Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

War against Identity Theft and Phising attack

252 visualizaciones

Publicado el

  • Inicia sesión para ver los comentarios

War against Identity Theft and Phising attack

  1. 1. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202
  2. 2. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202 A CALL FOR WAR AGAINST IDENTITY THEFT AND PHISHING ATTACK The rate at which employee’s fall victim of Identity Theft and Phishing attack. Promote the education of employees and conduct training sessions with mock phishing scenarios. The fact that organizations have Information Technology/Information Security Team who could help establish and continuously create awareness Cyber security has risen to become a national concern as threats Concerning it now need to be taken more seriously. • To help people reduce the vulnerability of their Information and Communication Technology (ICT) systems and networks. • To help individuals and institutions develop and nurture a Culture of cyber security. • To work collaboratively with public, private and international Experts to secure cyberspace. • To help understand the current trends in IT/cybercrime, and Develop effective solutions. • Availability. • Integrity, which may include authenticity and non-repudiation.• Confidentiality.
  3. 3. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202 Is the fraudulent practice of using another person's name and personal information in order to obtain credit, loans. Every 2 seconds, someone becomes a victim of identity theft, that means by the time you finish reading this sentence, the next victim could be you. Identity theft is categorized in two ways: true name and account takeover. True name identity theft means that the thief uses personal information to open new accounts. The thief might open a new credit card account, establish cellular phone service, or open a new checking account in order to obtain blank checks. Account takeover identity theft means the imposter uses personal information to gain access to the person's existing accounts. Typically, the thief will change the mailing address on an account and run up a huge bill before the person whose identity has been stolen realizes there is a problem. The Internet has made it easier for an identity thief to use the information they've stolen because transactions can be made without any personal interaction.
  4. 4. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202 Your best defense starts with educating yourself about the threat, the risk you are facing as an Internet player or a Technology owner or user. Understanding the threat and the types of attack Internet connectivity and email system is an Important integral part of every business that need attention professionals in which such Infrastructure is to be managed by concerns experts in each field of practice. there is no guaranteed way to stop a determined intruder from accessing a business network, Reliance on email and the internet brings vulnerabilities which must be recognized and addressed appropriately. The IT security community has assessed that Spear Phishing is a remarkably effective cyber-attack technique and its use to gain access to business systems is unlikely to decline in the near future.  Spear Phishing attack is a lunched to successfully deceive the users so as to gain access to confidential information..  There is a great increase in the rate at which phishing attack is been lunched against an organizations.  Spear Phishing has a high success rate and its use as a means of attack looks set to continue.  Successful attacks can result in exploitation or compromise of individual devices and organizational networks. This can have significant implications for an organization.
  5. 5. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202  The risk from Spear Phishing can be reduced through good educational awareness and effective technical controls.
  6. 6. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202 The purpose of phishing is to collect sensitive information with the intention of using that information to gain access to otherwise protected data, networks, etc. A phisher's success is contingent upon establishing trust with its victims. We live in a digital age, and gathering information has become much easier as we are well beyond the dumpster diving days. There are various phishing techniques used by attackers:  Embedding a link in an email that redirects your employee to an unsecure website that requests sensitive information  Installing a Trojan via a malicious email attachment or ad which will allow the intruder to exploit loopholes and obtain sensitive information  Spoofing the sender address in an email to appear as a reputable source and request sensitive information  Attempting to obtain company information over the phone by impersonating a known company vendor or IT department
  7. 7. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202 They must keep a pulse on the current phishing strategies and confirm their security policies and solutions can eliminate threats as they evolve. It is equally as important to make sure that their employees understand the types of attacks they may face, the risks, and how to address them. Informed employees and properly secured systems are key when protecting your company from phishing attacks. What to do if you’re a victim How to protect yourself Here are a few steps a company can take to protect itself against phishing:  Educate your employees and conduct training sessions with mock phishing scenarios.  Deploy a SPAM filter that detects viruses, blank senders, etc.  Keep all systems current with the latest security patches and updates.  Install an antivirus solution, schedule signature updates, and monitor the antivirus status on all equipment.  Develop a security policy that includes but isn't limited to password expiration and complexity.  Deploy a web filter to block malicious websites.  Encrypt all sensitive company information.  Convert HTML email into text only email messages or disable HTML email messages.  Require encryption for employees that are telecommuting.
  8. 8. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202 This plans to steal PayPal Information and credential If this becomes successful they will Impersonate as the owner of account information and credential and the link below will simply allow them have your confidential information on their server without stress.
  9. 9. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202
  10. 10. BANKOLE BOLAJI JAMES | CYBER FORENSIC AND SECURITY EXPERT |CISCO CYBER SECURITY EXPERT: CCSE |CERTIFIED ETHICAL HACKER: CEH |MCSA, MCSE, MCP, MCITP, MCTS | CISCO CERTIFIED NETWORK ASSOCIATE: CCNA| EMAIL: BOLAJICISCO@YAHOO.COM|+2347035654727|+2348027042202 PROPOSED MITIGATION PLAN Develop an effective Information security awareness training for all employee alongside the Implementation of effective technical/system control for the organization This document is developed for educational purposes in other to help bring to mind current threats, proffer ways to mitigate attacks ,Inspire someone to develop proactive approach to combat cyber crime with proven security solutions and services that protect systems, networks, and mobile devices for business and personal use around the world and give everyone the confidence to live and work safely and securely in the digital world

×