The following is the example of phishing:-
The above phishing scam said that if you did not initiate the log ins, please visit PayPal as soon as possible to log in and perform the steps necessary to restore your account access, and the link is provided at the bottom of the page, if you click the link, you will be serious because the link will be opened in the new page, and it is asking you to key in your personal information and submit it to them, after you submit it, one of them maybe use your information for some other purpose like apply loan and so on.
Since there is very serious in phishing scam, there have several methods to prevent phishing scam are as below:-
1. Keep antivirus up to date – One of the most important things you can do to avoid phishing attacks is keep your antivirus software up-to-date because most antivirus vendors have signatures that protect against some common technology exploits. This can prevent things such as a Trojan disguising your Web address bar or mimicking an https secure link. If your antivirus software is not up-to-date, you are usually more susceptible to attacks that can hijack your Web browser and put you at risk for phishing attacks.
2. Do not click on hyperlinks in e-mails – It is never a good idea to click on any hyperlink in an e-mail, especially from unknown sources. You never know where the link is going to really take you or whether it will trigger malicious code. Some hyperlinks can take you to a fake HTML page that may try to scam you into typing sensitive information. If you really want to check out the link, manually retype it into a Web browser.
3. Verify https (SSL) – Whenever you are passing sensitive information such as credit cards or bank information, make sure the address bar shows "https://" rather than just "http://" and that you have a secure lock icon at the bottom right hand corner of your Web browser. You can also double-click the lock to guarantee the third-party SSL certificate that provides the https service. Many types of attacks are not encrypted but mimic an encrypted page. Always look to make sure the Web page is truly encrypted.
4. Don't enter sensitive or financial information into pop-up windows - A common phishing technique is to launch a bogus pop-up window when someone clicks on a link in a phishing e-mail message. This window may even be positioned directly over a window you trust. Even if the pop-up window looks official or claims to be secure, you should avoid entering sensitive information because there is no way to check the security certificate. Close pop-up windows by clicking on the X in the top-right corner. Clicking cancel may send you to another link or download malicious code.
References:-
1. http://www.krowenlaw.com/defphishing.htm.
2. http://antivirus.about.com/od/emailscams/ss/phishing_7.htm, 2008.
3. http://articles.techrepublic.com.com/5100-10878_11-5818568.html?tag=rbxccnbtr1, 2008.
No comments:
Post a Comment