Changes

Phishing (view source)

Revision as of 13:08, 9 March 2022

40 bytes added , 2 years ago

no edit summary

Line 12: Line 12:

===Cybersquatting===

−

According to [[APWG|The Anti-Phishing Working Group]], the number of [[cybersquatting|cybersquatted]] domain names used in conjunction with [[phishing]] ~~has fallen~~ to only 2% of attacks in 2012. A report identified 64,204 phishing domains in total, of which only 12% is suspected by APWG as being registered by the phishers. The rest were compromised accounts owned by third parties. More than half of phisher-owned domains were in [[.tk]], a registry that offers free registration.<ref>[http://domainincite.com/10861-only-2-of-phishing-attacks-use-cybersquatted-domain-names Only 2% of phishing attacks use cybersquatted domain names]. Published 2012 October 25. Retrieved 2012 November 13.</ref>

+

According to [[APWG|The Anti-Phishing Working Group]], the number of [[cybersquatting|cybersquatted]] domain names used in conjunction with [[phishing]] fell to only 2% of attacks in 2012. A report identified 64,204 phishing domains in total, of which only 12% is suspected by APWG as being [[Malicious Domain|registered by the phishers]]. The rest were [[Compromised Domain|compromised accounts]] owned by third parties. More than half of phisher-owned domains were in [[.tk]], a registry that offers free registration.<ref>[http://domainincite.com/10861-only-2-of-phishing-attacks-use-cybersquatted-domain-names Only 2% of phishing attacks use cybersquatted domain names]. Published 2012 October 25. Retrieved 2012 November 13.</ref>

===Combating Phishing with Next Generation Passwordless Authentication===

Line 27: Line 27:

* DNS-Based Phishing also referred to as "Pharming" <ref>[http://pcworld.about.com/od/emailsecurity/Types-of-Phishing-Attacks.htm Phishing types]</ref>

* Voice phishing, which is a rather new form of phishing: users will receive an email allegedly from their favorite websites and will be requested to call a fraudulent number and update their information, which will then be stolen by the hacker.<ref>[http://www.spamlaws.com/voice-and-spear-phishing.html Voice phishing]</ref>

−

* Tabnabbing, which takes advantage of multiple tabs ~~which~~ Internet users may frequently use and redirects the Internet user to the wrong website. <ref>[http://www.crustiz.com/web-2-0/tabnagging-new-phishing-attack/ Tabnagging]</ref>

+

* Tabnabbing, which takes advantage of multiple tabs that Internet users may frequently use and redirects the Internet user to the wrong website. <ref>[http://www.crustiz.com/web-2-0/tabnagging-new-phishing-attack/ Tabnagging]</ref>

* Pop-up windows which may appear from legitimate and original websites but request financial and credential information.

==Protection against Phishing Practices==

−

In order avoid being a victim of phishing, Internet users should take the following into consideration:

+

In order to avoid being a victim of phishing, Internet users should take the following into consideration:

# Avoid or delete mass emails

# Install anti-phishing software

# Avoid password authentication services

# Ignore emails requesting financial information updates

−

# Use spam filters to eliminate phishing emails. This solution relies on natural language processing methods and is able to substantially reduce the ~~amount~~ of phishing emails.

+

# Use spam filters to eliminate phishing emails. This solution relies on natural language processing methods and is able to substantially reduce the number of phishing emails.

# Do not trust impersonal emails

# Be suspicious regarding email links

Jessica

Bureaucrats, Check users, lookupuser, Administrators, translator

14,932

edits