Showing posts with label Phising Definition. Show all posts
Showing posts with label Phising Definition. Show all posts

Friday, November 6, 2009

Identification A Phishing Email or a Real Email

One of the problems about trying to teach people to avoid Phishing attacks is that the banks often use the exact same tactics that the phishers use. It is mind-numbingly stupid of them to do so, but still we see emails from banks that contain links in them. As a rule I tell people not to click on the links in these emails, but rather to log into their account by typing in the address of their bank by hand.

I had a question for my credit union about one of my accounts with them. The response came back and contained a link that I had to follow in order to reply. The email specifically said not to reply to the email because it wouldn’t be read. So, how do I know this isn’t a phishing attack? First of all I looked at exactly who the email came from. Believe me, this is far from foolproof. Email addresses can be spoofed. The more important sign was that when I followed the link I was not asked for any information at all. I did not have to login, I did not have to verify anything. In addition to this, the email came in response to an inquiry that I initiated and not out of the blue. The reply was relevant to the question I had asked.
Read more »
at No comments:
Labels: , , , , ,

Monday, November 2, 2009

How to handle Phising Attack

Consequences

As the phishers can use so many techniques and can even combine them, it is rather difficult to tell if an email request comes from officials or not.

What are the consequences of disclosing confidential information?
$ The phishers can run up charges on your account.
$ They can open new accounts, sign utility or loan contracts in your name.
$ They can use a false ID and commit crimes using your personal information.

Do not bite the bait!
Do not fill in email forms concerning confidential information. Any trustful service provider uses secure websites and digital certificates.
Do not click on links provided by email, especially if you were not expecting that email. Contact the sender to verify if it was his/her intention to send this email (use the contact number the company gave you, not the one in the email).
Do not reply. Delete the message and check with the real company (use the contact number the company gave you, not the one in the email).
Do not click to follow the link provided in such a message. Type the address in the browser yourself.
Read more »
at No comments:
Labels: , , , , ,

Phising Definition, Concept and Techniques

What is phishing

Phishing, also known as "brand spoofing", is an elaborate form of data theft, targeting possible clients of ISP companies, banks, online banking services, government agencies etc.

When submitting your email address on the Internet, filling in online forms, accessing newsgroups or websites, your data can be stolen by Internet crawling spiders and then used without your permission to commit fraud or other crimes.

The Phishing Concept

Phishers develop counterfeit webpages, which imitate the corporate image of well-known, trusted service providers. Then, using collected or random generated email addresses, they "throw the bait".
Read more »
at No comments:
Labels: , , , , , ,
Subscribe to: Posts (Atom)