Parades
Checking the web address in the address bar of your browser may not be sufficient to detect the fraud because some browsers do not prevent the address displayed at that location to be counterfeit. It is possible to use the dialog “page properties” provided by the browser to discover the true address of the wrong page.
A person contacted about an account to be “verified” should seek to resolve the problem directly with the company or visit the website by manually typing the address in their browser. Note that the banking companies never use email to fix a security issue with one of its customers. Generally, it is recommended to forward the message to suspected fraud or abuse (e.g., if the phishing concerns societe.com, it will usurpation@societe.com or abuse@societe.com), which will enable the company to investigate.
Be especially vigilant when it encounters an address containing “@” symbol, e.g., @ http://www.mabanque.com members.unsite.com /. This kind of address will attempt to connect the user as the user “www.mabanque.com” on the server “members.unsite.com. It is likely that this occurs even if the specified user does not really exist on the server, but this method the first part of the address seems to be entirely innocent (www.mabanque.com). Similarly, some attackers used the addresses of sites containing a typo, or sub-domains, such http://www.mabanque.com.unsite.net/.
Newer browsers such as Safari, Firefox, Opera and Internet Explorer 7, have a system to alert the user of the danger and ask him if he really wants to use such questionable addresses. Netscape 8 also incorporates technology to maintain a blacklist of dangerous sites of this type.
Anti-Spam filters also help protect the user of computer criminals by reducing the number of emails that users receive and who can be phishing. The software mail client Mozilla Thunderbird has a very efficient Bayesian filter (anti-spam filter auto-adaptive).
Fraud on online banks seek to obtain the login and password of the account holder. It is then possible fraudster to log onto the website of the bank and make transfers of funds to his own account. To guard against this type of fraud, most online banking sites no longer allow the user to enter himself the recipient of the account transfer: we must, in general, call a service the bank is only entitled to enter the payee’s account from a list of accounts. The telephone conversation is often recorded and can then be used as evidence.
Other banks use an enhanced identification, which locks access to transfers if the user does not have the correct key eight-digit applied randomly among the sixty-four he owns. If the key is correct, the user may make transfers online.
Example Of Phishing In The Past
Phishing attacks are usually directed at sensitive sites such as banking sites. The social networking sites are now also the target of these attacks. The profiles of users of social networks contain many private elements that allow hackers to insert themselves into the lives of people targeted and successfully retrieve sensitive information.
Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.
Related posts:
Tags: phishing, phishing on the internet, phishing terminology, what is phishing