What is Phishing? Introduction to Phishing

No comments

I think that you ever listen about Phishing. So maybe you listen that you can create clone of some websites, give them same template, only URL little different. And send that to your victim, and after he fill on his email and password, he got hacked. All information come to you. So in this post i will explain more about Phishing, more exactly. And after that you understand completely about Phishing.

Phishing is for fraudulently acquire sensitive information, such as usernames, passwords and credit card details, by appearing as a trustworthy entity in an electronic communication. Phishing is typically carried out by email or instant messaging and often directs users to enter details at a website, although phone contact has also been used.

Recent phishing attempts have targeted the customers of banks and online payment services.
Spoofed e-mails are the most widely used tools to carry out the phishing attack. In most cases we get a fake e-mail that appears to have come from a Trusted Website. Hacker may request victim to verify username and password by replaying to a given email address.

Link manipulation is the best method of phishing to make a link in an email appear to belong to some trusted organization. Misspelled URL or the use of subdomains are common tricks used by phishers. To imagine good look at example given below.


www.gogle.com

www.goolge.com
instead of www.google.com

Phishers are using images instead of text to make harder for anti phishing filters to detect text used in phishing emails. This is why Gmail and Yahoo disable the images by default for incoming mails. 

Hackers often include official looking logos from real organizations and other identifying information taken directly from legitimate Web sites. For example look at picture below.


There are a few phrases to look for if you think an e-mail message is a phishing scam. 

1. Legitimate sites will never ask you to send passwords, login names, Social Security numbers, or any other personal information via email.


If you don’t respond within 48 hours, your account will be closed.

These messages convey a sense of urgency so that you’ll respond immediately without thinking.

Dear Valued Customer.

Phishing email messages are usually sent out in bulk and often do not contain your first or last name.

Click the link below to gain access to your account.

HTML formatted messages can contain links or forms that you can fill out just as you’d fill out a form on a Web site. The links that you are urged to click may contain all or part of a real company’s name and are usually “masked,” meaning that the link you see does not take you to that address but somewhere different, usually a scam Web site.
           Defend From Phishing Attack
1. Never assume that an email is valid based on the sender’s email address. 
2. A trusted bank/organization such as PayPal will never ask you for your full name and password in a PayPal email. 
3. An email from trusted organization will never contain attachments or software. 
4. Clicking on a link in an email is the most insecure way to get to your account.

That's it. I hope you understand all about Phishing. So stay tuned and we will post how to create Phishing websites and how to hack someone, get someones log in and password.

No comments :

Post a Comment