Difference between revisions of "Phishing"
m |
|||
| Line 2: | Line 2: | ||
==Short overview== | ==Short overview== | ||
| − | The theft of financial and personal data is achieved through deceptive means such as fraudulent emails and copies of legitimate websites. <ref>[http://dictionary.reference.com/browse/phishing Phishing features]</ref> Brand spoofing and carding are forms of phishing. | + | The theft of financial and personal data is achieved through deceptive means such as fraudulent emails and copies of legitimate websites.<ref>[http://dictionary.reference.com/browse/phishing Phishing features]</ref> Brand spoofing and carding are forms of phishing. |
==Phishing history== | ==Phishing history== | ||
| Line 16: | Line 16: | ||
* Fooling Internet users to submit financial and personal data or passwords | * Fooling Internet users to submit financial and personal data or passwords | ||
* Emails that claim to be sent on behalf of well-known organizations | * Emails that claim to be sent on behalf of well-known organizations | ||
| − | * Voice phishing, which is a rather new form of phishing: users will receive an email allegedly from their favorite websites and will be requested to call a fraudulent number and update their information, which will then be stolen by the hacker. <ref>[http://www.spamlaws.com/voice-and-spear-phishing.html Voice phishing]</ref> | + | * Voice phishing, which is a rather new form of phishing: users will receive an email allegedly from their favorite websites and will be requested to call a fraudulent number and update their information, which will then be stolen by the hacker.<ref>[http://www.spamlaws.com/voice-and-spear-phishing.html Voice phishing]</ref> |
* Tabnabbing, which takes advantage of multiple tabs which Internet users may frequently use and redirects the Internet user to the wrong website. | * Tabnabbing, which takes advantage of multiple tabs which Internet users may frequently use and redirects the Internet user to the wrong website. | ||
* Pop-up windows which may appear from legitimate and original websites but request financial and credential information. | * Pop-up windows which may appear from legitimate and original websites but request financial and credential information. | ||
Revision as of 00:07, 22 February 2011
Phishing represents the fraudulent acquisition of personal and financial information like credit card information and passwords.[1]
Short overview
The theft of financial and personal data is achieved through deceptive means such as fraudulent emails and copies of legitimate websites.[2] Brand spoofing and carding are forms of phishing.
Phishing history
Phishing scams first appeared during the 1990s on AOL. Emails that appeared to come from AOL but were actually from a hacker requested users to update their personal and financial information via email, causing many people to expose their information, which was abused by the hacker.
Phishing attacks expanded quickly with the use of PayPal and other such organizations and websites using online payments. These attacks motivated the creation of secure payment applications.
Types of phishing practices
Phishing involves the following:
- The possibility of introducing a virus attack
- The development of a legitimate website copy
- Via instant messaging
- Fooling Internet users to submit financial and personal data or passwords
- Emails that claim to be sent on behalf of well-known organizations
- Voice phishing, which is a rather new form of phishing: users will receive an email allegedly from their favorite websites and will be requested to call a fraudulent number and update their information, which will then be stolen by the hacker.[3]
- Tabnabbing, which takes advantage of multiple tabs which Internet users may frequently use and redirects the Internet user to the wrong website.
- Pop-up windows which may appear from legitimate and original websites but request financial and credential information.
Protection against phishing practices
In order avoid being a victim of phishing, Internet users should take the following into consideration:
- Avoid or delete mass emails
- Install anti-phishing software
- Avoid password authentication services
- Ignore emails requesting financial information updates
- Use spam filters to eliminate phishing emails. This solution relies on natural language processing methods and is able to substantially reduce the amount of phishing emails.
- Do not trust impersonal emails
- Be suspicious regarding email links
- Submit credit card information only on secure websites with secure payment options.[4]