Phishing: Examples and Prevention Methods

Phishing, in the field of computer security, is the criminal fraudulent process of attempting to acquire sensitive information such as user names, passwords and credit card details by camouflaging as a trustworthy entity in an electronic communication. It is a term which described hackers who imitate legitimate companies in emails to entice people to reveal their private and confidential information or data.

Phishing through fraudulent e-mails, will usually tells the targeted victim to verify their personal information or account details through a link provided in the e-mail sent. These e-mails will usually appear to be from a legitimate Internet address with a valid request.

Examples of Phishing
One example would be if you received an e-mail that is from your bank, requesting you to click on a hyperlink in the e-mail and verify your online banking information. There will also be a consequences stated in the e-mail for not following the link. The goal of the sender is clear and easy, which for you to disclose your personal and confidential information for their next misconduct performance. This type of e-mail scam is called PHISHING.

Another example: (adopted from chase.com)
T
o: Recipient
Subject: Add 50$ to your account in 2 minutes!

Dear Customer,
You are invited to take part in our nation-wide 5 question survey. Your time is very important to us so $50 will be credited to your account upon the completion of this survey.

Please note that no sensitive information will be required, collected or stored. The information will be used to further improve our services.

To take part please click here.

© 2008 JPMorgan Chase & Co.


More examples could be found from the Chase website.

There are also examples of phishing from the famous online website – eBay. One of the example was the member of eBay was told to respond to the message sent to confirm that the transaction was really void by mutual agreement. Once the respond button is clicked, the link will direct the user to an exact cloned eBay and personal information of that person will be stolen. For more examples, you may proceed to this link. It will lead you to more examples on phishing scams which occurred in eBay.

Besides phishing e-mails, there are also phishing websites. These websites will often have poor resolution, poor quality. This is because they are created with urgency manner and have a short span of life. Moreover, even if the website contains a link has a name which is familiar to you, it does not mean that it links to the real organization. Explanation from PhishTank said that you should read the URL carefully. The “https” shows a big deal. The “s” in the “https” stand for secure, which means the website is secured. If there is no “https”, you should be alarmed and alert, because the website is not secured and likely phishes. Of course, with the combination of the two factors mentioned just now. extract of the website is as follow:


Methods of Prevention
Tips on how to avoid the Internet scam known as phishing:

  • If you feel uncertain that it might be a legitimate e-mail, type the URL yourself to the Web Browser yourself. DO NOT click through the link from the E-mail received. This will provide you with accurate information about your account and allow you to completely avoid the possibility of landing on a spoof Web site and giving your information to someone you shouldn't.
  • Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It means your information is secure during transmission.
  • The golden rule to avoid being phished is to never ever click the links within the text of the e-mail. Always delete the e-mail immediately. Once you have deleted the e-mail then empty the trash box in your e-mail client as well. This will prevent "accidental" clicks from happening as well.
  • If you are uncertain about the information, contact the company through an address or telephone number you know to be genuine.

More on how to the details of phishing and how to prevent it, these are some very useful websites which you can learn more about Phishing:


> Watch Out for "Phishing" Emails

> Anti-Phishing Working Group (APWG)

> All About Phishing



om

0 comments:

Post a Comment

nuffnang..