Hacking involves modifying systems outside their intended purpose. Computer hacking is most common today, along with phone and brain hacking. Phishing tries to acquire sensitive information like passwords by masquerading as trustworthy entities. It uses bait like hacking to catch victims, and poses an ongoing risk especially on social media. Both hacking and phishing have a long history involving notable exploits and hackers. While hacking can have advantages like security testing, they both carry risks like privacy harm and illegal activities. Common prevention methods include software updates, firewalls, strong unique passwords, and avoiding unsolicited emails/links.
2. Hacking
Hacking is the practice of modifying the features
of a system, in order to accomplish a goal outside of
the creator's original purpose.
The person who is consistently engaging in hacking
activities, and has accepted hacking as a lifestyle and
philosophy of their choice, is called a Hacker.
Computer hacking is the most popular form of hacking
nowadays, especially in the field of computer security, but
hacking exists in many other forms, such as phone hacking,
brain hacking, etc. and it's not limited to either of them.
3. Phishing
Phishing is the attempt to acquire sensitive information such
as usernames, passwords, and credit card details (and
sometimes, indirectly, money), often for malicious reasons,
by masquerading as a trustworthy entity in an electronic
communication.
The word is a neologism created as a homophone of
fishing due to the similarity of using a bait in an attempt
to catch a victim.
Phishing is a continual threat, and the risk is even
larger in social media such as Facebook, Twitter, and
Google+.
5. 1971
Cap ‘n Crunch phone
exploit discovered
1988
Morris Internet worm
crashes 6000 servers
1994
$10 million transferred
from CitiBank acounts
1995
Kevin Mitnick sentenced
to 5 years in jail
1996
Unix hacked together
2000
Major websites succumb
to DDoS
2000
15,700 credit and debit
cards stolen from Western
Union (hacked while
database was undergoing
maintanence)
2001
*CodeRed exploited bug in
MS IIS to penetrate and
spread probes
*2nd wave infected 360000
servers in 14 hours
*CodeRed 2 had backdoor
installed to allow remote
control
6. do they hack
Deface sites for fun
Add spammy links to bad web neighbourhood
Hijack site to add spam,porn,gambling,pay-day
loans content
Steal sensitive information to sell
Distribute malware to personal computers
Use server resources for distributed attacks
8. ADVANTAGES
• Prevents website defacements
• An evolving technique,advancing day by day
• Helps in finding and removing loopholes in cyber
security
• Can be used to recover lost information where
the computer password has been lost
• Teaches that no technology is 100% secure
• To test how good security is on your own network.
9. DISADVANTAGES
• All depends upon the trustworthiness of the
hacker
• Hiring professionals is expensive
• Criminals can use it to their advantage
• It can harm someone’s privacy
• Its illegal
• Destroy all personal files
11. HOW TO PREVENT
• Perform required software updates for your
operating system and web browser. Hackers
attack where they see weakness....
• Install a firewall on your computer. ...
• Change your passwords often. ...
• Purchase or download anti-virus software…
• Install anti-spyware/adware programs onto
your system....
• Delete emails from unknown sources.
13. HISTORY
Phreaking+ Fishing=Phishing
Phreaking – making phone calls for free back in 70s
Fishing – use bait to lure the target
1995
Target: AOL users
Purpose: getting account passwords for free time
Technique:similar names,social engineering
2001
Target :Ebayers and major bank
Purpose : getting credit card numbers,accounts
Techniques : same as in 1995,keylogger
2007
Target:Paypal,banks,ebay
Purpose:bank account
Techniques:browser vulnerabilities,link obfuscation
14. HOW
• Conducted by email
• Receive an authentic-looking email message that
appears to come from a legitimate business
• Ask you to divulge or verify personal data such as an
account number,password,credit card or social
security number
• Possible for you to be phished by mail,telephone,or
even in person
• Through the use of Instant Messaging (IM),which can
also be used for identity theft as well as spreading
viruses and spyware
18. PROBLEMS
• Fraudulently acquire sensitive information using social
engineering and technical subterfuge
• Tries to trick users with official-looking messages
Credit card
Bank account
Ebay
Paypal
• Some phishing mails also contain malicious software
that track your activities or slow your computer
19. HOW TO PREVENT
• Never entertain unsolicited emails,calls or SMS
• Your bank will never ask you for confidential
information via emails,calls or texts.If you receive
any such communication,report it to your bank
• Avoid accessing websites via links in email
messages;especially those asking for personal
information.It is always safe to type the URL
manually
• Do not fill any kind of form that comes along with an
email