PowerPoint Presentation

undefined. Difference between Phishing and Pharming.

undefined. What is Phishing. Phishing is cyber threats aimed at obtaining sensitive information from individuals, but they differ in their methods of execution.

Phishing. 01. Sending fraudulent emails. 02. Messages masquerading as legitimate entities.

undefined. What is Phishing. Deceptive Communication: Phishing attacks often involve emails or messages that appear to come from legitimate sources, such as banks, social media platforms, or government agencies. These messages typically use urgency or fear to prompt recipients to take immediate action. Spoofed Websites: Phishing emails often contain links to fake websites that mimic the appearance of legitimate ones. These websites are designed to trick users into entering their login credentials or other sensitive information..

undefined. What is Phishing. Social Engineering Tactics: Phishing attacks frequently rely on social engineering tactics to manipulate recipients into trusting the sender or taking the desired action. This could involve impersonating a trusted individual or organization, creating a sense of urgency, or exploiting current events or trends. Malware Distribution: In addition to stealing sensitive information, phishing emails may also contain malware, such as ransomware or keyloggers, which can infect the victim's device and compromise their security. Spear Phishing: While traditional phishing attacks target a broad audience, spear phishing attacks are more targeted and personalized. Attackers research their victims to craft highly tailored messages designed to increase the likelihood of success..

undefined. What is pharming. Pharming, on the other hand, involves redirecting users from legitimate websites to fraudulent ones without their knowledge..

pharming. 01. DNS Spoofing/Poisoning. 02. Hosts File Manipulation.

undefined. What is Pharming. DNS Spoofing/Poisoning: DNS pharming attacks involve tampering with DNS servers to redirect users to malicious websites when they try to access legitimate ones. Attackers may compromise DNS servers or modify DNS records to point users to fraudulent IP addresses associated with fake websites. Hosts File Manipulation: Another method used in pharming attacks involves manipulating the hosts file on individual computers. The hosts file is a local file that maps domain names to IP addresses. Attackers may modify this file to redirect users to malicious websites instead of the legitimate ones they intended to visit. Targeted and Widespread Attacks: Pharming attacks can be targeted, aiming to redirect traffic from specific users or organizations to fraudulent websites. They can also be widespread, affecting large numbers of users by compromising DNS servers or distributing malware that modifies hosts files on infected devices. Impact on Security: Pharming attacks can have serious consequences, as they can lead to users unknowingly entering sensitive information, such as login credentials or financial details, on fake websites. This information can then be collected by attackers and used for malicious purposes, such as identity theft or financial fraud..

Tips to avoid Phishing and Pharming.

Phishing Verifying the authenticity of emails and messages before clicking on links or downloading attachments. Avoiding providing sensitive information in response to unsolicited requests. Using security software, such as antivirus and anti-phishing tools, to detect and block malicious content. Educating yourself and others about the tactics used in phishing attacks and how to recognize them. Reporting suspected phishing attempts to the appropriate authorities or organizations..

Pharming Using secure and reputable DNS servers. Monitoring DNS traffic for signs of suspicious activity. Regularly checking and verifying DNS records for accuracy and integrity. Implementing Domain Name System Security Extensions (DNSSEC) to add cryptographic authentication to DNS responses. Maintaining up-to-date antivirus and antimalware software to detect and remove malicious software that may modify hosts files. Being cautious when entering sensitive information online and verifying the legitimacy of websites before providing any personal or financial data..