What is Phishing?
The practice of using fraudulent e-mails and copies of legitimate websites to extract financial data from computer users for criminal purposes is called Phishing
Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. The messages appear to come from well known and trustworthy Web sites. Web sites that are frequently spoofed by phishers include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online and many Banking sites. Like the fishing expedition it’s named Phishing and it is a speculative venture: the phisher puts the lure hoping to fool at least a few of the prey that encounter the bait.
Phishers use a number of different social engineering and e-mail spoofing ploys to try to trick their victims. In one fairly typical case before the Federal Trade Commission (FTC), a 17-year-old male sent out messages purporting to be from America Online that said there had been a billing problem with recipients’ AOL accounts. The perpetrator’s e-mail used AOL logos and contained legitimate links. If recipients clicked on the “AOL Billing Center” link, however, they were taken to a spoofed AOL Web page that asked for personal information, including credit card numbers, personal identification numbers (PINs), social security numbers, banking numbers, and passwords. This information was used for identity theft.
The users are advised to be suspicious of any official-looking e-mail message that asks for updates on personal or financial information and urges recipients to go directly to the organization’s Web site to find out whether the request is legitimate. If you suspect you have been phished, forward the e-mail to the original site from where the email is supposed to come from.
Popularity: 6% [?]
