Thursday, June 19, 2008

Phishing: Examples and its prevention methods



Phishing is a crime ware technique used to steal identity of a target company to get the identities of their customers. Phishers (pronounced “fishers”) create websites that look just like the one from your bank, online bookstore, or other familiar destinations. It includes sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

The e-mail will directs the user to visit a Web site where they are asked to update or verify their personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information.

HTML-based emails often include company logos, colors, graphics, font styles, and other elements, and cover topics such as account problems, account verifications, security upgrades, and new product or service offerings. Web links included in these emails almost always possess the look and feel of the legitimate sites they copy, making the fraud almost impossible to detect.

Many fraudsters use fear to trigger a response, and phishers are no different. In common phishing scams, the emails warn that failure to respond will result them to no longer having access to their account. Other emails might claim that the company has detected suspicious activity in the account or that it is implementing new privacy software or identity theft solutions.

Phishers also use techniques such as filter evasion that they uses images instead of text to make it harder for anti-phishing filters to detect text commonly used in phishing e-mails. Some phishing scams use Java Script commands in order to alter the address bar. This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original address bar and opening a new one with the legitimate URL.

In an example PayPal phishing, phishers send e-mail to their targetd PayPal users. The e-mails has several spelling mistakes in the e-mail and the presence of an IP address in the link (visible in the tooltip under the yellow box) are both clues that this is a phishing attempt. Another giveaway is the lack of a personal greeting, although the presence of personal details would not be a guarantee of legitimacy. Other signs that the message is a fraud are misspellings of simple words and the threat of consequences such as account suspension if the recipient fails to comply with the message's requests.
Example of phising:







Here are some recommendation on how users can protect and prevent their network, servers, pcs and mobile devices from phishing:



  • Implement a comprehensive anti-phishing and anti-pharming solution, comprising protection at all possible entry-points—including the Internet gateway, messaging gateway, endpoint clients, endpoint servers, and the network. Trend Micro offers a variety of anti-phishing and anti-pharming products and solutions to suit various enterprise needs.

  • Keep all browser, email, and IM security patches up to date.

  • Get knowledge about the latest threats, symptoms of infection, and how to protect servers, PCs, and mobile devices

  • Never give personal or confidential information to an unfamiliar or unknown individual or business.

  • Delete any email that requests confidential information. If the request appears legitimate, use an established phone number to verify the request.

  • Seek IT counsel and support if you experience any communication (via email, phone, fax, or instant message) that requests corporate or personal information.

Prepared by: YEAP SUE YIE

No comments: