2005 Security Awareness Day - PowerPoint PPT Presentation

1 / 28
About This Presentation
Title:

2005 Security Awareness Day

Description:

'We suspect an unauthorized transaction on your account. To ensure that your account is not ... Discover Card Awareness. Citibank. New Form of Phishing ... – PowerPoint PPT presentation

Number of Views:78
Avg rating:3.0/5.0
Slides: 29
Provided by: kelley8
Category:

less

Transcript and Presenter's Notes

Title: 2005 Security Awareness Day


1
Phishing
  • 2005 Security Awareness Day
  • Kelley Bogart
  • University Information Security Coordinator

2
Have you received an email that says something
like this?
  • We suspect an unauthorized transaction on your
    account. To ensure that your account is not
    compromised, please click the link below and
    confirm your identity.
  • OR
  • During our regular verification of accounts, we
    couldnt verify your information.Please click
    here to update and verify your information.

3
This is a typical phishing attempt
4
Phishing
  • Basically it involves Internet fraudsters who
    send spam or pop-up messages to lure personal
    information (credit card numbers, bank account
    information, Social Security number, passwords,
    or other sensitive information) from unsuspecting
    victims.

5
Stats from Anti-Phishing Working Group
  • phishing scams grew by 33 percent in Oct. 2005
  • 1518 active phishing sites during Oct. 2005
  • phishing Web sites have grown by an average rate
    of 28 percent monthly since July 2005
  • 51 online brands were targeted by phishing scams
    in Oct. 2005

6
EBAY
7
EBAY
8
EBAY
9
EBAY
10
PayPal
11
PayPal
12
PayPal
13
Visa
14
Visa
15
Microsoft
16
Recognizing Phishing
  • False Sense Of Urgency - Threatens to
    "close/suspend your account," or charge a fee.
  • Indirect invitation - "Dear valued customer",
    "Dear reader", "In attention to service name
    here customers.
  • Misspelled or Poorly Written - Helps fraudulent
    e-mails avoid spam filters.

17
Recognizing Phishing
  • Suspicious-Looking Links Pop-Ups Links
    containing all or part of a real company's name
    asking you to submit personal information.
  • Hyperlinks spoofing You see the
    "http//www.yourbank/Login" link in the message,
    but if you hover the mouse cursor over the link,
    you will see that it points to "http//www.spoofed
    banksite.com/Login"

18
Arizona State Credit Union
19
Phishing?
20
Phishing mixed with Spyware
  • With this type of scam, you would be invited to
    click on an image--to get a low-priced item or
    sweepstakes entry, for instance. With that click,
    you'll unknowingly download spyware onto your PC.

21
Discover Card Awareness
22
Citibank
23
New Form of Phishing
  • Unlike a scam which tries to trick you into
    providing personal information.
  • This
  • Executes code
  • Changes your host file
  • Redirects legitimate webpage to spoofed site
  • .and all you did was open an email or view it in
    a preview pane in programs like Microsoft Outlook

24
FTC suggests these tips to help avoid getting
hooked by a phishing scam
  • If you get an email or pop-up message that asks
    for personal or financial information, do not
    reply. And dont click on the link in the
    message, either.
  • Use anti-virus software and a firewall, and keep
    them up to date.
  • Dont email personal or financial information.

25
FTC suggestions (contd)
  • Review credit card and bank account statements as
    soon as you receive them
  • Be cautious about opening any attachment or
    downloading any files from emails
  • Forward spam that is phishing for information to
    spam_at_uce.gov and to the company, bank, or
    organization impersonated in the phishing email.

26
Additional Protection Tips
  • Treat all email with suspicion
  • Never use a link in an email to get to any web
    page
  • Ensure that all of your software is up to date
  • Use anti-spyware detection software on a regular
    basis

27
Additional Protection Tips
  • If you must use your financial information
    online, ensure that you have adequate insurance
    against fraud
  • Be aware or beware.

28
Questions
  • Thanks for joining us
  • Stay for the drawing and be sure to enter into
    the drawing for the 500 American Express Gift
    Card and also the IPOD

More examples available at http//www.antiphishin
g.org
Write a Comment
User Comments (0)
About PowerShow.com