Phishing Dennis Schmidt, CISSP Director, Office of Information

31 Slides3.77 MB

Phishing Dennis Schmidt, CISSP Director, Office of Information Systems HIPAA Security Officer UNC School of Medicine

Phishing Phishing is e-mail fraud where the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Messages appear to come from well known and trustworthy Web sites such as: PayPal eBay Amazon Major banks

Note the difference between the URL Label and the Actual URL

e W ke Fa ite S b

al e R We ite S b

Notice the Difference

Dots, not slashes after .com Fake Site .info not .com

still d r o ssw a p this d o t Ba u s yo g n i r b page

Slashes after .com Re te i S al

ives g d r swo s at’s a h p T d ! r Ba erro s i h t you ! good

Protect Yourself from Phishing Be suspicious of any unsolicited e-mail. Never provide sensitive information to their query. Check it out from second source (Telephone, etc.) Don’t use the phone number provided in the e-mail. Misspellings, bad grammar, etc., should be clues. Look out for link names that don’t match actual link addresses. Remember: Your bank will not ask you to verify that your account information is still accurate. If it does, you need to find a new bank!

Questions?

Related Articles

Back to top button