Phishing is a broadly launched social engineering attack in which an electronic identity is misrepresented in an attempt to trick individuals into revealing credentials. Phishing is the fastest rising online crime method used for stealing personal finances and perpetrating identity theft. Phishers use many different tactics to lure you, including e-mail and Web sites that mimic well-known, trusted brands. A common phishing practice involves "spamming" recipients with fake messages that resemble a valid message from a well-known Web site or a company that the recipients might trust, such as a credit card company, bank, charity, or e-commerce online shopping site. The purpose of the message is designed to fool recipients into divulging personal data such as account numbers and passwords, credit card numbers.
Some examples of phishing schemes include:
• Fake e-mail messages from what appears to be from a company you do business with warning you that they need to verify your account information or your account will be suspended.
• A combination of auction fraud and fake escrow sites. This occurs when items are put up for sale at a legitimate online auction to lure you into making payments to a fake escrow site.
• Fake online sales transactions, whereby a criminal offers to buy something from you and requests that they pay you an amount well over the price of the item they are buying. In return, they ask you to send them a check for the difference. The payment to you is not sent, but your check is cashed, and the criminal pockets the difference. Additionally, the check that you send has your bank account number, bank routing code, address, and phone number.
• Fake charities asking you for money. Unfortunately, many criminals take advantage of your goodwill.
The best practice to prevent you from online phishing
• Never reply to e-mail messages that request your personal information
• Don't click links in suspicious e-mail
• Use strong passwords and change them often
• Don't send personal information in regular e-mail messages
• Do business only with companies you know and trust
• Make sure the Web site uses encryption
• Monitor your transactions
Subscribe to:
Post Comments (Atom)
Nice blog. I have little bit knowledge about it. Thanks for enhancing my knowledge. You explained in very effective manner by the examples,prevention.
ReplyDeletedigital signature FAQ