Welcome to Cyber threat - Internet threat

¤ Go to The list of the articles
Custom Search

Phishing

In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

Phishing also is considered as a scam.

Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication it requires skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of current web security technologies. Attempts to deal with the growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures.

A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing, probably influenced by phreaking, and alludes to baits used to "catch" financial information and passwords.

There are many way to pervent to be phished such as installing anti-phishing software, web browser alert, ... but the most important is the awareness: don't click on stranger's provided links, don't input the bank and personal information into a stranger website address even it's webface look's like your bank's web. Safest way is to claim your information at bank on paper work if you got requested by an email.

At the service provider side, to help prevent the phishing to protect their clients. Multiple advanced technologies have been adopted. However, those technologies are there for assist, the most important is still the user awareness since phishing is a kind of social technic not the technology technic.

Sharing my personal experience to you, when in doubt on an email, I copy it's mail subject or a sentence from the email and adding more 2 words: phishing scam then put them on the Google search box to search. Usually, some tips on the internet forum or security defense organisation around the world would tell you what that email is.

[Reference: wikipedia]
Labels: ,
Reactions: 

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)