PHISHING ATTACK

DONE BY
P.M.SUDHARSHAN
ECE-B IIIYR
 CONTENTS:
ABSTRACT
INTRODUCTION
TYPES
APPROACHES TO DETECT PHISHING
HOW TO RECOGNIZE PISHING
How to Protect Yourself From Phishing Attacks
BASIC COUNTER MEASURES TO PROTECT FROM
PHISIHING
CONCLUSION
REFERENCES
 ABSTRACT
Phishing is a treacherous effort to steal private data from
users like address, aadhar number, PAN card details,
credit/debit card details, bank account details, password
for online shopping sites, etc. Pinching or phishing of
private information on the web has caused havoc on a
majority of users due to the lack of internet security.
Phishing attacks make use of fake emails or websites,
intended to fool users into revealing personal or financial
information by posing as the trusted bank/shopping site. A
combination of supervised and unsupervised machine
learning techniques is used to detect known and unknown
attacks.
 INTRODUCTION
 Phishing is a way of fraudulently acquiring sensitive information
using social engineering and technical subterfuge.

 It tries to trick users with official-looking messages

◦ Credit card
◦ Bank account
◦ eBay
◦ Paypal

 Some phishing e-mails also contain malicious or unwanted

software that can track your activities or slow your computer
TYPES
APPROACHES TO DETECT PHISHING
 How to Recognize Phishing

Scammers use email or text messages to trick you into

giving them your personal information.

The FBI’s Internet Crime Complaint Center reported

that people lost $57 million to phishing schemes in
one year.
 How to Protect Yourself From Phishing
Attacks
Scammers are always trying to outsmart spam filters, so it’s
a good idea to add extra layers of protection. 

Four Steps to Protect Yourself From Phishing:

Protect your computer by using security software.
Protect your mobile phone by setting software to update
automatically
Protect your accounts by using multi-factor authentication.
Protect your data by backing it up.
 BASIC COUNTER MEASURES TO PROTECT FROM
PHISIHING
Filter emails for phishing threats:
• It's important that you filter your emails for malicious URLs and
attachments to prevent phishing emails.

• Sandboxing can detect a lot of the malware in emails

Update client-side operating systems, software, and plug-ins:

• Some phishing emails include URLs to exploit vulnerabilities in
the browsers and its plug-ins, such as Flash and Java.

•  That's why it's important to patch vulnerabilities on your

endpoints as well.
BASIC COUNTER MEASURES TO PROTECT FROM
PHISIHING
Harden Your Clients:
• Lock down your clients as much as possible.

• This includes things like not making your users local

administrators and deploying mitigation tools like
Microsoft. Rapid7 Nexpose Ultimate includes Controls
Effectiveness Testing

Block Internet-bound SMB and Kerberos traffic:

• One of our penetration testing team's favorites is to use an SMB
authentication attack. In this scenario, the attacker sets up an
SMB service on the Internet and sends a phishing email with a
URL
 CONCLUSION
Phishing e–mails are only a small aspect of the overall
phishing economy and until now, the only aspect seen by
the most people.

 The phishing economy is a decentralized and self–

organized social network of merchants and consumers
governed by laws of supply and demand.

This clearer picture of the landscape, the players, and

insight into phishing operations will hopefully assist in the
fight against online fraud.
 REFERENCES
 [1] Ms. Neha R. Israni, Mr. Anil N. Jaiswal, “A Survey on various
Phishing and Anti Phishing Measures”, International Journal of
engineering research and technology, Volume.4 (Issue 01), ISSN:
2278-0181, January 2015.

 [2] V. Suganya, “A Review on Phishing Attack and Various Anti-

Phishing Techniques”, International Journal of Computer
Applications, Volume.139 (Issue 01), ISSN: 0975-8887, April 2016.

 [3] Vikas Sahare, Sheetal Kumar Jain, Manish giri, “AntiPhishing

Framework with Visual Cryptography on Cloud”, International
Journal of Advance Foundation and Research in Computer,
Volume.2, ISSN: 2348-4853, January 2015.