|
|
|
|
|
|
|
|
What is Phishing?
|
Phishers are creating havoc on the internet. They are pirates of the internet persuading 1/3 rd of the recipients in accessing their personal and confidential data. These guys create fake email ids and websites to fool the receivers and compel them in revealing their financial data like credit card numbers, bank account passwords etc. big corporate and financial websites are phished.
In February 2006, there was a phishing scam where the ICICI bank website was cloned. The recipients received a forged email message from the bank asking them to verify their email address which included a web link. When clicked on the web link the user's browser opened and they were taken to the web page. The email verification form is available on that page. The page is HTML and the whole text appearance is exactly similar to that of the real bank website. However the link takes the recipient to the impostor's site where a custom Javascript code removes the real address bar and replaces it with a fake address bar at the top of the browser window. This is an exact copy of the real web page of the bank. You can easily type in the bank's web address into the fake address bar.
According to Anti Phishing Working Group's Website the best way to prevent from this happening is not to click on any email links sent to you. Do not respond to any emails asking for personal information irrespective of how official it looks.
Many big companies like McAfee, Symantec etc are joining the Anti Phishing Working Group (APWG) to discourage phishers. They are also putting up a number of white papers on the net to educate net surfers on what to look for while surfing.
The APWG objective includes Detection, Scanning, Filtering and Alerting. They believe in “Prevention is better than cure'. They ensure that big companies, financial institutes, stay cautious of these copycats and keep a lookout for any impostor domain names. There are commercial services which monitor domain name services for these types of attack. In case the website gets impersonated the company should disable the vendor access till the phishing trouble gets rectified.
Do visit the APWG website and read through their advice on various dos and don'ts. A search on Google will also yield you loads of information on phishing.
This article has been compiled by the content development team at Pegasus InfoCorp which pulls subject matter specialists from different work domains. They can be contacted through the Pegasus InfoCorp website at info@pegasusinfocorp.com. Pegasus InfoCorp is an India based web design, web development and online/ offline software development company. Please visit http://www.pegasusinfocorp.com to read more articles and know more about us!
Other companies and organizations are welcome to reprint this article
on their websites provided the following conditions are met.
- The article is not changed in any manner
- The article is copied as is in its entirety (including back
links to the Pegasus InfoCorp website).
- The company/ organization reprinting the article agrees to
defend, indemnify and hold harmless Pegasus InfoCorp, its employees,
directors, officers, agents, partners and their successors and
assigns from and against any and all liabilities, damages, losses,
costs and expenses, including attorney's fees, caused by or
arising out of claims based upon the use of the article, including
any claim of libel, defamation, violation of rights of privacy
or publicity, loss of service by subscribers and infringement
of intellectual property or other rights.
|
|
|
|
|
|
|