We are always heard about phishing, but what does that means?
Phishing is a type of deception (usually made through e-mail, instant message) to steal personal data such as credit card numbers, password.
Before we discuss further, let us look at how the stages the attackers does while executing a phishing attack.
1. Register a fake domain name [not mandatory]
2. Setup a look alike webpage
3. Send email to hundreds of users
3. Send email to hundreds of users
These are the type of examples of phishing:
Fake Maybank 2u Portal
Fake Maybank 2u Portal
Real Maybank 2u Portal
Real Maybank 2u Portal
Example of phishing that message from eBay member
Example of phishing that message from yahoo
How to prevent phishing?
1. Learn how to recognize phishing
1. Learn how to recognize phishing
i) "Dear Valued Customer."Phishing e-mail messages are usually sent out in bulk and often do not contain your first or last name.
ii)"Verify your account."Businesses should not ask you to send passwords, login names, or other personal information through e-mail.
ii)"Verify your account."Businesses should not ask you to send passwords, login names, or other personal information through e-mail.
iii)"If you don't respond within 48 hours, your account will be closed."These messages make you sense of urgency so that you'll respond as soon as possible. iv) Please don't click directly on any link from your email.
v) Read the URLs from right to left. The real domain name is at the end of the URL.
v) Read the URLs from right to left. The real domain name is at the end of the URL.
2. Install online anti-phishing software in user's computers Anti-phishing tools uses certain rules in their software, and checks a security of a Web site according to these rules. http://www.anti-phishing.info/anti-phishing-freeware.htm
3 Use internet explore 7 which included ncludes the Microsoft Phishing Filter and it can protect .you from Phish websie by warming or blocking you from reported phishing web Sites.http://www.microsoft.com/windows/products/winfamily/ie/default.mspx
4. Do not click links in emails. If in doubt, close your browser, reopen it, and type the web address for the site you want to visit directly into the Address bar.
0 Comments:
Post a Comment