phishing reviews on the hacking and cracking system by ARPIT PATEl

1. Student Name: Arpit Patel
(Enrollment No. 120770107014)
Guide:
Presentation
( Review)
On
PHISHING
Gujarat Technological
UniversitySOCET

5. Contents:
 Definition
 Introduction
 Type of Phishing
 Causes of Phishing
 How to notice Phishing
 Example of Phishing
 Prevention Method
 Conclusion

6.  Phreaking + Fishing = Phishing
- Phreaking = making phone calls for free back in 70’s
- Fishing = Use bait to lure the target
 Phishing in 1995
Target: AOL users
Purpose: getting account passwords for free time
Threat level: low
Techniques: Similar names ( www.ao1.com for www.aol.com ), social
engineering
 Phishing in 2001
Target: Ebayers and major banks
Purpose: getting credit card numbers, accounts
Threat level: medium
Techniques: Same in 1995, keylogger
 Phishing in 2007
Target: Paypal, banks, ebay
Purpose: bank accounts
Threat level: high
Techniques: browser vulnerabilities, link obfuscation
History of Phishing

7. Definition
 It is the act of tricking someone into giving
confidential information (like passwords and
credit card information) on a fake web page.

8. Introduction
 Phishing is way of fraudulenty acquiring sensitive
information using social engineering
 It tries to trick with official looking message
•Credit card
•Bank account
•Facebook id/pw
•Paypal
 some phishing emails also contain malicious or
unwanted software that can track your activities o
slow your computer
 It is comparatively different from SPAM

9. Origin of Phishing Attacks

11. Phishing
Fraudsters
Build fake
site
Send out thousands
Of Phishing E-mails
With link to fake website
Victims click on links in
E-mail believing it is
Legitimate. They enter
personal information
Fraudsters compile The
stolen data and shell it
Online or use it them selves

12. How to notice Phishing?

13.  Artists also use Uniform Resource Locators(URLs)
that resemble the name of a well-known company
or
web-site but are slightly altered by adding, omitting
or transposing letters.
For example, the URL www.microsoft.com could appear
instead as:
www.micosoft.com
www.mircosoft.com
www.verify-microsoft.com

17. “Be alert for spam message”
Don’t open any links in suspicious emails, instant
messages, or chat room messages

18. “Only communicate personal info. Over secure web site”
 Secure website are indicated by a lock on the browser’s
status bar or the prefix
“Https::// ” instead of “Http://”

19. “Never use e-mail to share personal information”

20. “Avoid using email on public computers”
Information from an email is temporarily stored on
computer’s local disk and can be retrieved by another
user if it is not properly deleted

21. “Do not click anything in pop-up window”
 If your browser has a pop-u blocker , enable it.
 Do not Copy any website addresses from a pop-up
window into your computer.

22. “Use security programs to protect your computer”
 Use a spam filter , Anti-spyware program , Anti-virus
program and a firewall. These can be obtained from
a software retailer or the internet.

23. “Check your credit report and financial statement regularly”
Make sure that no unauthorized transaction have been
made and that all item on your credit report are correct.

25. TYPE OF PHISHING
o Deceptive Phishing
o Malware-Based Phishing
o Man in the Middle Phishing
o Search engine Phishing

26. Deceptive Phishing
 Sending a deceptive email, in bulk, with a “call to
action that demands the recipient click on a link.

27. Malware-Based Phishing
 Malware stands for malicious software,
Malware is used to generically describe any
malicious software regardless of its technical
category

28. Man in the Middle Phishing
An attack where attacker gets between the
Sender and receiver of information
(Session Phishing)

29. Search engine Phishing
Create web pages for fake products, get
the pages indexed by search engines,
and wait for users to enter their
confidential information as part of an
order, sign-up, or balance transfer.

30. Causes of Phishing
 Misleading e-mails
 No check of source address
 Vulnerability in browsers
 No strong authentication at websites of
banks and financial institutions
 Limited use of digital signatures
 Non-availability of secure desktop tools
 Lack of user awareness
 Vulnerability in applications
 … and more

31. Existing System
1) Detect and block the phishing
websites in time
2) Enhance the secure of the websites
3) Block the Phishing e-mails by
various spam filter
4) Install online anti-phishing software
in user’s computers

32. Proposed System
1. Classification of the hyperlink in the
phishing e-mail
2. Link guard algorithm
3. Link guard implemented client
4. Feasibility study

33. How to do Search engine
Phishing???

37. And then upload this two file to your website…. 

38. Conclusion
Be Alert,
Be wary,
And
Be Informed ! ! !

39. Thank You
For Your