A simple word to define
phishing is theft. Actually, phishing is a technique used to gain personal information for purposes of identity theft, using fraudulent e-mail messages that appear to come from legitimate businesses. Normally, authentic-looking messages are designed to fool recipients in to divulging personal data such as account numbers and passwords, credit card numbers. Moreover, the method of deceits are using an IP address instead of a domain name, using a domain name that is very similar to the real one, copying the appearances of another website, misleading hyper link text, hiding the status bar text, and making everything a link.
An example of HSBC Bank phishing e-mail
Suggestion Prevention Methods:-
- Visit www.identitytheftsecrets.com to see how a real phishing scheme work
- Don't easily trust e-mail headers
- Avoid filling forms in e-mail messages. You can't know certainty where the data will be sent and the information can make several stops on the way to the recipients
- Never following directions asking you to reveal information or delete a file that is received in e-mail or pop-up messages from seemingly trusted companies
- Verify the legitimacy of a web address with the company directly before submitting your personal information, if you click on a link in an e-mail message from a company
- Securing computers before shopping online by keeping antivirus, antispam, and firewall software up-to-date
References:
- http://banksafeonline.org.uk/examples/phishing_hsbc.html
- www.privacyright.org/ar/phishing.htm
- http://dimacs.rutgers.edu/Workshops/Intellectual/slides/stepp.pdf
No comments:
Post a Comment