phishing, Index

What is phishing? The term phishing was coined by ‘crackers’ to refer to the act of tricking people into revealing sensitive or private information. It relies on the fact that asking a large number of people for this information, will always fool at least a small number of people. In a phishing attempt, the attacker would typically create a situation where people believe that they are dealing with an authorized party, such as their bank. The attacker will then ask the victim for sensitive information such as credit card information. Much of this activity is automated and the target is typically a large number of Internet users. Therefore phishing is considered an opportunistic attack rather than a targeted one.

Anti-Phishing Guide On this page, we offer links to articles, reviews, vendors and resources to help you fight "phishing" -- creating a replica of an existing Web page and using spam to fool end users into submitting personal, financial, or password data.

What is a "Phishing" Scam? "Phishing" is an e-mail scam that attempts to trick consumers into revealing personal information—such as their credit or debit account numbers, checking account information, Social Security numbers, or banking account passwords—through fake Web sites or in a reply e-mail. Typically the e-mails and Web sites use familiar logos and slick graphics to deceive consumers into thinking the sender or Web site owner is a government agency or a company they know. Sometimes the phisher urges intended victims to "confirm" account information that has been "stolen" or "lost." Other times the phisher entices victims to reveal personal information by telling them they have won a special prize or earned an exciting reward.

Secure your website from a Phishing Attack The fraudulent game of "Go Phish" seems to be as popular as playing Texas Hold Em Poker these days. Spammers and hackers are wreaking financial havoc on consumers and companies alike. In this high stakes game, consumers end up losing their money and companies end up losing their good name, while the phishers seem to hold all of the chips. Recently, MasterCard International disclosed that 40 million credit card accounts were exposed to fraud. Before they could even get word out to all of their customers, experienced phishers began immediately sending out e-mails directing cardholders to a fake MasterCard Web page.

What is Phishing? "Phishing", also known as "Brand Spoofing", is the creation of e-mails and websites that replicate existing, genuine websites and businesses. These sites attempt to lead the user to believe that the requests for information are coming from a legitimate source, thereby scamming them into providing personal, confidential information that can then be used to commit other crimes. The most common method of requesting this information is via an e-mail to the user.

Only the stupid fall for phishing? At least I used to think so. The old phishing attacks we used to get were pretty easy to spot. The spelling was bad and the presentation was aweful. However, the perpetrators have been getting more sophisticated, and employing sneakier methods. Take this email I just received. It warns me that my Commonwealth Bank account is about to expire. Now, I’m not a Commonwealth Bank customer, but a lot of Australians are. I would be surprised if some of those customers didn’t fall for this one. The email looks geniune enough.

Are you apprehensive about being victim to the ever-increasing Internet Fraud?? Phishing scams are not unheard of… Has a fraud mail or link ever led you to a fake website, where your confidential information like credit card numbers, etc has been asked for? If not, you are lucky; but nevertheless, you run the risk of facing such a situation in the near future without being aware of it in any way. A fraudulent website visited by you as a consequence of a spoof email is Internet fraud, and you can opt for services that provide phishing protection tools, thereby offering protection against identity theft over the Internet.

Microsoft Seeks to Identify Phishing Scam Authors By Brian Krebs washingtonpost.com Staff Writer Thursday, March 31, 2005; 3:51 PM Microsoft Corp. on Thursday escalated its efforts to crack down on Internet fraud, announcing that it filed more than a hundred lawsuits aimed at identifying people the company says targeted its e-mail and Internet service customers through "phishing" scams. Microsoft filed 117 civil lawsuits against unnamed individuals in federal district court in Seattle, hoping to learn the identities of those behind a rash of fraudulent e-mail messages identified over the past six months that specifically targeted customers of Microsoft's MSN Internet and Hotmail e-mail services, the company said.

Recently, there have been multiple e-mail fraud attempts, known as "Phishing”, that were initiated via e-mail sent to both the general public and to some credit union members that appeared to be from NCUA. This false e-mail asked for the recipient to click on a link to verify their credit union account registration. If the recipient proceeded to do so, the link directed them to a false website and asked for their credit union account number and PIN, along with other personal information.

Consumer confidence in conducting business and protecting personal data online is threatened every day by phishing scams. In an initiative led by the National Consumers League (NCL), law enforcement, financial services and technical industries have joined forces to combat this threat. The group today issued a “call to action” with the release of a paper outlining key recommendations that form a comprehensive plan for combating phishing more effectively.