Phishing is a criminal mechanism employing both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials.Thus,phishing also is an act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers.
How does phishing works?
Sometimes, we will received the email that make us confuse and think that someone has changed our email address and requests us confirm the changes. Again, it sends us the fake website for us to login to eBay .The purpose is to obtain eBay ID’s which then are used to sell fake or non-existent goods or such accounts can be sold further in the underground market.Other than that, phishing e-mails can appear to be from any bank, PayPal, eBay, credit card companies, and online retail store...
Example
Examples
Preventions
- Give a fake password
When we are not sure if a site is authentic, we do not use our real password to sign in. If you enter a fake password and appear to be signed in, you are likely on a phishing site. Besides,we do not enter any more information and close the browser immediately.Thus,some of the phishing sites will automatically display an error message when we login the fake password, but we also cant assume that site is legitimate.This is the tactics of the phisher.
2.Installing Internet Explorer 7 and Microsoft Phishing Filter
We should install Internet Explorer 7, which includes the Microsoft Phishing Filter to help protect our personal data theft by warning or blocking our information from reported to phishing Web sites. Furthermore,Internet Explorer 7 can also provide anothers protection when we are visit the websites that use Extended Validation (EV) SSL Certificates. The Internet Explorer address bar turns green to alert you that there is more information available about Web sites. The identity of the Web site owner is also displayed on the address bar.
An EV SSL certificate not only helps ensure that the communication with a Web site is secure, but the certificate also includes information about the owner of the Web site, which has been identified by the Certification Authority (CA) issuing the SSL Certificate.
When we received the e- mail that we unknown,we should not click the following links to view. If we really want view that particular links, we can open in new windows or new tab.Besides, We can also ignore or delete the e-mail that we unknown. This will prevent "accidental" clicks from happening as well. Labels: week 4
0 comments:
Post a Comment