Phishing or Fishy ?

NEHA SINGH
DEPARTMENT OF INFORMATION TECHNOLOGY
ENROLLMENT NO. -12021002004001
ROLL NO.-3

1
Table of Content
 What is Phishing?

 What data do criminals want?

 Phishing Kit and its Anatomy
 Types of Phishing
 How to avoid Phishing?
 References

2
What is “Phishing” ?
Phishing is a cybercrime in which a target or targets
are contacted by email, telephone or text message
by someone posing as a legitimate institution to lure
individuals into providing sensitive data such as
personally identifiable information, banking and
credit card details, and passwords.

Analogous to fishing, phishing is also

a technique to “fish” for usernames,
passwords, and other sensitive
information, from a “sea” of users. 

3
 What data do criminals want?
 Username and passwords
 Card number and CVV
 Social Security numbers
 Sensitive Corporate information
 Trying to infect your computer
with malware.

4
Phishing Kit and its Anatomy

5
 Types of Phishing
Smishing 1
When someone tries to trick you into giving
them your private information via a text or SMS
message 2 Email phishing
Usually appears to come from a well-known
organization and asks for your personal information —
Whaling 3 such as credit card number, social security number,
account number, or password.
A method to masquerade as a senior player at an
organization and directly target senior or other
important individuals at an organization, with the
aim of stealing money or sensitive information or
gaining access to their computer systems for 4 Spear Phishing
criminal purposes The fraudulent practice of sending emails
ostensibly from a known or trusted sender in
Vishing 5 order to induce targeted individuals to reveal
confidential information.
is the telephone equivalent of phishing. It is
described as the act of using the telephone in an
attempt to scam the user into surrendering private
information that will be used for identity theft
6
Smishing Whaling

Vishing

7
 Email phishing

Spear Phishing

8
How to avoid it? Think, think again..
 Two – factor authentication
##Verify and
 Don’t click on the links , directly type validate
on the URL
 If in a doubt, verify the link before ##Passwords
opening: (www.virustotal.com) #Strong
 Security never calls to request you to
change your passwords, login
credentials, pins, etc. Never share
them.

9
 References:
 https://www.imperva.com/learn/application-security/phishing-attack-scam/

 https://digitalguardian.com/blog/what-is-spear-phishing-defining-and-
differentiating-spear-phishing-and-phishing

 https://www.mimecast.com/blog/2018/10/4-simple-tips-for-stopping-vishin
g
/

 https://www.ntiva.com/blog/how-phishing-affects-businesses

 https://thehackernews.com/2020/02/critical-infrastructure-
ransomwa
10
THANK YOU

11