Phising, is actually a variation on "fishing" but the idea behind this is almost the same as both of them are trying to tempt ‘fish/victim’ through the ‘bait’. The difference between them is that the ‘phising’ is trying to get the private or sensitive information criminally. A phishing technique was described in detail as early as year 1987, it can be carried out under the name of online business transaction website, such as Pay Pal, e Bay and online banks.
A phiser can conduct criminal activities by sending an email or instant –message to ask the potential victim ‘update their account’, ‘verify their user account’,or "confirm billing information" under illegal website such as e-bay, which in fact is an illegal website. The one who response in action to the email will then become the victim as the phiser can get the sensitive information through these ‘illegal website’. The phiser can do anything they wish for fraudulent purpose.
There are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing.
Internet user should not give out their private information easily on the web. They can always contact the company which the e-mail originates to confirm the action of ‘verify account'.
Use anti-phishing toolbars as it can display the domain name for the visited website.
The petname extension for Firefox lets users type in their own labels for websites, so they can later recognize when they have returned to the site. If the site is suspect, then the software may either warn the user or block the site outright
Another popular approach is to maintain a list of known phishing sites and to check websites against the list. Microsoft’s IE7 browser, Mozilla Firefox 2.0 , and Opera all contain this type of anti-phishing measure.
The users are also suggested to augmenting the login password.
Specialized spam filters can reduce the number of phishing e-mails that reach their addressees' inboxes. These approaches rely on machine learning and natural language processing approaches to classify phishing e-mails.
Several companies offer banks and other organizations likely to suffer from phishing scams round-the-clock services to monitor, analyze and assist in shutting down phishing websites Individuals can contribute by reporting phishing to both volunteer and industry groups such as Phish Tank.
No comments:
Post a Comment