10
Slide 1 Phishing Emails CS 142 Lecture Notes: Security Attacks: Phishing

Phishing Emails

Embed Size (px)

DESCRIPTION

Phishing Emails. Obviously Illegitimate. http://rusprory.mass.hc.ru/old_site/update/index.php. Look-alike Characters. International Character Sets. What does this URL refer to? www.bank.com/accounts/login.php?q=me.badguy.cn This is a host name only!. - PowerPoint PPT Presentation

Citation preview

Page 1: Phishing Emails

Slide 1

Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing

Page 2: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 2

Obviously Illegitimate

http://rusprory.mass.hc.ru/old_site/update/index.php

Page 3: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 3

Look-alike Characters

Page 4: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 4

International Character Sets

● What does this URL refer to?

www.bank.com/accounts/login.php?q=me.badguy.cn

● This is a host name only!

Chinese characters that look like "/", "?", and "="

Page 5: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 5

Picture in picture

Page 6: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 6

Legitimate Partners Can Look Fishy

???

???

Page 7: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 7

HTTPS Indicators

HTTP HTTPS

Firefox 10

IE 8

Chrome 17

Page 8: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 8

Extended Validation Certificates

Page 9: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 9

Extended Validation Certificates

Extended Normal HTTPS

Firefox 10

IE 8

Chrome 17

Certificate Authority

Page 10: Phishing Emails

CS 142 Lecture Notes: Security Attacks: Phishing Slide 10


Beware of BAIT! · Beware of BAIT! How to Spot a Phishing Scam “Phishing” emails attempt to trick people into sharing information that helps criminals access an organization’s

Beware of BAIT! · Beware of BAIT! How to Spot a Phishing Scam “Phishing” emails attempt to trick people into sharing information that helps criminals access an organization’s

Documents
Analyzing Social and Stylometric Features to Identify Spear phishing Emails

Analyzing Social and Stylometric Features to Identify Spear phishing Emails

Engineering
Analysing persuasion principles in phishing emails

Analysing persuasion principles in phishing emails

Documents
Why Employees (Still) Click on Phishing Links: an ...web.mit.edu/smadnick/www/wp/2020-10.pdf · Phishing emails demonstrate this dynamic. Phishing is the practice of sending emails

Why Employees (Still) Click on Phishing Links: an ...web.mit.edu/smadnick/www/wp/2020-10.pdf · Phishing emails demonstrate this dynamic. Phishing is the practice of sending emails

Documents
Six Steps to Protect Your Clients and Protect Yourself ... Ridge-12.20.17-2.pdf · • Phishing emails posing as IRS e-Services • Phishing emails posing as new clients • Spoofing

Six Steps to Protect Your Clients and Protect Yourself ... Ridge-12.20.17-2.pdf · • Phishing emails posing as IRS e-Services • Phishing emails posing as new clients • Spoofing

Documents
AWARENESS OF PHISHING SCENARIO - CYBERWISER.eu · 2020. 11. 19. · Phishing attack exercise •Identify phishing indicators in an email. •Distinguish phishing from legitimate emails

AWARENESS OF PHISHING SCENARIO - CYBERWISER.eu · 2020. 11. 19. · Phishing attack exercise •Identify phishing indicators in an email. •Distinguish phishing from legitimate emails

Documents
 · Web viewAll emails are monitored If you receive any phishing emails or attachments do not open them. You must inform IT immediately. If you open an attachment or phishing email

 · Web viewAll emails are monitored If you receive any phishing emails or attachments do not open them. You must inform IT immediately. If you open an attachment or phishing email

Documents
Analyzing Social and Stylometric Features to Identify Spear phishing … · 2014-06-17 · of spear phishing, spam, and normal phishing emails from Symantec’s enterprise email scanning

Analyzing Social and Stylometric Features to Identify Spear phishing … · 2014-06-17 · of spear phishing, spam, and normal phishing emails from Symantec’s enterprise email scanning

Documents
PHISHING PREVENTION TRAINING White Papers...phishing. Phishing emails are used by attackers to deliver viruses, steal passwords, install ransomware and impersonate corporate officers

PHISHING PREVENTION TRAINING White Papers...phishing. Phishing emails are used by attackers to deliver viruses, steal passwords, install ransomware and impersonate corporate officers

Documents
Classifying Phishing Emails Using Confidence …Classifying Phishing Emails Using Confidence-Weighted Linear Classifiers Ram B. Basnet Computer Science & Engineering Department New

Classifying Phishing Emails Using Confidence …Classifying Phishing Emails Using Confidence-Weighted Linear Classifiers Ram B. Basnet Computer Science & Engineering Department New

Documents
HackCon - Phishing- Going from Recon to Creds - Adam Compton...SPF -Sending Emails Can simulate sending of emails Sends emails in a round robin style alternating across all phishing

HackCon - Phishing- Going from Recon to Creds - Adam Compton...SPF -Sending Emails Can simulate sending of emails Sends emails in a round robin style alternating across all phishing

Documents
APWG Phishing Activity Trends Report · PDF fileunique phishing reports de-duplicate emails found in a given month that have ... The APWG Phishing Activity Trends Report also includes

APWG Phishing Activity Trends Report · PDF fileunique phishing reports de-duplicate emails found in a given month that have ... The APWG Phishing Activity Trends Report also includes

Documents
Phishing - TU Berlin · 2016. 8. 31. · 1 1 Phishing Spoofed emails 2 A Few Headlines “11.9 million Americans clicked on a phishing e- mail in 2005” “Gartner estimates that

Phishing - TU Berlin · 2016. 8. 31. · 1 1 Phishing Spoofed emails 2 A Few Headlines “11.9 million Americans clicked on a phishing e- mail in 2005” “Gartner estimates that

Documents
Who is Using Your Domain for Phishing & Spam - TAG … is Using Your Domain for Phishing & Spam? ... Untrusted Emails Fraud Expenses ... Any email sender

Who is Using Your Domain for Phishing & Spam - TAG … is Using Your Domain for Phishing & Spam? ... Untrusted Emails Fraud Expenses ... Any email sender

Documents
Phishing, Vishing, & Smishing€¦ · – Creating a target list and send out phishing or spear phishing emails – Responding if the victim responds, engaging directly with some

Phishing, Vishing, & Smishing€¦ · – Creating a target list and send out phishing or spear phishing emails – Responding if the victim responds, engaging directly with some

Documents
Penetration Testing - Phishing€¦ · Phishing emails are increasingly sophisticated, and despite delivering mandatory training to staff, the risk remains that staff are susceptible

Penetration Testing - Phishing€¦ · Phishing emails are increasingly sophisticated, and despite delivering mandatory training to staff, the risk remains that staff are susceptible

Documents
Information Awareness Training and Phishing · 2017. 10. 24. · phishing emails or how to immediately report phishing attempts to the Computer Incident Response Team (CIRT).11 Recommended

Information Awareness Training and Phishing · 2017. 10. 24. · phishing emails or how to immediately report phishing attempts to the Computer Incident Response Team (CIRT).11 Recommended

Documents
Phishing and bogus emails: HM Revenue and Customs examples · PDF file1 Phishing emails and bogus contact: HM Revenue and Customs examples If you think you may have received a HM Revenue

Phishing and bogus emails: HM Revenue and Customs examples · PDF file1 Phishing emails and bogus contact: HM Revenue and Customs examples If you think you may have received a HM Revenue

Documents
Phishing - infosec.byu.edu · PHISHING What it is… The fraudulent practice of sending emails purporting to be from ... by connecting to your phone (landline or mobile) and prevents

Phishing - infosec.byu.edu · PHISHING What it is… The fraudulent practice of sending emails purporting to be from ... by connecting to your phone (landline or mobile) and prevents

Documents
THE IMPACT OF USERS CHARACTERISTICS ON … Mohammed A...THE IMPACT OF USERS’ CHARACTERISTICS ON THEIR ABILITY TO DETECT PHISHING EMAILS ii Abstract Phishing emails result in significant

THE IMPACT OF USERS CHARACTERISTICS ON … Mohammed A...THE IMPACT OF USERS’ CHARACTERISTICS ON THEIR ABILITY TO DETECT PHISHING EMAILS ii Abstract Phishing emails result in significant

Documents
Detecting Phishing in Emails Srikanth Palla Ram Dantu University of North Texas, Denton

Detecting Phishing in Emails Srikanth Palla Ram Dantu University of North Texas, Denton

Documents
Phishing Prevention, Solutions & Services | Cofense - How to Spot … · 2020. 9. 4. · Phishing emails will try to fluster recipients by creating a sense of urgency. Fear Scaring

Phishing Prevention, Solutions & Services | Cofense - How to Spot … · 2020. 9. 4. · Phishing emails will try to fluster recipients by creating a sense of urgency. Fear Scaring

Documents
Phishing Attack Landscape and Benchmarking · exercises and educate with ongoing security hints and tips emails. Phish Your Users Fully automated simulated phishing attacks, hundreds

Phishing Attack Landscape and Benchmarking · exercises and educate with ongoing security hints and tips emails. Phish Your Users Fully automated simulated phishing attacks, hundreds

Documents
How To Spot Fake Phishing Emails and Report Them

How To Spot Fake Phishing Emails and Report Them

Technology
Anti-Phishing Simulation & Awareness · Phishing attacks have become a significant threat. Consider the following numbers: 156 million phishing emails are sent out every dayi. Email

Anti-Phishing Simulation & Awareness · Phishing attacks have become a significant threat. Consider the following numbers: 156 million phishing emails are sent out every dayi. Email

Documents
Training employees to recognise and avoid phishing threats · 2018. 3. 14. · What are the different types of phishing? Phishing – hackers send generic emails from a trusted source

Training employees to recognise and avoid phishing threats · 2018. 3. 14. · What are the different types of phishing? Phishing – hackers send generic emails from a trusted source

Documents
COVID-19 (Coronavirus) Phishing Scams · sending phishing emails that look like legitimate awareness training or refunds for event cancellations. Falling for one of these malicious

COVID-19 (Coronavirus) Phishing Scams · sending phishing emails that look like legitimate awareness training or refunds for event cancellations. Falling for one of these malicious

Documents
“Emails and Phishing and Spam! Oh my!” - ukmug / FrontPageukmug.pbworks.com/f/MU 2013-07.pdf · Emails and Phishing and Spam continued from page one continued on page three The

“Emails and Phishing and Spam! Oh my!” - ukmug / FrontPageukmug.pbworks.com/f/MU 2013-07.pdf · Emails and Phishing and Spam continued from page one continued on page three The

Documents
Detecting Deceptive Patterns in Phishing Emails - … · Detecting Deceptive Patterns in Phishing Emails Matthew Barba-Rodriguez Advisers: Lauren M. Stuart, Drs. Julia M. Taylor and

Detecting Deceptive Patterns in Phishing Emails - … · Detecting Deceptive Patterns in Phishing Emails Matthew Barba-Rodriguez Advisers: Lauren M. Stuart, Drs. Julia M. Taylor and

Documents
The Cyber Threat Impact of COVID-19 to Global Business · 2020-04-11 · The Cyber Threat Impact of COVID-19 to Global Business Phishing Emails There are many phishing emails currently

The Cyber Threat Impact of COVID-19 to Global Business · 2020-04-11 · The Cyber Threat Impact of COVID-19 to Global Business Phishing Emails There are many phishing emails currently

Documents