CLICK HERE FOR THOUSANDS OF FREE BLOGGER TEMPLATES »

2008-06-19

Phshing: Examples and its prevention methods

Phishing
Phishing is a form of identity theft that uses the Internet to fraudulently acquire sensitive information such as usernames, passwords, credit card details and bank account numbers from business and individuals. It is the act of sending the user an email and directing the user to enter personal details at a very real looking website. The purpose is to steal the user’s information.

Examples.

Example 1

"Update Your Account"a simple eBay phishing attempt:


As the website is made similar to a legitimate organizations site, the people are easily being tricked into thinking that they were actually being contacted by eBay and were subsequently going to eBay’s site to update their account information.

Example 2



The technique of URL spoofing was used in this example. The users will be tricked into thinking that they are on a legitimate website as a malformed URL will not be displayed properly be certain web browsers.



Prevention methods
Using TippingPoint’s Phising Protection can prevent Phishing. It is able detect and prevent phishing attempts by analyzing the content of both the web site and e-mail and look for defining phishing characteristics, certain vulnerabilities and behaviors. It is done by a combination of vulnerability filters, signatures and behavior-based protection techniques. With phishing protection, the TippingPoint IPS identifies phishing e-mail scams to protect the individuals and businesses from financial losses and unauthorized phishing operations within their web servers.


Phishing can also be prevented with the installation of Cyberoam. It can help to prevent phishing by blocking site access and spam entry. The filtering and firewall of Cyberoam prevent inbound and outbound traffic to sites and others that are spyware carriers, which can be a forerunner to phishing attacks. Besides, most of the phishing mail by spam filtering will be stopped before it reaches the users with the help of Cyberoam’s pre-integrated Anti-Spam as it will analyze the mail content and delete phishing mails.


Besides, Firefox can be installed to protect the user’s websites from being phishing. Firefox will check the sites that the users browse against a list of known phishing sites for more up-to-date protection as phishing attacks occur very quickly. The Firefox’s security settings can configure the phishing protections settings and enhance the capability.


In addition, enterprise must also educate their employees of phishing threats to prevent them from creating a backdoor entry for the phishing into the network as spyware and phishing attacks can be entered though other means rather than the Internet.

0 comments: