A

presentation

PHISHING
on

ATTACK
Presented by :

(BCA 1 SEMESTER )
Dept. of computer
science
PHISHING
BASIC
Pronounced “ fishing ”.
 The word has its origin from two words
“password harvesting ” or fishing For
passwords .
 Phishing is an online from of pretexting , a kind of
deception in which an attacker pretends to be someone
else in order to obtain sensitive information from the
victim .
 Also known as “brand spoofing”.
 Phishers are phishing artists .
PHISHIIN
G
 Phishing is away of fraudulently acquiring sensitive information using
social engineering and technical subterfuge.
 If tries to trick users with official-looking message
• Credit card
• Bank account
• ebay
• Paypal
 Some phishing e-mails also contain malicious or unwanted software
that
can track your activities or slow your computer
 COMPARISON TO
SPAM
The purpose of a phishing message is to acquire sensitive information about
a user. For doing so the message needs to deceive the intended recipient.
• So it doesn't contains any useful information and hence falls under the
category of spam.
A spam message tries to sell a product or service, whereas phishing
message needs to look like it is from a legitimate organization.
 Techniques applied to spam message cant be applied naively to phishing
messages.
 EXISTING
SYSTEM
• 1) Detect and block the phishing Web sites intime
• 2) Enhance the security of the web sites
• 3) Block the phishing e-mails by various spam filters4) Install online
anti- phishing software in user's computers
 PROPOSED
SYSTEM

 Classification of the hyperlinks in the phishing e-

mails
 Link guard algorithm
 Link guard implemented client
 Feasibility study
TOP 10 PHISHING SITES HOSTING
COUNTRIES
Korea: 14%,
China: 10 %,
France: 6%,
Australia: 5%,
Germany: 3.5%,
Japan: 3%,
Canada: 1.7%,
Thailand: 1.5%,
Italy: 1.5%
 HOW TO AVOID
PHISHING
 DON'T CLICK THE LINK
• Type the site name in your browser (such as www.paypal.com)
 Never send sensitive account information by e-mail
• Account numbers, SSN, passwords
 Never give any password out to anyone
Verify any person who contacts you (phone or email).
• If someone calls you on a sensitive topic, thank them, hang up and
call them back using a number that you know is correct, like from
your credit card or statement.
 ACCOUNT
ALERT
Dear Valued Member,
According to our terms of services, you will have to confirm your e-mail by
the
following link, or your account will be suspended for security reasons
.http://www.uc.edu/confirm.php?account=d.mich.mal@uc.eduAfter following
the instructions in the sheet, your account will not be interrupted and will
contiQue as normal.
http://www.nbmd.cn/Confirmation Sheet.pif
Thanks for your attention to this request. We apologize for any
inconvenience. Sincerely, Uc Abuse Department