What iTHINK about -
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is a fraudulent e-mail that attempts to get you to divulge personal data that can then be used for illegitimate purposes.
There are many variations on this scheme. It is possible to Phish for other information in additions to usernames and passwords such as credit card numbers, bank account numbers, social security numbers and mothers' maiden names. Phishing presents direct risks through the use of stolen credentials and indirect risk to institutions that conduct business on line through erosion of customer confidence. The damage caused by phishing ranges from denial of access to e-mail to substantial financial loss.
PHISHING TECHNIQUES
Phishers use a wide variety of techniques, with one common thread.
Link Manipulation
Its one of the most commonly used method by phishers to extract information from victim on the name of an organization etc to which the victim may be associated.
Its also an easier method. Phisher just need to construct a webpage that looks exactly similar to an official site of an organization consider a bank. When victim sign in, his information such as password credit card no. etc are transferred to the phisher through an email system. (I myself have used this over one of my friend and got his gmail account password.)
Filter Evasion
Phishers have used images instead of text to make it harder for anti-Phishing filters to detect text commonly used in Phishing e-mails.
Website Forgery
Once a victim visits the Phishing website the deception is not over. Some Phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original address bar and opening a new one with the legitimate URL.
Phone Phishing
Messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts. Once the phone number (owned by the Phishers) was dialed, prompts told users to enter their account numbers and PIN. Vishing (voice Phishing) sometimes uses fake caller-ID data to give the appearance that calls come from a trusted organization.
Some may use Phishing to have fun.But its not really funny. I have read a novel called "Hakuna Matata" in which terrorist group uses these methods to gain control over credit card of one of the important character.. These are really harmful in the hands of terrorist since this could pose a threat to nation's security.
It all makes us feel helpless but iTHINK a careful attitude is all needed to tackle such circumstances.Remember an careless mind is always a target.
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic attempting to acquire sensitive information such as usernames, passwords and credit card details, by masquerading as a trustworthy entity in an electronic communication. Phishing is a fraudulent e-mail that attempts to get you to divulge personal data that can then be used for illegitimate purposes.
There are many variations on this scheme. It is possible to Phish for other information in additions to usernames and passwords such as credit card numbers, bank account numbers, social security numbers and mothers' maiden names. Phishing presents direct risks through the use of stolen credentials and indirect risk to institutions that conduct business on line through erosion of customer confidence. The damage caused by phishing ranges from denial of access to e-mail to substantial financial loss.
PHISHING TECHNIQUES
Phishers use a wide variety of techniques, with one common thread.
Link Manipulation
Its one of the most commonly used method by phishers to extract information from victim on the name of an organization etc to which the victim may be associated.
Its also an easier method. Phisher just need to construct a webpage that looks exactly similar to an official site of an organization consider a bank. When victim sign in, his information such as password credit card no. etc are transferred to the phisher through an email system. (I myself have used this over one of my friend and got his gmail account password.)
Filter Evasion
Phishers have used images instead of text to make it harder for anti-Phishing filters to detect text commonly used in Phishing e-mails.
Website Forgery
Once a victim visits the Phishing website the deception is not over. Some Phishing scams use JavaScript commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original address bar and opening a new one with the legitimate URL.
Phone Phishing
Messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts. Once the phone number (owned by the Phishers) was dialed, prompts told users to enter their account numbers and PIN. Vishing (voice Phishing) sometimes uses fake caller-ID data to give the appearance that calls come from a trusted organization.
Some may use Phishing to have fun.But its not really funny. I have read a novel called "Hakuna Matata" in which terrorist group uses these methods to gain control over credit card of one of the important character.. These are really harmful in the hands of terrorist since this could pose a threat to nation's security.
It all makes us feel helpless but iTHINK a careful attitude is all needed to tackle such circumstances.Remember an careless mind is always a target.
For more information contact: Yash .S. Jain 9766124639
Don't forget to mention the reference of this blog.
No comments:
Post a Comment