Phishing

Recently I have received email from my bank/credit Card Company, eBay & pay pal saying that my account has possibly been compromised and I need to confirm my details and password in order to get continued access.

Spam email now has a new and more frightening variant, it's called phishing and it has been made by criminals and hackers who aim at getting unwitting consumers to reveal account numbers and passwords.

Usually after getting an email like the ones mentioned above from reputable companies, most of us would race to respond as quickly as possible. However, in most cases you will find that you won't be helping anyone other then the criminal who wrote that email and who has nothing to do with the actual organizations.

What is Phishing?

It is when someone creates false email that pretends to be from a bank or other authority, but which is actually designed to collect sensitive information such as passwords. This process of stealing information used for fraudulent purposes is the latest problem to plague Internet users. It is a phenomenon know as phishing i.e. emails 'fishing' for important information.

Just like Spam, phishing mails are sent to the widest possible audience so it's not unusual to receive a message asking you to confirm account details from an organization you do not actually deal with. You may be asked to fix up your eBay account when you haven't even got one!

In addition to collecting sensitive information many phishing messages try to install spy ware, Trojans etc. allowing hackers to gain backdoor entry into computers.

Types of Phishing Emails:

Some phishing emails ask for a response by email.

Some emails include a form for collecting details that you are told to fill out.

Some even include a link to a web site that resembles the actual site you expect to visit, but is actually a clone of the original site.

Number of active phishing sites reported in March, 2005: 2870

Number of brands hijacked by phishing campaigns: 78

Contains some form of target name in URL: 31%

Country hosting the most number of phishing sites: United States of America

Source: http://www.antiphishing.org

Phishing attacks can be really sophisticated. Some time ago a flaw in Internet Explorer allowed hackers to display a false address while redirecting the user to an entirely different site making it almost impossible to distinguish a phishing attack from a legitimate email.

Possible solutions:

New technologies can provide a better means of countering phishers. One option being explored by a lot of banks is the use of a secure token, a small electronic gadget that generates a unique password to be entered each time a user logs onto the web site. This would make a phishing attack useless because without the physical possession of a token it is impossible to access the account. This approach is somewhat similar to what is used at Automated Teller Machines around the world where you need to have both the card and the Pin number in order to use the machine.

One option is to use a technology popularly knows as PassMarks that effectively acts as a second password. After entering the user name a unique image pre selected by the user is displayed before s/he is asked for the password. If the proper image is not displayed the user will come to know that s/he is not on the authentic site. Another option that a lot of organizations are exploring is using text messages instead of email messages. Text messages cost money to send, so Spammers are less likely to partake in the process making it easier to distinguish between legitimate messages and fakes.

Ashish Jain
M6.Net Web Helpers
http://www.m6.net

---

Keeping Worms Out of Your Network...

No auntie Sookie, not earth worms, computer virus worms that... Read More

Phishing-Based Scams: A Couple of New Ones

Phishing in its "classic" variant is relatively well-known. Actually, 43.4... Read More

Delete Cookies: New-Age Diet or Common Sense Internet Security?

No, this article isn't about some new, lose-20-pounds-in-a-week, certified-by-some-tan-Southern-California-doctor diet.... Read More

The One Critical Piece Of Free Software Thats Been Overlooked

Can You Prevent Spyware, Worms, Trojans, Viruses, ... To Work... Read More

Is Shopping Online For Your Horse Gifts Safe?

Shopping for horse gifts or other gift items on the... Read More

Steganography ? The Art Of Deception & Concealment

The Message Must Get Through The year is 300A.D.,... Read More

Free Ways to Tackle Threats to Your Computer

Protect Your PCHaving problems with your pc? Do your kids,... Read More

Avoiding Scams: If It Sounds Too Good to Be True, It Probably Is

A week or so ago, I received an inquiry from... Read More

The Top Twelve Threats No Computer User Should Ignore

The internet is undoubtedly a fantastic resource for families and... Read More

Top 10 tips for Safe Internet Shopping

Over £5 billion pounds was spent on online shopping in... Read More

I Spy...Something Terribly Wrong (In Your Computer)

This really chapped my lips...I recently bought a new computer.... Read More

Is the Internet Insecure Because of You?

Long gone are the days that we could feel secure... Read More

Passwords or Pass Phrase? Protecting your Intellectual Property

Much has been said on the theory of password protection... Read More

Spy Scanners ? Don?t Compromise your Privacy

Spies, spyware, internet parasites are among what they are usually... Read More

How To Clean the Spies In Your Computer?

Manual Spy Bot Removal > BookedSpaceBookedSpace is an Internet Explorer... Read More

Computer Viruses - How to Remove a Computer Virus from Your Computer

Computer viruses infect millions of computers every day. Viruses can... Read More

Viruses and Worms, Protection from Disaster

Virus damage estimated at $55 billion in 2003. "SINGAPORE -... Read More

Criminals are Fishing For Your Identity

What is Phishing? In a typical Phishing attack, a criminal... Read More

Dialing Up a Scam: Avoiding the Auto-Dialer Virus

For many, the daily walk to the mailbox evokes mixed... Read More

Internet Identity Theft - How You Can Shield Yourself

With the advent of the World Wide Web, a whole... Read More

Social Engineering: You Have Been A Victim

Monday morning, 6am; the electric rooster is telling you it's... Read More

Dont Fall Victim to Internet Fraud-10 Tips for Safer Surfing

The Internet offers a global marketplace for consumers and businesses.... Read More

Top Five Spyware Fighting Tips

Spyware and adware are becoming major problems for online surfers... Read More

Can I Guess Your Password?

We all know that it's dangerous to use the same... Read More

Corporate Security for Your Home Business

The words Corporate Security may conjure up images of a... Read More

Online Shoppers, Beware of a New Scam

Beware of a New Scam Aimed at Bargain-HuntersTrying to buy... Read More

Protect Your Little Black Book

The movie Little Black Book features a young woman, Stacy,... Read More

Burning Bridges is Bad, But Firewalls are Good

When you signed up for that ultra-fast DSL or Cable... Read More

How to Fight Spyware

If you are wondering how to fight spyware for safe... Read More

3 Steps to Ending Scams and Virus Problems

Watching how the traditional media covers the latest virus or... Read More

SCAMS ? Be Aware ? And Report When Necessary

The Internet is a vast International Network of people and... Read More

IPv6 - Next Step In IP Security

IPv6, IntroductionThe high rate at wich the internet continualy evolves... Read More

How to Protect Yourself from Viruses, Spyware, Adware, and Other Nuisances

Spyware/adware is a new major concern for PC users everywhere.... Read More