Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites such as PayPal, eBay,Facebook and YouTube are commonly used to lure the unsuspecting. Phishing is typically carried out by e-mail or instant messaging and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication it requires skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users and exploits the poor usability of current web security technologies.
1.PayPal phishing example
In an example PayPal phish, spelling mistakes in the e-mail and the presence of an IP address in the link are both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details would not be a guarantee of legitimacy. A legitimate Paypal communication will always greet the user with his or her real name and not just with a generic greeting like,"Dear Accountholder." Other signs that the message is a fraud are misspellings of simple words, bad grammar and the threat of consequences such as account suspension if the recipient fails to comply with the message's requests.
2.TrustedBank phishing email
An example of a phishing e-mail, disguised as an official e-mail from a (fictional) bank. The sender is attempting to trick the recipient into revealing secure information by "confirming" it at the phisher's website.
Phishing prevention method
Nowaday,phishing case keep increasing from year to year.However, there are few method to prevent phishing.1st of all, the user ownself should alway be aware and alert of any email regarding changing personal information. Do not reply to any suspicious email. The user ownself should not too depend on clicking link that you're unsure of. For example, if you receive an email from Ebay requesting personal information such as your user name or password, visit Ebay directly by typing http://www.ebay.com/ into your browser to check on your account status. By doing so, the user can avoided from being leaded to a fake website through link. Besides, an antivirus,anti-spyware and firewall is very useful in order to prevent any unauthorised access to your personal information. Make sure the antivirus is alway up-to-date.Besides that, you must read the message carefully whether there are any errors on it. It is because the errors found can determine whether the message is sent by the particular institution or the phisher.Be cautious about opening any attachment or downloading any files from emails you receive, regardless of who sent them. These files can contain viruses or other software that can weaken your computer's security.
No comments:
Post a Comment