This presentation is the property of its rightful owner.
Sponsored Links
1 / 17

Phishing PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Phishing. By The Blank Mind Group. Darrell Fraser Kuo-Luen Chang. Dana Fellows Jason Kohut Rick Barton Darrell Fraser Kuo-Luen Chang. Phishing. Definition History Problematic Behaviors Laws Compliance Guidelines Penalties Current Management Application

Download Presentation


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript



By The Blank Mind Group

Darrell Fraser

Kuo-Luen Chang

Dana Fellows

Jason Kohut

Rick Barton

Darrell Fraser

Kuo-Luen Chang



  • Definition

  • History

  • Problematic Behaviors

  • Laws

  • Compliance Guidelines

  • Penalties

  • Current Management Application

  • Client Based Anti-Phishing Programs

Phishing a definition

Phishing – A definition

  • According to Merriam-Webster, “phishing” is “a scam by which an email user is duped into revealing personal or confidential information which the scammer can use illicitly.”

  • Wikipedia states “in the field of computer security phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in electronic communication.”

Two variations of phishing

Two Variations of Phishing

When phishers personalize their attacks to their intended targets to increase the probability of success.

A sneaky attempt by scammers to hijack the personal computers of top-ranking business executives.

History of phishing

History of Phishing

  • Phishing has existed in different forms for years

Problematic enablers

Problematic Enablers

Laws federal

Laws: Federal

  • Federal Level

    • CAN-SPAM (Controlling the Assault of Non-Solicited Pornography And Marketing) Act of 2003

      • Signed into law by George W. Bush

      • Sets standards for sending commercial email

      • It is a misdemeanor to send spam with falsified header information!

Laws federal con t

Laws: Federal, Con’t

  • Anti-Phishing Act of 2004(never got past committee)

    • Introduced by Senator Patrick Leahy

  • Anti-Phishing Act of 2005(never enacted)

    • This law, had it passed, would have placed large fines and lengthy prison sentences for “fake websites and bogus websites” developed for the purpose of defrauding individuals

    • First law to differentiate and target “phishing” specifically

Laws state and local

Laws: State and Local

  • No State/Local Laws in Missouri

    • Other states have enacted laws within their borders.

  • Federal Laws Control Phishing because it’s Interstate Fraud

  • Phishing has not yet been addressed by the lawmakers of Missouri

Laws commercial compliance

Laws: Commercial Compliance

  • Commercial email allowed as long as it conforms to three types of compliances:

Recent phishing attempts

Recent Phishing Attempts

  • Social Networking Websites

    • Due to their popularity, social networking websites have become popular phishing holes.

  • Criminals pretending to be the IRS to attain sensitive information from U.S. taxpayers.

    • IRS Video Warning About Phishing

Sample phishing emails

Sample Phishing Emails

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $63.80. Please submit the tax refund request and allow us 6-9 days in order to process it.

A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.

To access the form for your tax refund, please click here


Internal Revenue Service

Laws commercial compliance con t

Laws: Commercial Compliance, Con’t

  • Compliance #3 – Sending Behavior



  • Jeffrey Brett Goodin

    • First person prosecuted under CAN-SPAM Act

    • Conned AOL customers by sending emails that appeared to be from AOL’s billing department, which required users to reveal their personal and credit card information

    • Sentenced in 2007 to 70 months

    • Ordered to pay over 1 million dollars to his victims.

Management applications

Management Applications

  • Management needs to inform employees about the potential threats of phishing and the signs to look for.

    • Don’t give out company login information to suspicious emails.

    • Never login through an email from a business partner if asked. Go to their corporate website and login how you normally would.

Client based anti phishing programs

Client Based Anti-Phishing Programs

  • Update internet browsers to the latest versions.

    • Make sure your browser has the SSL (Secure Socket Layer) certificate selected.

  • Computer Security Programs

    • Avira Premium Security Suite

    • McAfee SiteAdvisor

    • ESET Smart Security

    • Phishtank (SiteChecker)

  • Windows Mail

  • eBay Toolbar



  • Definition

  • History

  • Problematic Behaviors

  • Laws

  • Compliance Guidelines

  • Penalties

  • Current Management Application

  • Client Based Anti-Phishing Programs

  • Login