smartTrainee

	Total Number of Subscribers: 464


Date: 2nd Oct 2009	Compiled by: M Sathya Kumar
All about Phishing Introduction : The explosive growth of malwares like spam, viruses, phishing, and spyware attacks is a trend that threatens to undermine the stability of the Internet. The overall growth of such malwares has risen to such an extent that some people term cybercrime as one of the largest illegal industry ! According to Valier McNiven, US Treasury Advisor’s report, "Global cyber crime turned in more money than drug trafficking last year". For example, there has been an annual 200 percent increase in volume of spam mails since 2002 and spyware websites have almost quadrupled in 2005. Even more worrisome than the sheer rise in malwares is its increasing virulence. During earlier days, a typical virus infection resulted in a temporary reduction in PC performance or a system crash. Today, spyware and viruses regularly take over infected systems, steal personal and financial information from them, and use them as launching pads for further attacks ! One of the most prominent online current threats which affects all of us, using the Internet during some point or the other and which is primarily used in identity theft is ‘Phishing’ and its variants, which are getting increasingly more potent and dangerous. Phishing is one of the fastest growing scams on the Internet, compromising personal details of millions of users worldwide. Typically instigated by professional hackers and criminal organisations, phishing attacks use spoofed emails and fraudulent websites to deceive recipients into divulging personal financial data, such as credit card numbers, account usernames and passwords, social security numbers, etc. A report by a known security solutions vendor detected an average of 7.9 million phishing attempts per day — an increase of 39 per cent over the first half of 2005 ! ! What is Phishing ? The word phishing comes from the analogy that Internet scammers are using e-mail lures to fish for passwords and financial data from the sea of Internet users. The term was coined in 1996 by hackers who were stealing AOL Internet accounts by scamming passwords from unsuspecting AOL users. Since hackers have a tendency of replacing ‘f’ with ‘ph’ the term ‘phishing’ was derived. Phishing is defined as the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a website where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organisation already has. This website, however, is bogus and set up only to steal the user’s information ! For example, you might get an email from your bank asking you to update your username and password as a part of their upgradation exercise. A sample mail is shown . . . Dear valued customer of TrustedBank, We have received notice that you have recently attempted to withdraw the following amount from your checking account while in another country : $ 135.25. If this information is not correct, someone unknown may have access to your account. As a safety measure, please visit our website via the link below to verify your personal information. http:/www.trustedbank.com/general/custverifyinfo.asp Once you have done this, our fraud department will work to resolve this discrepancy. We are happy you have chosen us to do business with us. Thank you, TrustedBank Member FDIC © 2005 TrustedBank, Inc. The above mail might seem harmless, but beware ! ! ! It’s one form of phishing. When you click on the URL link provided in the mail, it will take you to a spoofed website which would look similar to your bank website, but it would have the capability to capture your username and password as you type them, which may be used later to scavenge your own account ! How to spot a Phishing Scam : At first glance, it may not be obvious to the recipients that what is in their inbox is not a legitimate e-mail from a company with whom they do business. The ‘From field’ of the e-mail may have the .com address of the company mentioned in the e-mail, and the clickable link may also appear to be taking you to the company’s website, but will in fact take you to a spoofed website. Looks can be deceiving, but with phishing scams, the e-mail is never from who it appears to be ! Let’s understand it with the example below. 1. The ‘From field’ appears to be from the legitimate company mentioned in the e-mail. It is important to note, however, that it is very simple to change the ‘from’ information in any e-mail client. 2. The e-mail will usually contain logos or images that have been taken from the website of the company mentioned in the scam e-mail. 3. The e-mail will contain a clickable link with text suggesting you use the inserted link to validate your information. In the image you will see that once the hyperlink is highlighted, the bottom left of the screen shows the real website address to which you will go. Note that the hyperlink does NOT point to the legitimate Citibank website URL. Who is behind the Phishes and why : The people behind phishing e-mails are scam artists. They literally send out millions of these scam e-mails in the hope that even a few recipients will act on them and provide their personal and financial information. Anyone with an e-mail address is at risk of being phished. Any e-mail address that has been made public on the Internet (posting in forums, newsgroups or on a website) is more susceptible to phishing, as the e-mail address can be saved by programs called ‘spider’ that search the Internet and grab as many e-mail addresses as they can. This is why phishing is profitable and easy for scammers, as they can cheaply and with ease have access to millions of valid e-mail addresses to send these scam mails to. Latest trends : As with all malicious code, once a small percentage of the population starts to catch on, the perpetrators find ways to make the attack a little different, and in this case, make the ‘phish’ harder to net. The newest type of phishing scam is one that focuses on a single user or a department within an organisation. The scam mail appears to be legitimately addressed from someone within that company, in a position of trust, and request information such as login IDs and passwords. These mail scams will often appear to be from a company’s own human resources or technical support divisions and may ask employees to update their username and passwords. Once hackers get this data, they can gain entry into secured networks. Another variant of these mails would be one which will ask users to click on a link, which deploys a spyware that can steal data. These type of ‘phishing’ attack trends are called as ‘Spear Phishing’ or Focussed Phishing. A more dangerous phishing trend to have evolved recently is called as ‘Pharming’, where even if you have typed in a correct URL address to reach out to a bank or company and if that particular web server of the bank or company has been compromised by something called ‘DNS poisoning’, you would be taken to a spoofed website without your knowledge and inflicting the same damage. Pharming is a scamming practice in which malicious code is installed on a personal computer or server, misdirecting users to fraudulent websites without their knowledge or consent. Pharming has been called ‘phishing without a lure.’ Consumer advice : How to avoid Phishing Scams : The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe, as a general rule you should be careful about giving out your personal financial information over the Internet. The Anti-Phishing Working Group has compiled a list of recommendations given below that you can use to avoid becoming a victim of these scams. Be suspicious of any e-mail with urgent requests for personal financial information unless the e-mail is digitally signed, you can’t be sure it wasn’t forged or ‘spoofed’ phishers typically include upsetting or exciting (but false) statements in their e-mails to get people to react immediately they typically ask for information such as usernames, passwords, credit card numbers, social security numbers, etc. phisher e-mails are typically NOT personalised, while valid messages from your bank or e-commerce company generally are. Don’t use the links in an e-mail to get to any web page, if you suspect the message might not be authentic instead, call the company on the telephone, or log onto the website directly by typing in the webaddress in your browser. Avoid filling out forms in e-mail messages that ask for personal financial information you should only communicate information such as credit card numbers or account information via a secure website or the telephone. Always ensure that you’re using a secure website when submitting credit card or other sensitive information via your web browser to make sure you’re on a secure web server, check the beginning of the web address in your browser’s address bar — it should be ‘https://’ rather than just ‘http://’ Consider installing a web browser tool bar to help protect you from known phishing fraud websites EarthLink ScamBlocker is part of a free browser toolbar that alerts you before you visit a page that’s on Earthlink’s list of known fraudulent phisher websites. Its free to all Internet users — download at http://www.earthlink.net/earthlinktoolbar Regularly log into your online accounts don’t leave it for as long as a month before you check each account. Regularly check your bank, credit and debit card statements to ensure that all transactions are legitimate if anything is suspicious, contact your bank and all card issuers. Ensure that your browser is up to date and security patches applied. In particular, people who use the Microsoft Internet Explorer browser should immediately go to the Microsoft Security home page — http://www.microsoft.com/security/ — to download a special patch relating to certain phishing scheme. It is always advisable to have a comprehensive protection on the desktop or laptops using personal firewall, anti-virus, anti-spyware content filtering and URL filtering solutions. Article by Prajit Nair, Chartered Accountant


Rewards waiting for feedback at E-mail : smarttrainee@gmail.com

www.primeonlinetest.com
Disclaimer: We believe that the information contained in this e-zine is true. If you do not wish to receive Smart Trainee please click here.
Prime Academy - In Pursuit of excellence

Click here to contact us, if you are unable to view the content properly