[close]

Thursday, November 4, 2010

Phishing - TAKE REALLY CARE.. Read this..!

0 comments

Phishing is a variant of “fishing”. It is used to bait the users to give out their sensitive information such as credit card information, net banking username and passwords and other important personal and financial information. Now day’s social networking sites like facebook and orkut are highly targeted sites. These attacks are mainly carried by using Emails, Instant messaging or phone calls. Phishing is a example of social engineering to fool users. In Phishing people are convinced to enter their information in spoofed sites. This is a criminal activity and a punishable offense. So, it is suggested that you should never create phishing sites and if you know about any phishing site then you should report it by sending an email to “phishing-report@us-cert.gov “. Detecting fraudulent emails and phishing sites can be extremely difficult. Here I am giving you the way to detect these phishing sites and emails and protect your self from getting hacked.

 

Phishing Can Use the Following Techniques

  1. Link manipulation
  2. Filter evasion
  3. Phone phishing

 

1. Link Manipulation: - In this method a misspelled url of the original website can be used of the spoofed organization. Like

Http://www.facbook.com, http://www.faecebook.com

Instead of the original address http://www.facebook.com .

The another method that can be used is the different misleading anchor tag

For example:-The URL below may seem to take you to facebook but it will take you to my blog. You can test it by clicking on the link.

Click Here To Visit Face book

So try to avoid clicking on links in emails. Instead type the proper address of the site yourself.

 

2. Filter evasion:-The main method to bring a user to a phishing site by using emails. So, to protect its users from phishing spams gmail and other email services started blocking suspected emails by looking for specific phishing content in emails. To overcome these hackers started mailing website addresses in pictures. So now images are by default blocked by gmail and you have to enable them manually.

 

3. Phone Phishing: Websites and Emails are not the only methods. In phone phishing Users receive phone calls or messages requesting them to verify their information by telling the caller. Some people reveal all I important information like their net banking pin or their email passwords. It is recommended that you should never reveal your sensitive information to the caller.

If you have any queries or suggestions then don’t hesitate to comment on this article.

 

Deby Qibrata - Posted thru e-mail

 

0 comments:

Post a Comment