in nature. • Viruses, malware, URL spoofing UNCLASSIFIED//FOUO
What is vishing? Navy IO Center of Excellence Vishing: A phone scam intended to lure a user into providing sensitive personal information. • Typically solicit personal information through scare tactics • Warns of credit card fraud, instruct target to provide account details to prove identity • Callers often imitate legitimate call centers • Target specific, critical details • Financial information, operational dates, locations, etc. UNCLASSIFIED//FOUO
What is smishing? Navy IO Center of Excellence Smishing: A phishing scam that sends bogus text messages to mobile phones. • Direct a target to call a number or link to a website. • Personal, sensitive information is requested • Malicious websites install malware on mobile devices, collect sensitive information • Callers often imitate legitimate call centers • Target specific, critical details • Financial information, operational dates, locations, etc UNCLASSIFIED//FOUO
What is sextortion? Navy IO Center of Excellence Sextortion: Sexual exploitation as a means of blackmail or extortion. • Sexually explicit content obtained through enticement or theft is leveraged against a person. • Money • Sex • Information • Extortionists commonly find targets on: • Social networking sites • Mobile applications (i.e. instagram) • Private chat messages & chat rooms • Web cams UNCLASSIFIED//FOUO
Identifying a phishing scam Navy IO Center of Excellence Phishing scams tend to have common characteristics which make them easy to identify. • Spelling and punctuation errors. • Include a redirect to malicious URL’s which require you input usernames and passwords to access. • Scare tactics to entice a target to provide personal information or follow links. • Sensational subject lines to entice targets to click on attached links or provide personal information. • Try to appear genuine by using legitimate operational terms, key words and accurate personal information. • Fake or unknown sender. UNCLASSIFIED//FOUO
How to avoid a phishing scam Navy IO Center of Excellence Protect yourself from phishing scams: • Do not register official government/.mil email accounts with any commercial websites. • Patch/update web browsers as needed. • Beware the unknown sender or sensational subject line. • You will never get a free iPad, don’t fill anything out. • When in doubt, call your financial institutions to verify if your account has been compromised. • Do not follow links included in emails or text messages, use a known good link instead. • Digitally sign and encrypt emails where ever possible. • Only follow links or download attachments from digitally signed emails. • Do not follow links to unsubscribe from spam, simply mark as spam and delete. • Do not make security challenge answers for account validation easy to guess/learn details. UNCLASSIFIED//FOUO
Digital signatures & encryption Navy IO Center of Excellence UNCLASSIFIED//FOUO
Questions? Navy IO Center of Excellence Naval OPSEC Support Team (NOST) Navy Information Operations Command (NIOC) Norfolk (757) 417-7100 DSN 537 OPSEC@navy.mil www.nioc-norfolk.navy.mil http://www.facebook.com/NavalOPSEC UNCLASSIFIED//FOUO

Recommended

2 phishing
2 phishing2 phishing
2 phishingYadavalli Thripura
 
Phishing
PhishingPhishing
Phishingdefquon
 
Managing identity frauds
Managing identity fraudsManaging identity frauds
Managing identity fraudsEddy Cormon
 
Why do THEY want your digital devices?
Why do THEY want your digital devices?Why do THEY want your digital devices?
Why do THEY want your digital devices?ESET
 
Module 2 threats-b
Module 2 threats-bModule 2 threats-b
Module 2 threats-bBbAOC
 
Pp8
Pp8Pp8
Pp8BAILEYP
 
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)Nuzhat Memon
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposedtamfin
 

Recommended

2 phishing
2 phishing2 phishing
2 phishingYadavalli Thripura
 
Phishing
PhishingPhishing
Phishingdefquon
 
Managing identity frauds
Managing identity fraudsManaging identity frauds
Managing identity fraudsEddy Cormon
 
Why do THEY want your digital devices?
Why do THEY want your digital devices?Why do THEY want your digital devices?
Why do THEY want your digital devices?ESET
 
Module 2 threats-b
Module 2 threats-bModule 2 threats-b
Module 2 threats-bBbAOC
 
Pp8
Pp8Pp8
Pp8BAILEYP
 
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)
Std 12 Computer Chapter 5 Introduction to Mcommerce (Part 2)Nuzhat Memon
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposedtamfin
 
OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
Day 3
Day 3Day 3
Day 3sefreed
 
Ventajas de la biodiversidad
Ventajas de la biodiversidadVentajas de la biodiversidad
Ventajas de la biodiversidadCARRANZA41255782
 
Day 2
Day 2Day 2
Day 2sefreed
 
Uk computer emergency response team (cert) introduction to social engineering
Uk computer emergency response team (cert) introduction to social engineeringUk computer emergency response team (cert) introduction to social engineering
Uk computer emergency response team (cert) introduction to social engineeringPublicLeaker
 
Link Baiting
Link BaitingLink Baiting
Link BaitingRaghavan Parthasarathy
 
An Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet SniffingAn Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet Sniffingijcses
 
Phishing-Email-Fraud-General
Phishing-Email-Fraud-GeneralPhishing-Email-Fraud-General
Phishing-Email-Fraud-GeneralAndrew Voorhies
 
Dossier de Capacidades de I+D+i del CITIC
Dossier de Capacidades de I+D+i del CITICDossier de Capacidades de I+D+i del CITIC
Dossier de Capacidades de I+D+i del CITICCITIC - Centro de Investigación en Tecnologías de la Información y las Comunicaciones
 
Wired concept ppt-restaurants-fezz
Wired concept ppt-restaurants-fezzWired concept ppt-restaurants-fezz
Wired concept ppt-restaurants-fezzFaisal Khan
 
User Manual Tobii X120
User Manual Tobii X120User Manual Tobii X120
User Manual Tobii X120Acuity ETS Limited
 
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...AiTi Education
 
Milipol 2013
Milipol 2013Milipol 2013
Milipol 2013Bretagne Commerce International
 
Programa historia de la medicina Universidad Catolica Nordestana
Programa historia de la medicina Universidad Catolica NordestanaPrograma historia de la medicina Universidad Catolica Nordestana
Programa historia de la medicina Universidad Catolica NordestanaJorge Amarante
 
wasilewski
wasilewskiwasilewski
wasilewskiAdam Wasilewski
 
Fondos publicos (5)
Fondos publicos (5)Fondos publicos (5)
Fondos publicos (5)Gasppro Consultores
 
Curso online - Administracion de infraestructuras de red cisco
Curso online - Administracion de infraestructuras de red ciscoCurso online - Administracion de infraestructuras de red cisco
Curso online - Administracion de infraestructuras de red ciscoSantiago García Arroyo
 
Hypnose lernen Buch
Hypnose lernen BuchHypnose lernen Buch
Hypnose lernen Buchsuperantix
 
Loan Fund Annual Report 2014
Loan Fund Annual Report 2014Loan Fund Annual Report 2014
Loan Fund Annual Report 2014Seth Asimakos
 
Montana Farmers Market EBT Manual
Montana Farmers Market EBT ManualMontana Farmers Market EBT Manual
Montana Farmers Market EBT ManualElisaMendelsohn
 
phishing.pptx
phishing.pptxphishing.pptx
phishing.pptxReenuMariaBinoy1
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxStephen Jesukanth Martin
 

More Related Content

Viewers also liked

OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMENNaval OPSEC
 
Ventajas de la biodiversidad
Ventajas de la biodiversidadVentajas de la biodiversidad
Ventajas de la biodiversidadCARRANZA41255782
 
Uk computer emergency response team (cert) introduction to social engineering
Uk computer emergency response team (cert) introduction to social engineeringUk computer emergency response team (cert) introduction to social engineering
Uk computer emergency response team (cert) introduction to social engineeringPublicLeaker
 
An Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet SniffingAn Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet Sniffingijcses
 
Phishing-Email-Fraud-General
Phishing-Email-Fraud-GeneralPhishing-Email-Fraud-General
Phishing-Email-Fraud-GeneralAndrew Voorhies
 
Wired concept ppt-restaurants-fezz
Wired concept ppt-restaurants-fezzWired concept ppt-restaurants-fezz
Wired concept ppt-restaurants-fezzFaisal Khan
 
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...AiTi Education
 
Programa historia de la medicina Universidad Catolica Nordestana
Programa historia de la medicina Universidad Catolica NordestanaPrograma historia de la medicina Universidad Catolica Nordestana
Programa historia de la medicina Universidad Catolica NordestanaJorge Amarante
 
Curso online - Administracion de infraestructuras de red cisco
Curso online - Administracion de infraestructuras de red ciscoCurso online - Administracion de infraestructuras de red cisco
Curso online - Administracion de infraestructuras de red ciscoSantiago García Arroyo
 
Hypnose lernen Buch
Hypnose lernen BuchHypnose lernen Buch
Hypnose lernen Buchsuperantix
 
Loan Fund Annual Report 2014
Loan Fund Annual Report 2014Loan Fund Annual Report 2014
Loan Fund Annual Report 2014Seth Asimakos
 
Montana Farmers Market EBT Manual
Montana Farmers Market EBT ManualMontana Farmers Market EBT Manual
Montana Farmers Market EBT ManualElisaMendelsohn
 

Viewers also liked (20)

OPSEC for OMBUDSMEN
OPSEC for OMBUDSMENOPSEC for OMBUDSMEN
OPSEC for OMBUDSMEN
 
Day 3
Day 3Day 3
Day 3
 
Ventajas de la biodiversidad
Ventajas de la biodiversidadVentajas de la biodiversidad
Ventajas de la biodiversidad
 
Day 2
Day 2Day 2
Day 2
 
Uk computer emergency response team (cert) introduction to social engineering
Uk computer emergency response team (cert) introduction to social engineeringUk computer emergency response team (cert) introduction to social engineering
Uk computer emergency response team (cert) introduction to social engineering
 
Link Baiting
Link BaitingLink Baiting
Link Baiting
 
An Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet SniffingAn Approach to Detect Packets Using Packet Sniffing
An Approach to Detect Packets Using Packet Sniffing
 
Phishing-Email-Fraud-General
Phishing-Email-Fraud-GeneralPhishing-Email-Fraud-General
Phishing-Email-Fraud-General
 
Dossier de Capacidades de I+D+i del CITIC
Dossier de Capacidades de I+D+i del CITICDossier de Capacidades de I+D+i del CITIC
Dossier de Capacidades de I+D+i del CITIC
 
Wired concept ppt-restaurants-fezz
Wired concept ppt-restaurants-fezzWired concept ppt-restaurants-fezz
Wired concept ppt-restaurants-fezz
 
User Manual Tobii X120
User Manual Tobii X120User Manual Tobii X120
User Manual Tobii X120
 
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...
[Vietnam Mobile Day 2014] The new mobile marketing channel: Social Wifi Marke...
 
Milipol 2013
Milipol 2013Milipol 2013
Milipol 2013
 
Programa historia de la medicina Universidad Catolica Nordestana
Programa historia de la medicina Universidad Catolica NordestanaPrograma historia de la medicina Universidad Catolica Nordestana
Programa historia de la medicina Universidad Catolica Nordestana
 
wasilewski
wasilewskiwasilewski
wasilewski
 
Fondos publicos (5)
Fondos publicos (5)Fondos publicos (5)
Fondos publicos (5)
 
Curso online - Administracion de infraestructuras de red cisco
Curso online - Administracion de infraestructuras de red ciscoCurso online - Administracion de infraestructuras de red cisco
Curso online - Administracion de infraestructuras de red cisco
 
Hypnose lernen Buch
Hypnose lernen BuchHypnose lernen Buch
Hypnose lernen Buch
 
Loan Fund Annual Report 2014
Loan Fund Annual Report 2014Loan Fund Annual Report 2014
Loan Fund Annual Report 2014
 
Montana Farmers Market EBT Manual
Montana Farmers Market EBT ManualMontana Farmers Market EBT Manual
Montana Farmers Market EBT Manual
 

Similar to Phishing

Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxStephen Jesukanth Martin
 
Beware of Phishing Scams
Beware of Phishing ScamsBeware of Phishing Scams
Beware of Phishing ScamsNoel Waterman
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldAvishek Datta
 

Similar to Phishing (6)

phishing.pptx
phishing.pptxphishing.pptx
phishing.pptx
 
Phishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptxPhishing Whaling and Hacking Case Studies.pptx
Phishing Whaling and Hacking Case Studies.pptx
 
Phishing and prevention
Phishing and preventionPhishing and prevention
Phishing and prevention
 
Beware of Phishing Scams
Beware of Phishing ScamsBeware of Phishing Scams
Beware of Phishing Scams
 
edu 3 ppt.pptx
edu 3 ppt.pptxedu 3 ppt.pptx
edu 3 ppt.pptx
 
Phishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark WorldPhishing--The Entire Story of a Dark World
Phishing--The Entire Story of a Dark World
 

More from Naval OPSEC

Twitter 11 mar15
Twitter 11 mar15Twitter 11 mar15
Twitter 11 mar15Naval OPSEC
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Naval OPSEC
 
Smartphone 7 aug14
Smartphone 7 aug14Smartphone 7 aug14
Smartphone 7 aug14Naval OPSEC
 
Smartphone exif removal 30 jul14
Smartphone exif removal 30 jul14Smartphone exif removal 30 jul14
Smartphone exif removal 30 jul14Naval OPSEC
 
Securing home wifi 16 mar15
Securing home wifi 16 mar15Securing home wifi 16 mar15
Securing home wifi 16 mar15Naval OPSEC
 
Photo sharing services 10 mar15
Photo sharing services 10 mar15Photo sharing services 10 mar15
Photo sharing services 10 mar15Naval OPSEC
 
Opt out-3 jul2014
Opt out-3 jul2014Opt out-3 jul2014
Opt out-3 jul2014Naval OPSEC
 
Online registration 25 aug14
Online registration 25 aug14Online registration 25 aug14
Online registration 25 aug14Naval OPSEC
 
Mobile wallets 5 nov14
Mobile wallets 5 nov14Mobile wallets 5 nov14
Mobile wallets 5 nov14Naval OPSEC
 
Linked in 10mar15
Linked in 10mar15Linked in 10mar15
Linked in 10mar15Naval OPSEC
 
Identity theft 10 mar15
Identity theft 10 mar15Identity theft 10 mar15
Identity theft 10 mar15Naval OPSEC
 
Google plus 10 mar15
Google plus 10 mar15Google plus 10 mar15
Google plus 10 mar15Naval OPSEC
 
Facebook mobile 11mar15
Facebook mobile 11mar15Facebook mobile 11mar15
Facebook mobile 11mar15Naval OPSEC
 
Facebook 10 mar15
Facebook 10 mar15Facebook 10 mar15
Facebook 10 mar15Naval OPSEC
 
Anonymous email 26 aug14
Anonymous email 26 aug14Anonymous email 26 aug14
Anonymous email 26 aug14Naval OPSEC
 
Child safety 16 jun14
Child safety 16 jun14Child safety 16 jun14
Child safety 16 jun14Naval OPSEC
 
Opsec & sns for distro (no vid)
Opsec & sns for distro (no vid)Opsec & sns for distro (no vid)
Opsec & sns for distro (no vid)Naval OPSEC
 
FB Privacy Settings Jan 2015
FB Privacy Settings Jan 2015FB Privacy Settings Jan 2015
FB Privacy Settings Jan 2015Naval OPSEC
 

More from Naval OPSEC (20)

Twitter 11 mar15
Twitter 11 mar15Twitter 11 mar15
Twitter 11 mar15
 
Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14Traveling safely with smartphones 16 jun14
Traveling safely with smartphones 16 jun14
 
Smartphone 7 aug14
Smartphone 7 aug14Smartphone 7 aug14
Smartphone 7 aug14
 
Smartphone exif removal 30 jul14
Smartphone exif removal 30 jul14Smartphone exif removal 30 jul14
Smartphone exif removal 30 jul14
 
Securing home wifi 16 mar15
Securing home wifi 16 mar15Securing home wifi 16 mar15
Securing home wifi 16 mar15
 
Photo sharing services 10 mar15
Photo sharing services 10 mar15Photo sharing services 10 mar15
Photo sharing services 10 mar15
 
Opt out-3 jul2014
Opt out-3 jul2014Opt out-3 jul2014
Opt out-3 jul2014
 
Online registration 25 aug14
Online registration 25 aug14Online registration 25 aug14
Online registration 25 aug14
 
Mobile wallets 5 nov14
Mobile wallets 5 nov14Mobile wallets 5 nov14
Mobile wallets 5 nov14
 
Linked in 10mar15
Linked in 10mar15Linked in 10mar15
Linked in 10mar15
 
Identity theft 10 mar15
Identity theft 10 mar15Identity theft 10 mar15
Identity theft 10 mar15
 
Google plus 10 mar15
Google plus 10 mar15Google plus 10 mar15
Google plus 10 mar15
 
Facebook mobile 11mar15
Facebook mobile 11mar15Facebook mobile 11mar15
Facebook mobile 11mar15
 
Facebook 10 mar15
Facebook 10 mar15Facebook 10 mar15
Facebook 10 mar15
 
Anonymous email 26 aug14
Anonymous email 26 aug14Anonymous email 26 aug14
Anonymous email 26 aug14
 
Child safety 16 jun14
Child safety 16 jun14Child safety 16 jun14
Child safety 16 jun14
 
Opsec & sns for distro (no vid)
Opsec & sns for distro (no vid)Opsec & sns for distro (no vid)
Opsec & sns for distro (no vid)
 
FB Privacy Settings Jan 2015
FB Privacy Settings Jan 2015FB Privacy Settings Jan 2015
FB Privacy Settings Jan 2015
 
Smartphone
SmartphoneSmartphone
Smartphone
 
Opsec SNS
Opsec SNSOpsec SNS
Opsec SNS
 

Recently uploaded

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...EduSkills OECD
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdfQucHHunhnh
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxVS Mahajan Coaching Centre
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 

Recently uploaded (20)

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptxINDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
INDIA QUIZ 2024 RLAC DELHI UNIVERSITY.pptx
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptxOrganic Name Reactions for the students and aspirants of Chemistry12th.pptx
Organic Name Reactions for the students and aspirants of Chemistry12th.pptx
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 

Phishing

  • 1. Navy IO Center of Excellence Phishing Awareness Naval OPSEC Support Team (NOST) Navy Information Operations Command (NIOC) Norfolk (757) 417-7100 DSN 537 OPSEC@navy.mil www.nioc-norfolk.navy.mil http://www.facebook.com/NavalOPSEC UNCLASSIFIED//FOUO Updated: 27 Mar 2013
  • 2. Phishing Navy IO Center of Excellence Phishing is an illegal activity using social engineering techniques to fraudulently solicit sensitive information or install malicious software. Phishing attempts solicit sensitive information such as usernames, passwords, personal information, military operations details, financial information and so on. Phishing emails can also include malicious links or attachments. Common phishing techniques: - Phishing - Spear phishing - Whaling - Vishing - Smishing UNCLASSIFIED//FOUO
  • 3. What is phishing? Navy IO Center of Excellence Phishing: An email scam intended to lure a user into providing sensitive information. • Yahoo link URL spoofing • A fake or forged URL which impersonates a legitimate website. • Requests credit card information • Threatens service interruption UNCLASSIFIED//FOUO
  • 4. What is spear phishing? Navy IO Center of Excellence Spear phishing: A targeted scam directed at a specific person or department. • Addresses the target/recipient by name or other personal detail • Attacker generally references specific personal information about the target. • Emails appear legitimate • References factually correct details, operational terms, etc. Malicious URL • Links or attachments malicious in nature. • Viruses, malware, URL spoofing UNCLASSIFIED//FOUO
  • 5. What is whaling? Navy IO Center of Excellence Whaling: A phishing scam directed specifically at high ranking officers or other high profile targets within the government, military or business. • Addresses the high profile target by name or other personal detail • Attacker knows specific personal information about the target. • Emails appear legitimate • Include specific, accurate details, such as names and operational details, to stress legitimacy. Download includes a keystroke logger virus • Links or attachments malicious in nature. • Viruses, malware, URL spoofing UNCLASSIFIED//FOUO
  • 6. What is vishing? Navy IO Center of Excellence Vishing: A phone scam intended to lure a user into providing sensitive personal information. • Typically solicit personal information through scare tactics • Warns of credit card fraud, instruct target to provide account details to prove identity • Callers often imitate legitimate call centers • Target specific, critical details • Financial information, operational dates, locations, etc. UNCLASSIFIED//FOUO
  • 7. What is smishing? Navy IO Center of Excellence Smishing: A phishing scam that sends bogus text messages to mobile phones. • Direct a target to call a number or link to a website. • Personal, sensitive information is requested • Malicious websites install malware on mobile devices, collect sensitive information • Callers often imitate legitimate call centers • Target specific, critical details • Financial information, operational dates, locations, etc UNCLASSIFIED//FOUO
  • 8. What is sextortion? Navy IO Center of Excellence Sextortion: Sexual exploitation as a means of blackmail or extortion. • Sexually explicit content obtained through enticement or theft is leveraged against a person. • Money • Sex • Information • Extortionists commonly find targets on: • Social networking sites • Mobile applications (i.e. instagram) • Private chat messages & chat rooms • Web cams UNCLASSIFIED//FOUO
  • 9. Identifying a phishing scam Navy IO Center of Excellence Phishing scams tend to have common characteristics which make them easy to identify. • Spelling and punctuation errors. • Include a redirect to malicious URL’s which require you input usernames and passwords to access. • Scare tactics to entice a target to provide personal information or follow links. • Sensational subject lines to entice targets to click on attached links or provide personal information. • Try to appear genuine by using legitimate operational terms, key words and accurate personal information. • Fake or unknown sender. UNCLASSIFIED//FOUO
  • 10. How to avoid a phishing scam Navy IO Center of Excellence Protect yourself from phishing scams: • Do not register official government/.mil email accounts with any commercial websites. • Patch/update web browsers as needed. • Beware the unknown sender or sensational subject line. • You will never get a free iPad, don’t fill anything out. • When in doubt, call your financial institutions to verify if your account has been compromised. • Do not follow links included in emails or text messages, use a known good link instead. • Digitally sign and encrypt emails where ever possible. • Only follow links or download attachments from digitally signed emails. • Do not follow links to unsubscribe from spam, simply mark as spam and delete. • Do not make security challenge answers for account validation easy to guess/learn details. UNCLASSIFIED//FOUO
  • 11. Digital signatures & encryption Navy IO Center of Excellence UNCLASSIFIED//FOUO
  • 12. Questions? Navy IO Center of Excellence Naval OPSEC Support Team (NOST) Navy Information Operations Command (NIOC) Norfolk (757) 417-7100 DSN 537 OPSEC@navy.mil www.nioc-norfolk.navy.mil http://www.facebook.com/NavalOPSEC UNCLASSIFIED//FOUO

Editor's Notes

  1. Source: http://www.wired.com/dangerroom/2013/03/air-force-sextortion/