Ethical Hacking and
Countermeasures
Version 6
d l
Mo u e XII
Phishing
News
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://cbs5.com/
Module Objective
This module will familiarize you with:
Introduction
Reasons for Successful Phishing
Phishing Methods
Process of Phishing
Types of Phishing Attacks
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Anti-phishing Tools
Module Flow
Introduction
Process of Phishing
Reasons for
Successful Phishing
Types of Phishing
Attacks
Phishing Methods
Anti-phishing Tools
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Phishing- Introduction
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
News
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
Source: http://www.zdnet.co.uk
Introduction
Phishing is an Internet scam where the user is convinced to give
valuable information
Phishing will redirect the user to a different website through
emails, instant messages, spywares etc.
Phishers offer illegitimate websites to the user to fill personal
information
The main purpose of phishing is to get access to the customer’s
bank accounts, passwords and other security information
Phi hi
k
h
di
h
h
ili
EC-Council
Copyright © by EC-Council
All Rights Reserved. Reproduction is Strictly Prohibited
s ng attac s can target t e au ence t roug mass- ma ng
millions of email addresses around the world
Reasons for Successful Phishing
Lack of knowledge
• Lack of computer system knowledge by the user (as how the emails and
web works) can be exploited by the phishers to acquire sensitive
information
• Many users lack the knowledge of security and security indicators
• Phishers can fool users by convincing them to get into a fake website with
Visual deception
the domain name slightly different from the original website which is
difficult to notic