Pronounced like fishing, phishing is a term used to describe a malicious individual or group of individuals scamming users by sending e-mails or creating web pages that are designed to collect an individual's online bank, credit card, or other information protected by the Data Protection Act. Because these e-mails and web pages look like legitimate companies users trust them and enter their personal information.
Below is an example of what a phishing e-mail may look like.
To a user who frequently uses Paypal or any online service, these e-mails may appear as if they have come from the company described in the e-mail. However, phishing e-mails are designed to deceive the user and trick them into visiting the links in the e-mail that are designed to steal personal information such as usernames, passwords, credit card information, etc.
Here is what PayPal suggests:
* Look for a PayPal Greeting: PayPal will never send an email with the greeting "Dear PayPal User" or "Dear PayPal Member." Real PayPal emails will address you by your first and last name or the business name associated with your PayPal account.
*If you believe you have received a fraudulent email, please forward the entire email—including the header information—to spoof@paypal.com. We investigate every spoof reported. Please note that the automatic response you get from us may not address you by name.
*Don't share personal information via email: We will never ask you to enter your password or financial information in an email or send such information in an email. You should only share information about your account once you have logged in to www.paypal.com/.
*Don't download attachments: PayPal will never send you an attachment or software update to install on your computer.
Now let's have a look on the no.1 social site
This is an example of Facebook phishing messages which was circulating earlier around 2011
Well, you will be redirected to what appears on first glance to be a Facebook login page. However, in reality, it’s a phishing page designed to steal email addresses and passwords from users who are so keen to see a video of their president that they’ll type in their credentials without thinking.
These video could be of any type, political, market, school/college, celebrity scandals ..........anything that catches attraction & looks interesting.
So when you get redirected, here is an example of page you may see
& Here is the legitimate page
Did you find out the differences?
Very well if you. If you didn't, let me help ya in that
Starting at the very top –
1. The genuine login page calls itself “Log in” in its title bar. Amusingly, the real Facebook is inconsistent as to whether you “Log in” or “Login” to Facebook as later in the page it refers to “Facebook Login”. It’s odd to see a phishing page be more professional than the real thing.
2. That’s clearly not Facebook’s genuine URL. Interestingly, other pages on the domain contain clickjacking scams.
3. Facebook falls in the category of those trusted sites which uses SSL(Secure Socet Layer) encryption, It's a protocol for transmitting private documents via the Internet & that you can see in the genuine page.
4.In the main Log in section there should be "Email" not "Email address".
5.Likewise above there should be "Forgotten your password" link instead of "Forgot your password".
*Update: This point is obsolete cause facebook is now using "Forgot your password".
6. The real page gives me more language options – including UK English and Welsh which aren’t available on the phishing page. It’s possible that the real Facebook is doing some GEO-IP lookups and determined that I’m visiting from the UK – maybe users in other countries don’t see those options.
7. The phishers have the copyright date incorrect, believing it to be 2010 rather than 2011.
8. There are many more link options made available in the footer of the real login page, including “Badges”, “Mobile”, “People”, etc
.
Now can you differentiate between legit & fake email messages of it?, have a look :
This one seems to be legit with style & same layout
but reality comes-up after mouse cursor hovering i.e. a fake message.
This one is legit:
With over 260 million phishing emails sent every single day, there is a pretty good chance that one of these may land in your inbox. So, how do you make sure you aren’t one of the many to fall victim to a phishing or spoofing attack? I have discovered 10 tips below to help defend against one:
1-Hover mouse cursor
Probably the easiest way to identify if an email is legitimate or not, is to simply hover your mouse arrow over the name in the From column. By doing so, you will be able to tell if the email is from a recognizable domain that is linked to the actual sender name.
2-Are the URLs legitimate?
Continuing on with the theme of hovering over certain parts of the email, another place to check would be any URLs the email is trying to get you to visit. You will always want to make sure the link is legitimate and uses encryption (https://). However, in order to be extra cautious, it is best practice to always open a new window and go to the site directly without using the email link provided in an email.
Let's practice on this, Here's one link that supposed to be the link of http://earn-sure-money.blogspot.com/
http://earn-sure-money.blogspot.com/
but if you hover your mouse cursor on it you'll see the real information at above your cursor, up/down of your browser depending on your browser or operating system & find where the link is taking you i.e http://systemandu.blogspot.com/.
3-Incorrect grammar/spelling
A common practice of many hackers/scammers is to use misspelled words on purpose. While it may seem that this would easily reveal an illegitimate email, it is actually a tactic used to find less savvy users. Spammers have learned that if they get a response from a poorly written email, they are on to an easy target and will focus their efforts to bring that user down.
4-Plain text/Absence of logos
Most legitimate messages will be written with HTML and will be a mix of text and images. A poorly constructed phishing email may show an absence of images, including the lack of the company’s logo. If the email is all plain text and looks different than what you’re used to seeing from that sender, it is best to go with your gut feeling and ignore the message.
5-Message body is an image
This is a common practice of many spammers. Make sure the email is a good mix of text and images. Also, there may be embedded links for you to hover over within the image for an extra step of precaution.
6-IP Reputation
If you can easily identify the sending IP of that email(www.whatismyip.com/how-to/), you can look up the IP’s reputation through Return Path’s Sender Score site(www.senderscore.org/). This tool will reveal a score (0-100) and will be able to give you some insight into the sending IPs historical performance. The lower the score, the more likely the email is a phishing or spoofing attempt.
7-Request for personal information
One tactic that is commonly used by hackers is to alert you that you must provide and/or update your personal information about an account (e.g., Social Security number, bank account details, account password). Phishers will use this tactic to drive urgency for someone to click on a malicious URL or download an attachment aiming to infect the user’s computer or steal their information.
8-Suspicious attachments
Is this new email in your inbox the first time your bank has sent you an attachment? The majority of financial institutions or retailers will not send out attachments via email, so be careful about opening any from senders or messages that seem suspicious. High risk attachments file types include: .exe, .scr, .zip, .com, .bat.
9-Urgent/Too good to be true
If an email seems too good to be true, it most likely is. Be cautious with any message offering to place money into your bank account by simply “clicking here”. Also, if the content places any kind of urgency as far as “you must click into your account now”, it is most likely a scam and should be marked as “junk/spam”.
10-Is my email address listed as the From address?
If you notice that your email address is being identified as the From address, this is a sign of a fake email message. Along those same lines, if the "To" field shows a large list of recipients, you should also be cautious. Legitimate emails will most likely be sent directly to you and you only. You may see “undisclosed recipients” and this is something to keep an eye on as well. It could be a valid send, but double check by using the other tips identified above.
11- SSL encryption
If you're used to sites like facebook, online bankings or any other type of site which uses SSL encryption; you must check it everytime you visit them.
Here's an example of how it looks like:
Phishing and spoofing continue to be a problem for companies worldwide and, in turn, a problem for all email users. Compromised accounts not only pose a threat to a company’s IT or security department, but also lead to a drop in overall brand trust and loyalty.
*Some new terms*
Smishing
Phishing can come through your phone via voice or SMS. Smishing is when a scammer sends an SMS message to your phone number with a bogus phone number or URL. The message is usually urgent like:
“Your PayPal account has been suspended due to suspicious activity. Please contact us immediately at 1-408-123-4567. It is imperative that we speak to you immediately.”
“PayPal: You spent $1293.17 USD at The Home Depot. If you did not make this transaction please call us immediately at 1-408-123-4567. Thank You.”
If you call the number, you are confirming that you have a PayPal account. When you call you will be talking to a fraudster who will ask for your account information so he can steal from your account.
Similarly, a URL link in a text message on a smartphone could be bogus.
“PayPal: You spent $1293.17 USD at The Home Depot. If you did not make this transaction please login at paypal.mobileservice2013.com/txn?id=178948 to stop this transaction. Thank You.”
Note the bogus URL in the message. You should be suspicious of text messages containing links. If you are ever in doubt about the validity of a link, type www.paypal.com into your browser yourself to log in.
Vishing
Fraudsters will use an automated system to make voice calls about urgent account problems and ask the victim for account information. This is called Vishing. For example:
"This is PayPal calling about a possible fraudulent transaction on your account. Please enter your PIN now to hear the transaction details. We need your immediate response to block this transaction."
If the user enters their PIN or password, the scammers will get more information to accesses the account. Never provide any account information if you did not originate the phone call.
CallerId cannot be trusted. Even if the CallerId says PayPal, this is not sufficient for you to trust the call. It is easy for scammers to fake the CallerId and there is no way for you to know.
Sometimes the automated calls will ask you to call back. They will leave a number or you can just click call from your smartphone. Don’t call the number that the scammer provided. If you need to contact PayPal, go the Contact Us link on any PayPal page for the real phone number.
Site Safety Rating Tools
You can’t always catch suspect links before you click on them, but there are several site safety rating tools that can help protect you while you are browsing. These services collect reports about suspicious sites and rate them. These free tools can preempt you from going to a site that might infect your system with malware:
www.siteadvisor.com/
www.mywot.com/
These won’t catch every bad link because the bad guys keep creating new ones. These tools can be a good first defense but you still need to be suspicious of strange links.
If you fall for Phishing, Vishing, or Smishing
There are plenty of clever scam attempts and new ones are being created all the time, so despite your best intentions it could happen. If you have a suspicion that you fell for a scam, here are some steps to protect yourself:
*Change your account password, PIN and Security Questions immediately. Do this for your PayPal account, email account and your other online accounts.
*Run an Anti-Virus scan on your system to make sure that you did not pick up a virus. Make sure that your system and Anti-Virus software is up to date.
*Check your online account statement vigilantly over the next few weeks and months for unexpected actions.
As we are used to the gaming platform "Steam"; here are few examples of phishing in that :-
Here's one real example of fraudulent email intercepted earlier
As you can see it claims to be a legit steam email suggesting you to maintain your account, redirecting you to a legit looking page but having a different email address.
...and here are some phishing attempts showing the awareness of users : -
You can report these kind of attempts to steam forum as well as to other sites related to the incoming phishing material
Here's one helpful site for ease:
antiphishing.org/report-phishing/
So fellas, next time you get any email, message or anything which looks suspicious: STOP - CHECK - CLICK
Be Smart, Be Safe!
Happy Surfing !!
Source(s)
consumerfraudreporting.org
SophosSecurity
returnpath.com
0 comments:
Post a Comment