Phishing is one of the most damaging online security threats. It is an email fraud method in which the fraudster sends out legitimate-looking email in an attempt to extract confidential information such usernames, passwords and credit card details from recipients. Typically, the messages appear to come from well known and trustworthy websites, eg: PayPal, eBay, MSN, Yahoo, BestBuy and America Online.
Phishers use a number of different social engineering and email spoofing ploys to try to trick their victims. There is a case where a 17-year-old male sent out messages purporting to be from America Online that said there had been a billing problem with recipients’ AOL accounts. The fraudster’s email used AOL logos and contained legitimate links. If recipients clicked on the “AOL Billing Center” link, they were taken to a spoofed AOL webpage that asked for personal information, including credit card numbers, personal identification numbers, social security numbers, banking numbers, and passwords. This information was used for identify theft.
Phishers use a number of different social engineering and email spoofing ploys to try to trick their victims. There is a case where a 17-year-old male sent out messages purporting to be from America Online that said there had been a billing problem with recipients’ AOL accounts. The fraudster’s email used AOL logos and contained legitimate links. If recipients clicked on the “AOL Billing Center” link, they were taken to a spoofed AOL webpage that asked for personal information, including credit card numbers, personal identification numbers, social security numbers, banking numbers, and passwords. This information was used for identify theft.
Another example of phishing email is as follow:
There are several technical or non-technical ways to prevent phishing attacks. Firstly, educate users to understand how phishing attacks work and be alert when phishing-alike emails are received. Secondly, use legal methods to punish phishing attackers. Thirdly, use technical methods to stop phishing attackers. These may include detect and block the phishing website in time, enhance the security of the websites, and block the phishing emails by various spam filters.
gosh!!! i know that there's ppl out there whom will fake the account and ask for ur personal detail, but i din know that the 'fake-level' is this high. we being he consumer really have to be much much more aware with all these ' e-mial'. thanks for sharing the info with us. ^^
ReplyDelete