Saturday, June 21, 2008

Phishing: Examples and its prevention methods



In computing, phishing is an attempt to criminally and fraudulently acquire sensitive information, such as usernames, passwords and credit card details. Phishing is typically carried out by e-mail or instant messaging, and often directs users to enter details at a website, although phone contact has also been used. PayPal, eBay and online banks are the common targets.


Examples: Paypal

In an example PayPal phish (right), spelling mistakes in the e-mail and the presence of an IP address in the link are both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details would not be a guarantee of legitimacy. Other signs that the message is a fraud are misspellings of simple words and the threat of consequences such as account suspension if the recipient fails to comply with the message’s requests.
There are some methods to prevent phishing (anti-phishing):

1. DON’T use the links in an instant message, an email or chat to get to any web page it you suspect the message might not be authentic or you don’t know the sender or user’s handle.
2. Ensure that your browser is UP TO DATE and SECURITY patches applied
3. Regularly check your bank, credit and debit card statements to ensure that all transactions are legimate. DON’T leave it for as long as a month before you check each account.
4. Regularly LOG into your online accounts
5. AVOID ensure that you’re using a secure website when submitting credit card or other sensitive information via your Web browser.
6. AVOID filling out forms in e-mail messages that ask for personal financial information
7. Be SUSPICIOUS of any e-mail with urgent requests for personal financial information
Example: phishers always will show some upsetting phrases to make victims react immediately in order to acquire their information. Beware of any suspicious e-mail unless the email is digitally signed.
8. Be SUSPICIOUS of impersonal emails such as Bank of America, Bank of Montreal and the ANZ Bank of Australia.
9. NEVER fill out forms in email messages that ask for personal financial information.

As a conclusion, the damage caused by phishing ranges is from denial of access to email to substantial financial loss. Be careful out there!!!


1 comment:

Anonymous said...

I like the video sharing by your group's blog..is so special that everyone can know it easily through the video sharing...is such a good job and good way!! your group done a good presentation for that!!