is an Internet scam
that uses spoofed email
and fraudulent Web sites which appear to come from or masquerade as legitimate sources. The fake emails and web sites are designed to fool respondents into disclosing sensitive personal or financial data which can then be used by criminals for financial or identity theft. The email directs the user to visit a web site where they are asked to update personal information such as passwords, user names, and provide credit card, social security, and bank account numbers, that the legitimate organization already has. Spear Phishing
is a highly targeted and coordinated phishing attack using spoofed email messages directed against employees or members within a certain company, government agency, organization, or group. These fraudulent emails and web sites, however, may also contain malicious code which can spread infection
Phishing, sometimes referred to as brand spoofing
, was derived from "fishing", the idea being that bait is thrown out with the hopes that some will be tempted into biting. It is essentially an old con game updated to take advantage of new technology.Tips on how to avoid phishing
- The golden rule to avoid being phished is to never ever click the links within the text of the e-mail. Always delete the e-mail immediately. Once you have deleted the e-mail then empty the trash box in your e-mail client as well. This will prevent "accidental" clicks from happening as well.
- Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It means your information is secure during transmission.
- If you are uncertain about the information, contact the company through an address or telephone number you know to be genuine.
- If you unknowingly supplied personal or financial information, contact your bank and credit card company immediately.
- Suspicious e-mail can be forwarded to email@example.com, and complaints should be filed with the state attorney general's office or through the FTC at www.ftc.gov.
- Use an anti-phishing toolbar.
- A rule of thumb: always look for ""https"" in the address bar and the yellow lock icon at the bottom of the window when entering sensitive information. If its not SSL 128 bit encrypted do not waste your time with it.
Another quick way to test if you are bring redirected is to right click on the URL and select properties. It will tell you the true URL that you are connecting to, and it should be the same as the link that you are clicking on. Use this when you suspect fraudulent links in your emails.Pharming
is a technique used to redirect as many users as possible
from the legitimate commercial websites they intended to visit and lead them to fraudulent ones. The bogus sites, to which victims are redirected without their knowledge, will likely look the same as a genuine site. However, when users enter their login name and password, the information is captured by criminals. Pharming involves Trojans, worms, or other technology that attack the browser and can spread infection
. When users type in a legitimate URL address, they are redirected to the criminal's web site. Another way to accomplish these scam is to attack or "poison the DNS
" (domain name system) rather than individual machines. In this case, everyone who enters a valid URL will instead automatically be taken to the scammer's site. DNS Poisoning
is a pharming threat
which can cause a large group of users to be lured to bogus sites by sending fake information to a DNS (domain name system
server. The DNS translates web and e-mail addresses into numerical strings so that it essentially acta like an Internet telephone directory. If a DNS directory is "poisoned" this means it is altered to contain false information regarding which web address is associated with what numeric string. DNS cache poisoning uses a technique that tricks a DNS server into believing it has received authentic information. It involves the practice of hacking into domain name servers and replacing the numeric addresses of legitimate Web sites with the addresses of malicious sites. This type of scam typically sends users to bogus Web pages where they may be asked for personal/sensitive information or exposed to malware infection. DNS servers are constantly sending out questions asking for IP addresses and receiving answers. Since they do not actually authenticate the source of the answers there is no way for a DNS server to be sure that the answer actually came from a legitimate source. Some DNS servers do not even check that they asked a question which corresponds to an answer they received...they just believe any answer that is sent to them.
Edit: Fixed two broken links.
Edited by quietman7, 16 May 2011 - 07:15 AM.