Phishing is an act to imitate legitimate in internet environment to lure people to share passwords or credit card numbers. Criminals usually targeted on online services for day-to-day activities which including banking, shopping and more. Normally, the purpose of phishing is to commit financial fraud.
Examples of phishing:
1. Maybank phishing
Phishing email is sent to lure the user to venture over the phishing website. The URL and page of the website look exactly right. The scammer might copy the Web page code from a major site and use that code to set up a fake Web page which will make the user look and feel are almost identical to the legitimate one. When the user clicked into the website, it is prompted to enter user online detail which is Maybank account username and password.
Phishing email is sent to lure the user to venture over the phishing website. The URL and page of the website look exactly right. The scammer might copy the Web page code from a major site and use that code to set up a fake Web page which will make the user look and feel are almost identical to the legitimate one. When the user clicked into the website, it is prompted to enter user online detail which is Maybank account username and password.
2. eBay phishing
User received an email from eBay member which claimed that there is a problem with payment to the Paypal account. When the user click to the respond button and directed to an eBay phishing website asking for the login information.
Prevention methods:
1. Education and awareness is important in prevention in order to train the user to recognize phishing attempts and deal with it.
2. Web browser toolbars is one of the methods to prevent phishing. For example, before submitting financial information through a website, look for the “lock” icon on the browser’s status bar to check whether the information is secured during transmission.
http://www.uscert.gov/reading_room/phishing_trends0511.pdf
http://en.wikipedia.org/wiki/Phishing
No comments:
Post a Comment