Phishing Techniques

[ad_1]

Phishing is another common internet scam. This is a criminally fraudulent process illegally acquires sensitive information. It hacks passwords and other pertinent personal information that can be used to enter private accounts for malicious intents.

It is usually done by electronic mail or instant messaging. Phishing directs the victim to enter their pertinent details in a fake website. These websites are tricky because they look legitimate and trusting. Scammers get access to important details when victims fall prey in entering their personal information.

Such important details are used to cash out money in the ATM or bank accounts.

You may use SSL that has strong cryptography but it is still impossible for the SSL to detect that the website is fake. This is a social engineering technique example. This is used to fool users and abuse the usability of the web security technology.

The phishing techniques were already described as early as 1987 but it was first recorded to have been used in 1996. The term rhymes with the word fishing which means to catch. Phishing catches the financial and personal information of a person, like passwords.

The following are the more common phishing techniques often used:

Link Manipulation

Links are internet addresses that direct one to a specific website. We usually give out links to our personal blogs or digital album sites to our friends and family via emails or instant messages.

In phishing, these links are usually misspelled. One or two letters make a big difference and it will lead you to a different, and often fake, website or page. It is a form of technical deception. Phishers use sub domains.

Another method of trickery in links is the use of ‘@’ symbol. This sign originally is intended to include username and passwords. These links are disabled by Internet explorer but Mozilla Firefox and Opera just presents warning messages that are sometimes not easily noticed.

Aside from this, there is also what we called the Internationalized domain names (IDN) spoofing or the homograph attack.

Filter Evasion

This is the use of images instead of texts. Through this, anti phishing filters will find a hard time to detect the emails.

Website forgery

There are some phishing scams that use JavaScript commands to alter an address bar. This directs the user to sign in at a bank or service of the phisher. This is where he will extract information from you.

The Flash-based websites avoid anti phishing techniques. This hides the text to a multimedia object.

Phone Phishing

This is done by using a fake caller ID data to make it appear that the call came from a trusted organization. The operator of the phone who answered your call will ask you to give your account numbers and passwords.

There are many other phishing techniques. Some have developed counter-phishing techniques already but scammers continue to invent still newer tricks. Always be alert and never trust to give your most private details easily.

[ad_2]

Leave a Comment

Your email address will not be published. Required fields are marked *

Total
0
Share
%d bloggers like this: