phishing
Download
Skip this Video
Download Presentation
Phishing

Loading in 2 Seconds...

play fullscreen
1 / 17

Phishing - PowerPoint PPT Presentation


  • 149 Views
  • Uploaded on

Phishing. By The Blank Mind Group. Darrell Fraser Kuo-Luen Chang. Dana Fellows Jason Kohut Rick Barton Darrell Fraser Kuo-Luen Chang. Phishing . Definition History Problematic Behaviors Laws Compliance Guidelines Penalties Current Management Application

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Phishing' - gilon


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
phishing

Phishing

By The Blank Mind Group

Darrell Fraser

Kuo-Luen Chang

Dana Fellows

Jason Kohut

Rick Barton

Darrell Fraser

Kuo-Luen Chang

phishing1
Phishing
  • Definition
  • History
  • Problematic Behaviors
  • Laws
  • Compliance Guidelines
  • Penalties
  • Current Management Application
  • Client Based Anti-Phishing Programs
phishing a definition
Phishing – A definition
  • According to Merriam-Webster, “phishing” is “a scam by which an email user is duped into revealing personal or confidential information which the scammer can use illicitly.”
  • Wikipedia states “in the field of computer security phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords, and credit card details by masquerading as a trustworthy entity in electronic communication.”
two variations of phishing
Two Variations of Phishing

When phishers personalize their attacks to their intended targets to increase the probability of success.

A sneaky attempt by scammers to hijack the personal computers of top-ranking business executives.

history of phishing
History of Phishing
  • Phishing has existed in different forms for years
laws federal
Laws: Federal
  • Federal Level
    • CAN-SPAM (Controlling the Assault of Non-Solicited Pornography And Marketing) Act of 2003
      • Signed into law by George W. Bush
      • Sets standards for sending commercial email
      • It is a misdemeanor to send spam with falsified header information!
laws federal con t
Laws: Federal, Con’t
  • Anti-Phishing Act of 2004(never got past committee)
    • Introduced by Senator Patrick Leahy
  • Anti-Phishing Act of 2005(never enacted)
    • This law, had it passed, would have placed large fines and lengthy prison sentences for “fake websites and bogus websites” developed for the purpose of defrauding individuals
    • First law to differentiate and target “phishing” specifically
laws state and local
Laws: State and Local
  • No State/Local Laws in Missouri
    • Other states have enacted laws within their borders.
  • Federal Laws Control Phishing because it’s Interstate Fraud
  • Phishing has not yet been addressed by the lawmakers of Missouri
laws commercial compliance
Laws: Commercial Compliance
  • Commercial email allowed as long as it conforms to three types of compliances:
recent phishing attempts
Recent Phishing Attempts
  • Social Networking Websites
    • Due to their popularity, social networking websites have become popular phishing holes.
  • Criminals pretending to be the IRS to attain sensitive information from U.S. taxpayers.
    • IRS Video Warning About Phishing
sample phishing emails
Sample Phishing Emails

After the last annual calculations of your fiscal activity we have determined that you are eligible to receive a tax refund of $63.80. Please submit the tax refund request and allow us 6-9 days in order to process it.

A refund can be delayed for a variety of reasons. For example submitting invalid records or applying after the deadline.

To access the form for your tax refund, please click here

Regards,

Internal Revenue Service

laws commercial compliance con t
Laws: Commercial Compliance, Con’t
  • Compliance #3 – Sending Behavior
penalties
Penalties
  • Jeffrey Brett Goodin
    • First person prosecuted under CAN-SPAM Act
    • Conned AOL customers by sending emails that appeared to be from AOL’s billing department, which required users to reveal their personal and credit card information
    • Sentenced in 2007 to 70 months
    • Ordered to pay over 1 million dollars to his victims.
management applications
Management Applications
  • Management needs to inform employees about the potential threats of phishing and the signs to look for.
    • Don’t give out company login information to suspicious emails.
    • Never login through an email from a business partner if asked. Go to their corporate website and login how you normally would.
client based anti phishing programs
Client Based Anti-Phishing Programs
  • Update internet browsers to the latest versions.
    • Make sure your browser has the SSL (Secure Socket Layer) certificate selected.
  • Computer Security Programs
    • Avira Premium Security Suite
    • McAfee SiteAdvisor
    • ESET Smart Security
    • Phishtank (SiteChecker)
  • Windows Mail
  • eBay Toolbar
conclusion
Conclusion
  • Definition
  • History
  • Problematic Behaviors
  • Laws
  • Compliance Guidelines
  • Penalties
  • Current Management Application
  • Client Based Anti-Phishing Programs
ad