Toggle navigation
Sanchayani
About
Services
Contact
Login
Registration
Title :Phishing
Blogger :पूजा
SUbject :Information Security Awareness
likes:5 dislike:0
2003 saw the proliferation of a phishing scam in which users received emails supposedly from eBay claiming that the user's account was about to be suspended unless he clicked on the provided email link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a website look like a legitimate organization's site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBay's site to update their account information.
What is Phishing?
Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly, money), often for malicious reasons, by masquerading as a trustworthy entity in an electronic communication. The word is a neologism created as a homophone of fishing due to the similarity of using fake bait in an attempt to catch a victim. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting victims. Phishing emails may contain links to websites that are infected with malware. Phishing is typically carried out by email spoofing or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is an example of social engineering techniques used to deceive users, and exploits the poor usability of current web security technologies.
Why is Phishing Successful for Scammers?
Phishing emails are blindly sent to thousands, if not millions of recipients. By spamming large groups of people, the "phisher" counts on the email being read by a percentage of people who actually have an account with the legitimate company being spoofed in the email and corresponding webpage.
Phishing, also referred to as brand spoofing or carding, is a variation on "fishing," the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.
Avoid phishing attacks
Be careful anytime you receive a message from a site asking for personal information. If you get this type of message, don’t provide the information requested without confirming that the site is legitimate. If possible, open the site in another window instead of clicking the link in your email.
Google will never send unsolicited messages asking for your password or other personal information.
Information phishing sites may ask for
• Usernames and passwords
• Social Security numbers
• Bank account numbers
• PINs (Personal Identification Numbers)
• Credit card numbers
• Your mother’s maiden name
• Your birthday
You can do the following to help protect yourself from phishing scams:
1. Don't click links in email messages.
2. Type addresses directly into your browser or use your personal bookmarks.
3. Check the site's security certificate before you enter personal or financial information into a website.
