SlideShare a Scribd company logo

PHISHING PROTECTION

K
KaterynaPetrova4

What threatens us in cyberspace? Phishing: typology of threats Phishing protection What is anti-phishing protection? Website protection Company and online fraud protection Conclusion Learn more about cyber attacks and find out how to secure yourself - https://hacken.live/2BwYyOo

Technology
1 of 7
Download to read offline
phishing protection HACKENCYBERSECURITYECOSYSTEM.
PHISHINGPROTECTION Introduction What threatens us in cyberspace? Phishing; types of threats Phishing protection What is anti-phishing protection? Website protection Phishing protection tips: social networks Brand and online fraud protection Conclusion TABLE OF CONTENTS
PHISHINGPROTECTION INTRODUCTION What threatens us in cyberspace? Phishing Activities Trend Report for the 4th quarter of 2017, “Unifying the Global response to Cybercrime” requires special attention to phishing. The Anti-Phishing Working Group affirms that “phishing is a criminal mechanism that employs both social engineering and technical subterfuge to steal consumers’ identity data and financial account credentials.” The data proves that phishing is more than an important issue which requires decent anti phishing protection measures. Phishing; typology of threats Mass Email Phishing: email is the most common source of phishing. Clone phishing: happens when an attacker mimics a popular website that usually requires login credentials. Spear phishing: spear phishing aims at a specific group instead of sending thousands of emails haphazardly. Whaling, or CEO phishing: this attack targets high-level executives and aims to access their email accounts. Social media phishing: unlike email phishing, this type of attacks is executed via social networks such as Facebook, Twitter, or Instagram. Sending phishing messages on behalf of authorised accounts is another widespread type of social media phishing. Malware-based phishing: fraud involving malicious software. Malware can be introduced via an email attachment, USB-sticks, or a downloadable file from a website. Staticstical Highlights for 4th Quater 2017 October November December Number of unique phishing web sites detected Number of brands targeted by phishing campaigns Number of unique phishing e-mail reports (campaigns) recieved by APWG from consumers 65,509 54,322 60,926 86,547 87,744 323 268 61,322 348 42% 16% 15% 11% 3% 3% 3% 7% Payment SAAS/Webmail Financial Institution Cloud Storage/Hosting eCommerce/Retail Telecom Social Media Other
PHISHINGPROTECTION PHISHING PROTECTION What is anti-phishing protection? Anti-phishing protection is a set of essential preventative steps and practices against cyber scammers. Usually, it involves anti-phishing software, anti-phishing services, and social engineering training of staff members to distinguish counterfeit websites and/or fishy emails. Let’s review the main assets that phishers typically target. Website anti-phishing protection How to avoid website cloning: Make your code safe — to safeguard your website, you need to encrypt code. A group of highly skilled developers can easily manage encryption and guard you against design & code theft. Disable copy-paste — developers can protect the text of your website from copy-paste by tweaking the script of your web pages. Place copyright information on the website — the text of your website should be protected by copyright, and its exploitation without your permission should be illegal. Get professional support—there are several tech firms that offer anti-phishing solution and various anti-phishing service. Code Updates: keeping software up-to-date is vital for the security of your website. The code runs the operating system of your server and other software that your website uses. XSS protection: Cross-Site Scripting (XSS) inserts dangerous JavaScript into your website code, which then runs on the applications of your consumers. Ultimately, it may modify website content or transmit confidential data to an attacker. One effective tool that fixes the issues is the Content Security Policy (CSP). Avoid uploading unknown documents & files: any uploaded files may contain malicious scripts that damage the security of your website. Apply HTTPS: this certificate supports the encrypted connection between the web server and the visitor’s computer. DNS-based phishing (“pharming”): pharming is an attack that strives to redirect website traffic to a phishing website. Man-in-the-middle phishing: by getting access to unencrypted information between a sender and a receiver, scammers steal users’ data.
PHISHINGPROTECTION Company and online fraud protection For brand holders, the risk associated with phishing schemes and malware go beyond those concerning the customer and business data — they also damage brand equity and client trust. Online brand defense (including social media brand protection) allows business owners to preserve the reputation and client trust if someone attempts to use their brand for profit. Every company should develop a brand protection strategy– anti-phishing ways and means to protect the safety of one’s brand in cyberspace. Furthermore, companies should closely monitor the strategy application and routinely update instructions concerning the security of users, their private information, the implementation of online fraudulence security, and the protection and preventative maintenance of vital systems. Education and training: To effectively counter phishing, companies should educate employees to recognize it (e.g. checking domain names in email links, looking for compliant URLs, utilizing verified software, and following other anti-phishing techniques). The Wombat Security report shows that 95% of interviewees have education programs and anti-phishing training for end users. The majority of companies opt for monthly and quarterly training cycles. The figure below shows the most common anti-phishing training formats: Update your software: Keep your software up-to-date: web browsers, microcode, apps, antivirus software, OS, etc. Developers offer patches and revisions as soon as they identify dangers. Protect your domain name: A domain name is one of the most important resources for a company. Therefore, you should keep it as safe as possible. Here are some of the useful methods: Use ‘spam traps’ to filter out emails that lead clients to phishing websites; Monitor the registration of brand-specific domain names which may be used to host fake websites; Deactivate phishing websites by notifying domain registrars or hosting suppliers. Computer-Based Awareness Training Phishing Simulation Exercises Awareness Campaigns (Video and Posters) In-Person Security Awareness Training Monthly Notification or Newsletters 0 10 20 30 30 40 50 60 70 79% 68% 46% 45% 38% 80
PHISHINGPROTECTION Implement SPF: Sender Policy Framework (SPF) is an email authentication tool created to discover and to stop spoofed or malevolent emails. SPF can be enforced in two areas: Checking and Publishing. SPF Checking helps you to determine whether the emails received by your company come from a valid source. SPF Publishing allows you to choose email servers that are accredited to communicate with your firm via email. Purchase Anti-Phishing tools: Investing in brand protection solutions is never a bad idea. These are some instruments you can apply: A gateway email filter protects you from phishing and decreases the number of phishing emails. Email authentication standard ensures the proper phishing protection of your IT infrastructure. These practices include SPF and the Domain Keys Identified Mail (DKIM) protocol, which authorizes users to only receive cryptographically autographed emails. The Domain-based Message Authentication, Reportage, and Conformance (DMARC) protocol determines whether both SPF and DKIM standards are applied. Further, web safety gateways prevent users from opening potentially dangerous links. They function by checking whether requested URLs are listed on an up-to-date database of websites suspected of administering malware or forgery. A functional firewall must be installed on all PCs and Servers related to the firm. A firewall keeps the staff members safe from unknowingly opening virus-bearing attachments or other malware.
PHISHINGPROTECTION CONCLUSION Phishing is a type of scam which involves defrauding people aiming to steal personal data: customer ID, IPIN, Credit/Debit Card number, Debit/Credit Card expiry date, and CVV number, etc. Phishers are well-organized and apply different techniques to mislead companies and their clients. As phishing attacks happen more frequently, anti-phishing protection is a necessity — it guarantees the security of a company’s name and gives its employees certain skills to counter offenders.

Recommended

Phishing Education
Phishing EducationPhishing Education
Phishing EducationBrandProtect
 
Phishing
PhishingPhishing
Phishinganjalika sinha
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation Nikolaos Georgitsopoulos
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing AttacksJagan Mohan
 
Phishing Technology
Phishing TechnologyPhishing Technology
Phishing TechnologyAvishekMondal15
 
Phishing
PhishingPhishing
PhishingArchit Mohanty
 
Phishing
PhishingPhishing
PhishingSagar Rai
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 

Recommended

Phishing Education
Phishing EducationPhishing Education
Phishing EducationBrandProtect
 
Phishing
PhishingPhishing
Phishinganjalika sinha
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation Nikolaos Georgitsopoulos
 
Phishing Attacks
Phishing AttacksPhishing Attacks
Phishing AttacksJagan Mohan
 
Phishing Technology
Phishing TechnologyPhishing Technology
Phishing TechnologyAvishekMondal15
 
Phishing
PhishingPhishing
PhishingArchit Mohanty
 
Phishing
PhishingPhishing
PhishingSagar Rai
 
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanHow to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScan
How to Spot and Combat a Phishing Attack - Cyber Security Webinar | ControlScanControlScan, Inc.
 
PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on PhishingPankaj Yadav
 
Cyber security
Cyber securityCyber security
Cyber securityJoseMerda1
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing
PhishingPhishing
Phishingshivli0769
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposedtamfin
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - KloudlearnKloudLearn
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafeCheapSSLsecurity
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptSanjay Kumar
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hackingMd. Mehadi Hassan Bappy
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?Quick Heal Technologies Ltd.
 
Phishing
PhishingPhishing
PhishingSaurabhKantSahu1
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
Teaching Your Staff About Phishing
Teaching Your Staff About PhishingTeaching Your Staff About Phishing
Teaching Your Staff About PhishingLegal Services National Technology Assistance Project (LSNTAP)
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation AniketPandit18
 
Phishing & Pharming
Phishing & PharmingPhishing & Pharming
Phishing & PharmingDevendra Yadav
 
Phishing ppt
Phishing pptPhishing ppt
Phishing pptshindept123
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 
5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop Them5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop ThemAnvesh Vision Private Limited
 
Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?SOCVault
 

More Related Content

What's hot

Cyber security
Cyber securityCyber security
Cyber securityJoseMerda1
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposedtamfin
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - KloudlearnKloudLearn
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafeCheapSSLsecurity
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N Gbensonoo
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks pptAryan Ragu
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation AniketPandit18
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacksSreejith.D. Menon
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasuresJorge Sebastiao
 

What's hot (20)

PPT on Phishing
PPT on PhishingPPT on Phishing
PPT on Phishing
 
Cyber security
Cyber securityCyber security
Cyber security
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
 
Phishing
PhishingPhishing
Phishing
 
Phishing exposed
Phishing exposedPhishing exposed
Phishing exposed
 
What is Phishing - Kloudlearn
What is Phishing - KloudlearnWhat is Phishing - Kloudlearn
What is Phishing - Kloudlearn
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Phishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You SafePhishing Scams: 8 Helpful Tips to Keep You Safe
Phishing Scams: 8 Helpful Tips to Keep You Safe
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
P H I S H I N G
P H I S H I N GP H I S H I N G
P H I S H I N G
 
Phishing and hacking
Phishing and hackingPhishing and hacking
Phishing and hacking
 
What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?What is Phishing and How can you Avoid it?
What is Phishing and How can you Avoid it?
 
Phishing
PhishingPhishing
Phishing
 
Phishing attacks ppt
Phishing attacks pptPhishing attacks ppt
Phishing attacks ppt
 
Teaching Your Staff About Phishing
Teaching Your Staff About PhishingTeaching Your Staff About Phishing
Teaching Your Staff About Phishing
 
Phishing attack seminar presentation
Phishing attack seminar presentation Phishing attack seminar presentation
Phishing attack seminar presentation
 
Phishing & Pharming
Phishing & PharmingPhishing & Pharming
Phishing & Pharming
 
Phishing ppt
Phishing pptPhishing ppt
Phishing ppt
 
Strategies to handle Phishing attacks
Strategies to handle Phishing attacksStrategies to handle Phishing attacks
Strategies to handle Phishing attacks
 
Email phishing and countermeasures
Email phishing and countermeasuresEmail phishing and countermeasures
Email phishing and countermeasures
 

Similar to PHISHING PROTECTION

5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop Them5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop ThemAnvesh Vision Private Limited
 
Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?SOCVault
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenCMR WORLD TECH
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOKBoris Loukanov
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docxsaivarun91
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?Osei Fortune
 
Cybersecurity a short business guide
Cybersecurity a short business guideCybersecurity a short business guide
Cybersecurity a short business guidelarry1401
 
Top 8 Types Of Cybersecurity Attacks.pptx
Top 8 Types Of Cybersecurity Attacks.pptxTop 8 Types Of Cybersecurity Attacks.pptx
Top 8 Types Of Cybersecurity Attacks.pptxBluechipComputerSyst
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsIRJET Journal
 
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKSCERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKScsandit
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrimethinkwithniche
 
How to Keep Your Company Safe from Phishing.pptx
How to Keep Your Company Safe from Phishing.pptxHow to Keep Your Company Safe from Phishing.pptx
How to Keep Your Company Safe from Phishing.pptxAiCyberWatch
 
Should You Pay Ransomware.pdf
Should You Pay Ransomware.pdfShould You Pay Ransomware.pdf
Should You Pay Ransomware.pdfKavitaDubey18
 
Choosing the Right Network Security for Your Business - Minerva.pdf
Choosing the Right Network Security for Your Business - Minerva.pdfChoosing the Right Network Security for Your Business - Minerva.pdf
Choosing the Right Network Security for Your Business - Minerva.pdfonline Marketing
 
Cybercrime - An essential guide from Thawte
Cybercrime - An essential guide from ThawteCybercrime - An essential guide from Thawte
Cybercrime - An essential guide from ThawteRapidSSLOnline.com
 

Similar to PHISHING PROTECTION (20)

5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop Them5 Cyber Security Threats That Small Businesses Face And How To Stop Them
5 Cyber Security Threats That Small Businesses Face And How To Stop Them
 
Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?Malware Attacks | How To Defend Organizations From It?
Malware Attacks | How To Defend Organizations From It?
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacks
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber Attacks
 
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usenProtecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
Protecting Corporete Credentials Against Threats 4 48159 wgw03071_usen
 
2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK2016 CYBERSECURITY PLAYBOOK
2016 CYBERSECURITY PLAYBOOK
 
Cyber Security Threats For Small Business- Detox Technologies.pdf
Cyber Security Threats For Small Business- Detox Technologies.pdfCyber Security Threats For Small Business- Detox Technologies.pdf
Cyber Security Threats For Small Business- Detox Technologies.pdf
 
Cyber security.docx
Cyber security.docxCyber security.docx
Cyber security.docx
 
How to Secure your ecommerce website-Threats and tips
How to Secure your ecommerce website-Threats and tipsHow to Secure your ecommerce website-Threats and tips
How to Secure your ecommerce website-Threats and tips
 
How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?How Can I Reduce The Risk Of A Cyber-Attack?
How Can I Reduce The Risk Of A Cyber-Attack?
 
Cybersecurity a short business guide
Cybersecurity a short business guideCybersecurity a short business guide
Cybersecurity a short business guide
 
Top 8 Types Of Cybersecurity Attacks.pptx
Top 8 Types Of Cybersecurity Attacks.pptxTop 8 Types Of Cybersecurity Attacks.pptx
Top 8 Types Of Cybersecurity Attacks.pptx
 
Study on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing ToolsStudy on Phishing Attacks and Antiphishing Tools
Study on Phishing Attacks and Antiphishing Tools
 
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKSCERT STRATEGY TO DEAL WITH PHISHING ATTACKS
CERT STRATEGY TO DEAL WITH PHISHING ATTACKS
 
Ways To Protect Your Company From Cybercrime
Ways To Protect Your Company From CybercrimeWays To Protect Your Company From Cybercrime
Ways To Protect Your Company From Cybercrime
 
How to Keep Your Company Safe from Phishing.pptx
How to Keep Your Company Safe from Phishing.pptxHow to Keep Your Company Safe from Phishing.pptx
How to Keep Your Company Safe from Phishing.pptx
 
Spear Phishing
Spear PhishingSpear Phishing
Spear Phishing
 
Should You Pay Ransomware.pdf
Should You Pay Ransomware.pdfShould You Pay Ransomware.pdf
Should You Pay Ransomware.pdf
 
Choosing the Right Network Security for Your Business - Minerva.pdf
Choosing the Right Network Security for Your Business - Minerva.pdfChoosing the Right Network Security for Your Business - Minerva.pdf
Choosing the Right Network Security for Your Business - Minerva.pdf
 
Cybercrime - An essential guide from Thawte
Cybercrime - An essential guide from ThawteCybercrime - An essential guide from Thawte
Cybercrime - An essential guide from Thawte
 

Recently uploaded

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesBoston Institute of Analytics
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 

Recently uploaded (20)

Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 

PHISHING PROTECTION

  • 2. PHISHINGPROTECTION Introduction What threatens us in cyberspace? Phishing; types of threats Phishing protection What is anti-phishing protection? Website protection Phishing protection tips: social networks Brand and online fraud protection Conclusion TABLE OF CONTENTS
  • 3. PHISHINGPROTECTION INTRODUCTION What threatens us in cyberspace? Phishing Activities Trend Report for the 4th quarter of 2017, “Unifying the Global response to Cybercrime” requires special attention to phishing. The Anti-Phishing Working Group affirms that “phishing is a criminal mechanism that employs both social engineering and technical subterfuge to steal consumers’ identity data and financial account credentials.” The data proves that phishing is more than an important issue which requires decent anti phishing protection measures. Phishing; typology of threats Mass Email Phishing: email is the most common source of phishing. Clone phishing: happens when an attacker mimics a popular website that usually requires login credentials. Spear phishing: spear phishing aims at a specific group instead of sending thousands of emails haphazardly. Whaling, or CEO phishing: this attack targets high-level executives and aims to access their email accounts. Social media phishing: unlike email phishing, this type of attacks is executed via social networks such as Facebook, Twitter, or Instagram. Sending phishing messages on behalf of authorised accounts is another widespread type of social media phishing. Malware-based phishing: fraud involving malicious software. Malware can be introduced via an email attachment, USB-sticks, or a downloadable file from a website. Staticstical Highlights for 4th Quater 2017 October November December Number of unique phishing web sites detected Number of brands targeted by phishing campaigns Number of unique phishing e-mail reports (campaigns) recieved by APWG from consumers 65,509 54,322 60,926 86,547 87,744 323 268 61,322 348 42% 16% 15% 11% 3% 3% 3% 7% Payment SAAS/Webmail Financial Institution Cloud Storage/Hosting eCommerce/Retail Telecom Social Media Other
  • 4. PHISHINGPROTECTION PHISHING PROTECTION What is anti-phishing protection? Anti-phishing protection is a set of essential preventative steps and practices against cyber scammers. Usually, it involves anti-phishing software, anti-phishing services, and social engineering training of staff members to distinguish counterfeit websites and/or fishy emails. Let’s review the main assets that phishers typically target. Website anti-phishing protection How to avoid website cloning: Make your code safe — to safeguard your website, you need to encrypt code. A group of highly skilled developers can easily manage encryption and guard you against design & code theft. Disable copy-paste — developers can protect the text of your website from copy-paste by tweaking the script of your web pages. Place copyright information on the website — the text of your website should be protected by copyright, and its exploitation without your permission should be illegal. Get professional support—there are several tech firms that offer anti-phishing solution and various anti-phishing service. Code Updates: keeping software up-to-date is vital for the security of your website. The code runs the operating system of your server and other software that your website uses. XSS protection: Cross-Site Scripting (XSS) inserts dangerous JavaScript into your website code, which then runs on the applications of your consumers. Ultimately, it may modify website content or transmit confidential data to an attacker. One effective tool that fixes the issues is the Content Security Policy (CSP). Avoid uploading unknown documents & files: any uploaded files may contain malicious scripts that damage the security of your website. Apply HTTPS: this certificate supports the encrypted connection between the web server and the visitor’s computer. DNS-based phishing (“pharming”): pharming is an attack that strives to redirect website traffic to a phishing website. Man-in-the-middle phishing: by getting access to unencrypted information between a sender and a receiver, scammers steal users’ data.
  • 5. PHISHINGPROTECTION Company and online fraud protection For brand holders, the risk associated with phishing schemes and malware go beyond those concerning the customer and business data — they also damage brand equity and client trust. Online brand defense (including social media brand protection) allows business owners to preserve the reputation and client trust if someone attempts to use their brand for profit. Every company should develop a brand protection strategy– anti-phishing ways and means to protect the safety of one’s brand in cyberspace. Furthermore, companies should closely monitor the strategy application and routinely update instructions concerning the security of users, their private information, the implementation of online fraudulence security, and the protection and preventative maintenance of vital systems. Education and training: To effectively counter phishing, companies should educate employees to recognize it (e.g. checking domain names in email links, looking for compliant URLs, utilizing verified software, and following other anti-phishing techniques). The Wombat Security report shows that 95% of interviewees have education programs and anti-phishing training for end users. The majority of companies opt for monthly and quarterly training cycles. The figure below shows the most common anti-phishing training formats: Update your software: Keep your software up-to-date: web browsers, microcode, apps, antivirus software, OS, etc. Developers offer patches and revisions as soon as they identify dangers. Protect your domain name: A domain name is one of the most important resources for a company. Therefore, you should keep it as safe as possible. Here are some of the useful methods: Use ‘spam traps’ to filter out emails that lead clients to phishing websites; Monitor the registration of brand-specific domain names which may be used to host fake websites; Deactivate phishing websites by notifying domain registrars or hosting suppliers. Computer-Based Awareness Training Phishing Simulation Exercises Awareness Campaigns (Video and Posters) In-Person Security Awareness Training Monthly Notification or Newsletters 0 10 20 30 30 40 50 60 70 79% 68% 46% 45% 38% 80
  • 6. PHISHINGPROTECTION Implement SPF: Sender Policy Framework (SPF) is an email authentication tool created to discover and to stop spoofed or malevolent emails. SPF can be enforced in two areas: Checking and Publishing. SPF Checking helps you to determine whether the emails received by your company come from a valid source. SPF Publishing allows you to choose email servers that are accredited to communicate with your firm via email. Purchase Anti-Phishing tools: Investing in brand protection solutions is never a bad idea. These are some instruments you can apply: A gateway email filter protects you from phishing and decreases the number of phishing emails. Email authentication standard ensures the proper phishing protection of your IT infrastructure. These practices include SPF and the Domain Keys Identified Mail (DKIM) protocol, which authorizes users to only receive cryptographically autographed emails. The Domain-based Message Authentication, Reportage, and Conformance (DMARC) protocol determines whether both SPF and DKIM standards are applied. Further, web safety gateways prevent users from opening potentially dangerous links. They function by checking whether requested URLs are listed on an up-to-date database of websites suspected of administering malware or forgery. A functional firewall must be installed on all PCs and Servers related to the firm. A firewall keeps the staff members safe from unknowingly opening virus-bearing attachments or other malware.
  • 7. PHISHINGPROTECTION CONCLUSION Phishing is a type of scam which involves defrauding people aiming to steal personal data: customer ID, IPIN, Credit/Debit Card number, Debit/Credit Card expiry date, and CVV number, etc. Phishers are well-organized and apply different techniques to mislead companies and their clients. As phishing attacks happen more frequently, anti-phishing protection is a necessity — it guarantees the security of a company’s name and gives its employees certain skills to counter offenders.