101 Articles Phishing
PHISHING
Phishing is an act closely tied up with computer security. It is a criminally fraudulent process of attempting to acquire sensitive information from millions of web users who are quite vulnerable by nature such as usernames, passwords, credit card details, bank account details, e-mail id's etc. It is able to do the same by masquerading as a trustworthy entity in electronic communication. Phishing is typically carried out by e-mails or instant messaging such as chats. It lures the web users and directs them to enter personal and critical details in fake websites also known as phishing websites. The owners of such websites are usually spammers or hackers who have tremendous technical knowledge and thus tend to create these websites that looks and feels almost identical to that of a legitimate site. Phishing is a scam that intends to fool users and take advantage of them and exploit web security technologies running the internet today.
However, several measures have been undertaken off late such as legislation, user training, public awareness and other technical security measures to counteract phishing issues.
Phishing is a technique employed by spammers and hackers to gather web user's personal information to steal their identities and then their money or benefits. They pretend and do it in name of legitimate retailer, bank or government agency. The phisher asks you to confirm the personal information you have entered in their fake website for some made up reason which is obviously a trick method to lure you into the bait. As an expert I have come across certain common techniques employed by these phishers to lure people into the bait. Some of the common strategies are sending an email from a bank asking you to go to its site to confirm your personal information and the moment you click that particular link, you end up at a bogus site which also looks legitimate at the same time.
One can state that phishing always includes:
Sending out fake email messages asking to enter personal financial information such as bank account numbers, credit card numbers, passport numbers etc in forms. Leading you into a fake website that contains these forms and at the same time the website will resemble the bank, credit card or other companies whom they are claiming to be.
Phishing can also be done via phone. Usually people get call from companies where they have availed services asking for your personal information for confirmation or data updating.
Phishing attacks are quite brief and thus they usually tend to last for less than a week's duration.
The 'sent from' and 'reply to' email addresses are always fake.
Common Phishing Techniques often employed:
Link Manipulation: Links are addresses used for directing a user to a particular website. In phishing these links are misspelled. Phishers employ sub domains while using this tactic. These one or two letters misspelled makes a huge difference as it leads you to a fake website or a webpage.
Filter Evasion: It is nothing but the concept of use of images instead of texts. Using this is very advantageous for phishers as anti phishing filters find it hard to detect the emails.
Website Forgery: Some phishing scams make use of JavaScript commands to alter the address bar. This directs the user to sign in for the services provided by the phisher. Flash based websites avoids anti phishing techniques. They hide texts behind multimedia objects
Phone Phishing: A fake caller id is used to make it seem like the call appeared from a trusted organization. The person handling the call will direct you and inquire you regarding your account details and other personal details. Using these details they hack into your financial accounts, swindle money and abscond.
Phishing And Search Engines:
Spammers and hackers manipulate search engines to direct web users to fake websites, gather their personal details and swindle them before absconding. Most times it is very difficult to track them back as they make use of fake identities and dynamic addresses. Recently I came across a similar situation where after the misdirection took place and I landed in a website that seemed legitimate a bogus security warning emerged that prompted me to load an anti-malware program. As an expert I am pretty aware of the legitimate anti-malware programs available in the markets. I am also aware about the upcoming similar software's. The moment I came across this security warning I realized it that it was fake software. Taken aback, I did my research upon it and realized that half the sites that appear in the search engines pertaining to a search phrase were related to the same site.
Hackers and spammers employ several search engine optimization techniques to make their fake websites get indexed and rank much better than genuine websites and as a result the efficiency of the search engine result set is almost nullified. In other words, more than 6 websites listed in the top 10 of the result set pertaining to any particular search phrase or keyword are fake websites alluring people to register and confirm personal information.
Hackers make their websites popular by blog spamming, forum spamming, keyword stuffing, and adding backlinks to their websites on reputable sites. Keywords, link popularity, traffic derivation etc all play a crucial part in deciding the fate of the website. Search engine algorithms make use of these factors to index websites and rank them accordingly. Hackers have embedded corrupted links on several forums and blogs. A click on the link establishes a connection with automated programs that aids the hackers in accessing the particular work station from which the click was generated.
Several search engines are striving hard to make their algorithms more complicated and strenuous when it comes to indexing and ranking. However, as of today the techniques employed by these hackers and spammers seems more advanced in breaking down the algorithms and manipulating search engines for the benefits of these fake websites. Also recent surveys and researches shows that out of 2486 fake sites, 76% of them are hosted in reputable hijacked servers controlled by the hackers after identifying potential security flaws through search engine requests.
Recently there was a similar phishing attempt across the web that requested Gmail users to confirm their accounts in order to prevent it from being terminated. Phishers make use of Google Docs to accomplish their deeds. Once you have gone through the instructions and acted as directed, you are taken to a Google.com site. Side by side the phisher also gathers your personal details as you entered while being directed. One of the primary things of anti phishing procedures is to look out for the domains hosted on an outside site. However, as the phisher used Google Docs it is easy for him/her to get away with it easily. Using Google Docs, phisher can host forums; webpages etc on Google.com address, confusing both the web user as well as basic security software's employed in your system that detects phishing activities.
Things that can be done to protect yourself from phishing:
Never click on a link provided in an email that prompts you for giving account details and other personal information. You can always cross verify the email with company in which you have availed services. Call them and clarify your doubts. You can even visit their official website and check for certain updates.
If someone calls you asking for the same details, verify the person's identity before giving out your details.
Gather all the details regarding recent phishing attacks and be always well informed and aware to identify malicious acts and suspicious acts.
Elaborating on the above point, there are many examples of phishing emails available online just for confirmation and clarifications. Check them out.
Job seekers who have registered in any job sites have to be highly careful.
Act immediately if you've been hooked by a phisher by notifying the legitimate company about the activity and the issue you are facing. They will handle the issue from then onwards doing everything possible for your satisfaction.
Always avoid emailing personal and financial information.
Regular updates are very important to stay on track. Review your credit card, bank statements and account information every now and then.
It doesn't matter whether you have been hooked by such suspicious activities or not. Either ways you ought to report the incident to the concerned authorities immediately without fail.
 |
Images |
 |
Sample email-Phishing |
Date: Sat, Dec 15, 2012 at 06.30 PM
Subject: CAUTION DO NOT RESPOND TO THE PHISHING E-MAIL RECEIVED FROM RBI
To: Reema <reema@gmail.com>
Cc: Rocky <rocky@cub.com>
Dear Internet Banking Customer,
We came to know about some fraudulent emails being sent to internet banking users of various Banks. In the Name or Reserve Bank of India .These emails may contain the Bank's logo and are sent in the name of fictitious officials of the Bank, asking the recipient to update sensitive and confidential information like User ID, Corporate ID, Passwords, E-Mail Id, E-Mail Password, and Card Details etc., either by filling up an online form or by clicking a link within the email or by replying to the email.
Please be aware that these are phishing emails / forged electronic communications sent across by fraudsters and which appear to be coming from a genuine source. The objective of such emails is to make the recipient part with their Net Banking Login details and fraudulently deprive the account holders of their funds in the account. Unaware Internet Banking users usually end up replying to such mails which is also the root cause of most Internet Banking Frauds till date.
Internet Banking users are being cautioned to never respond or act on any communiqué received by email /phone call or SMS claiming to be from CITY UNION BANK / RBI which requests for such sensitive and confidential information.
CITY UNION BANK nor any representative on behalf of CITY UNION BANK or any regulator/ government authority, Internet Service Provider (ISP) or any entity would ever request for the disclosure or updation of any sensitive and confidential information pertaining to an Internet banking account.
If you receive an e-mail/ phone call/ SMS (or any other form of communiqué) claiming to be from CITY UNION BANK. Please also let us know by forwarding the e-mail to csd@cityunionbank.com
AFTER ENTERING THE LOGIN ID IF YOU DO NOT FIND THE IMAGE PREVIOUSLY SELECTED BY YOU AND WELCOME MESSAGE CREATED BY YOU COME OUT FROM THE SITE IMMEDIATELY. CHECK FOR THE https://www.onlinecub.net in the address bar.
We assure you that CITY UNION BANK follows and has in place the highest levels of security to ensure that you have a safe and a pleasant Online Banking experience.
Yours Sincerely,
NET BANKING
CITY UNION BANK
 |
Screen Shots |
What does a phishing email message look like? Here is an example of what a phishing scam in an email message might look like.
The below mentioned image is an example phishing scam.
The screen shot is an extract from a website which shows the example of a fake blogger phishing page.
 |
Graphs |
 |
Working Examples |
 |
References |
 |
Other sites that refer to the same manipulation tactic are as follows |