In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information. Phishing also known as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting. It is also possible to phish for other information in additions to username and passwords such as credit card numbers, bank account numbers, social security numbers. The damage caused by phishing ranges from denial of access to e-mail to substantial financial loss.
The process of sending a phishing email to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is fake and are being used only to steal the user’s information. This is one of the examples of phishing. There have been lots of phishing scams happened.
Also Read: Domain Name System
The list of phishing techniques is given as follows:
1. Spear Phishing
Spear-phishing attacks generally come disguised as e-mails that appear to come from trusted sources. They might contain a malicious attachment or a link to a malicious website that the recipient is encouraged to click on to obtain important information about a company matter.
Once a recipient clicks on the link, his browser is directed to a malicious site, where malware is downloaded surreptitiously to his computer. The malware allows an attacker to control the victim’s computer remotely and steal log-in information for banking accounts or for protected internal company systems.
Also Read: Tips to avoid facebook hack
2. Link manipulation
Most methods of phishing use some form of technical deception designed to make a link in an e-mail. Misspelled URLs or the use of subdomains are common tricks used by phishers. In the following example URL, http://www.xyz..com/, it appears as though the URL will take you to the XYZ website; but actually, it does not happen so. Another common trick is to make the displayed text for a link (the text between the <A> tags) suggest a reliable destination when the link actually goes to the phishers’ site.
3. Filter Evasion
It is common for Facebook to send an email to notify their users when another Facebook user adds them as a friend on the social network. However, the spammers included a zip attachment that purports to contain a picture. When the recipient double-clicks on it. The attached Trojan horse file is executed on the user’s machine. Phishers have used images instead of text to make it harder for anti-phishing filters to detect text commonly used in phishing e-mails
4. Website Forgery
An another technique of smart phishing. Once a victim recipient visits the phishing website, the deception is not over. An attacker can also cause flaws in a trusted website’s own scripts against the victim. These types of attacks very harmful, because they direct the user to sign in at their bank or service’s own web page, where everything from the web address to the security certificates appears correct. Just such a flaw was used in 2006 against PayPal.
5. Phone Phishing
Also concerned with Vishing (voice phishing). It uses a fake caller-ID data to disguise that calls are from a trusted organization. Sometimes the messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts. Once the phone number (owned by the phisher, and provided by a Voice over IP service) was dialed, prompts told users to enter their account numbers and PIN.
There are much more types of phishing. Some of them are briefly defined under the following section.
There are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing. Most new internet browsers come with anti-phishing software.
FreshBooks is a very popular cloud-based accounting software. Freshbooks accounting software is used by all…
Blogging is not an easy job. As a blogger, you not only need to write…
Are you looking for A2 Hosting Coupon Codes on this year's most awaited Black Friday…
If you’ve got a stash of unused gift cards lying around, you might be wondering…
There's no denying it. At the point when social media works, it can change your…
The USP DropGenius offers is the power to be able to launch a profitable dropshipping…
View Comments
internet security has become the most important this than ever. because the cyber crimes increase day by day. we must be very much aware of it. we should not any passwords with others and the other tips are mentioned here properly.