As the usage and popularity of Internet increase, the security of Internet is also being threatened.Many security issues have arisen recently as hackers are attempting to steal personal information from the users.
One of them is phishing, which is a process of duplicating a genuine Web page in the attempt to obtain personal information such as username, password, bank account and credit card details.
This is normally done by sending a deceptive e-mail claiming to be from an established legal entity with a reasonable request, such as authenticating one’s personal information and account details.
When users click the hyperlink in that e-mail, they will be directed to a sham Web site asking for their personal information. ]
Once they enter their information, the information will be stolen.
Here is a simple example of how that works.
http://www.google.com.my
By looking at the link above, we will think that it will direct us to Google’s Web site.
However, when you click on it, you are directed to Hotmail's Web site.
This is done by editing the html coding.
Phishing e-mails usually claim to be from any bank, eBay, PayPal or credit card companies. The e-mails will either state that the user has won a huge amount of cash prize and needs to follow the steps to claim the prize, or that the user needs to verify their personal or account details to prevent their account from being closed or deleted.
The earliest recorded mention of phishing was on the alt.2600 hacker newsgroup in January 1996, even though the term may have appeared earlier in the printed hacker magazine 2600.
Below are some of the examples of phishing e-mails and Web sites:
However, when you click on it, you are directed to Hotmail's Web site.
This is done by editing the html coding.
Phishing e-mails usually claim to be from any bank, eBay, PayPal or credit card companies. The e-mails will either state that the user has won a huge amount of cash prize and needs to follow the steps to claim the prize, or that the user needs to verify their personal or account details to prevent their account from being closed or deleted.
The earliest recorded mention of phishing was on the alt.2600 hacker newsgroup in January 1996, even though the term may have appeared earlier in the printed hacker magazine 2600.
Below are some of the examples of phishing e-mails and Web sites:
Phishing eBay Web site
Phishing eBay e-mail
Phishing PayPal Web site
Phishing PayPal e-mail
Phishing Citibank Web site
Phishing Citibank e-mail
The number of phishing scams is increasing dramatically.
Therefore, we need to take certain steps to avoid being a victim.
A simple phishing scam can be revealed easily.
The followings are some ways to detect phishing scam:
I) Never click on the link provided in the e-mail
II) Look for misspelled words or grammatical errors
III) Not get panic by the content of the e-mail
A more detailed explanation can be found here.
As for a more sophisticated phishing scam, there are few ways to prevent phishing attacks.
1) Detect and block phishing Web sites in time
2) Enhance the security of the Web sites
3) Block phishing e-mails through different spam filters
4) Install online anti-phishing software
For more information on these four methods, please click here.
References:
Phishing - Wikipedia
Online detection and prevention of phishing attacks
Therefore, we need to take certain steps to avoid being a victim.
A simple phishing scam can be revealed easily.
The followings are some ways to detect phishing scam:
I) Never click on the link provided in the e-mail
II) Look for misspelled words or grammatical errors
III) Not get panic by the content of the e-mail
A more detailed explanation can be found here.
As for a more sophisticated phishing scam, there are few ways to prevent phishing attacks.
1) Detect and block phishing Web sites in time
2) Enhance the security of the Web sites
3) Block phishing e-mails through different spam filters
4) Install online anti-phishing software
For more information on these four methods, please click here.
References:
Phishing - Wikipedia
Online detection and prevention of phishing attacks
Posts
No comments:
Post a Comment