Another common Internet scam is phishing. It is a criminally fraudulent process that illegally acquires sensitive information. It hacks passwords and other relevant personal information that can be used to enter private accounts for malicious purposes.
This is usually done by email or instant messaging. Phishing asks the victim to enter their relevant information on a fake website. These websites are tricky because they appear legitimate and trusting. Scammers gain access to important details when victims fall prey by entering their personal information.
These important details are used to withdraw money from ATMs or bank accounts.
You can use SSL which has strong cryptography, but it is still impossible for SSL to detect that the website is bogus. This is an example of a social engineering technique. This is used to deceive users and abuse the usability of web security technology.
Phishing techniques have already been described as early as 1987, but were first reported to have been used in 1996. The term rhymes with the word fishing which means to catch. Phishing captures a person’s financial and personal information, such as passwords.
Here are the most common phishing techniques often used:
Links are Internet addresses that direct a person to a specific website. We usually give links to our personal blogs or digital album sites to our friends and family via email or instant messages.
In the case of phishing, these links are usually misspelled. One or two letters make a big difference and will take you to a different, often wrong, website or page. It is a form of technical deception. Phishers use subdomains.
Another method of deception in links is the use of the “@” symbol. This sign is originally intended to include the username and passwords. These links are disabled by Internet Explorer but Mozilla Firefox and Opera only present warning messages which are sometimes not easy to notice.
Apart from that, there is also what we have called Internationalized Domain Name (IDN) spoofing or homograph attack.
It is the use of images instead of texts. This will make it difficult for phishing filters to detect emails.
Flash-based websites avoid anti-phishing techniques. This hides the text on a media object.
This is done by using bogus caller ID data to make it look like the call came from a trusted organization. The operator of the telephone who answered your call will ask you to provide your account numbers and passwords.
There are many other phishing techniques. Some have already developed anti-phishing techniques, but crooks keep coming up with even newer tricks. Always be vigilant and never trust to give out your most private details easily.
Source by David Urmann