Phishing

Recently I have received email from my bank/credit Card Company, eBay & pay pal saying that my account has possibly been compromised and I need to confirm my details and password in order to get continued access.

Spam email now has a new and more frightening variant, it's called phishing and it has been made by criminals and hackers who aim at getting unwitting consumers to reveal account numbers and passwords.

Usually after getting an email like the ones mentioned above from reputable companies, most of us would race to respond as quickly as possible. However, in most cases you will find that you won't be helping anyone other then the criminal who wrote that email and who has nothing to do with the actual organizations.

What is Phishing?

It is when someone creates false email that pretends to be from a bank or other authority, but which is actually designed to collect sensitive information such as passwords. This process of stealing information used for fraudulent purposes is the latest problem to plague Internet users. It is a phenomenon know as phishing i.e. emails 'fishing' for important information.

Just like Spam, phishing mails are sent to the widest possible audience so it's not unusual to receive a message asking you to confirm account details from an organization you do not actually deal with. You may be asked to fix up your eBay account when you haven't even got one!

In addition to collecting sensitive information many phishing messages try to install spy ware, Trojans etc. allowing hackers to gain backdoor entry into computers.

Types of Phishing Emails:

Some phishing emails ask for a response by email.

Some emails include a form for collecting details that you are told to fill out.

Some even include a link to a web site that resembles the actual site you expect to visit, but is actually a clone of the original site.

Number of active phishing sites reported in March, 2005: 2870

Number of brands hijacked by phishing campaigns: 78

Contains some form of target name in URL: 31%

Country hosting the most number of phishing sites: United States of America

Source: http://www.antiphishing.org

Phishing attacks can be really sophisticated. Some time ago a flaw in Internet Explorer allowed hackers to display a false address while redirecting the user to an entirely different site making it almost impossible to distinguish a phishing attack from a legitimate email.

Possible solutions:

New technologies can provide a better means of countering phishers. One option being explored by a lot of banks is the use of a secure token, a small electronic gadget that generates a unique password to be entered each time a user logs onto the web site. This would make a phishing attack useless because without the physical possession of a token it is impossible to access the account. This approach is somewhat similar to what is used at Automated Teller Machines around the world where you need to have both the card and the Pin number in order to use the machine.

One option is to use a technology popularly knows as PassMarks that effectively acts as a second password. After entering the user name a unique image pre selected by the user is displayed before s/he is asked for the password. If the proper image is not displayed the user will come to know that s/he is not on the authentic site. Another option that a lot of organizations are exploring is using text messages instead of email messages. Text messages cost money to send, so Spammers are less likely to partake in the process making it easier to distinguish between legitimate messages and fakes.

Ashish Jain
M6.Net Web Helpers
http://www.m6.net

In The News:


Forbes

Building A Strong Foundation: How Network Architecture Dictates IT Security
Forbes
Although IT security has emerged as a high-profile, headline-grabbing issue, the concept of securing data has traditionally been secondary at best. Developers are typically focused on other elements, such as design and functionality. As a result ...

and more »

NPR

Equifax Confirms Another 'Security Incident'
NPR
After the revelation that a cybersecurity breach at the international credit reporting agency Equifax exposed personal information of 143 million people, the company has confirmed an additional security incident with a payroll-related service in the ...
Equifax says it had a security breach earlier in the yearABC News
Equifax acknowledges a second security 'incident' happened in MarchCNBC
Equifax Execs Resign; Security Head, Mauldin, Was Music MajorNBCNews.com
TechCrunch -CNNMoney -Bloomberg -Bloomberg
all 1,836 news articles »

USA TODAY

The Early Edition: September 21, 2017
Just Security
The U.N. Security Council backed reforms to its peacekeeping missions yesterday, Vice President Mike Pence stating that the U.N. must be more efficient and effective. Alexandra Olson reports at the AP. U.N. Secretary General António Guterres opened the ...
At UN, Trump's 'me first' doctrine abandons Truman's postwar 'security for all'USA TODAY
Remarks by President Trump at the Reforming the United Nations: Management, Security, and Development MeetingThe White House (blog)

all 4,361 news articles »

Forbes

Alphabet's Nest Goes After The Boring (But Big) Home Security System Market
Forbes
Alphabet-owned Nest has launched a full-on assault on the home security services market. At a press conference in San Francisco Wednesday morning, the smart gadget company announced its first full-fledged security system, Nest Secure. Nest Secure's ...
Nest's home security system costs $499 and comes with magnetic ...The Verge
Nest launches a new $349 smart outdoor security cameraTechCrunch
Alphabet's Nest introduces new home security devices as CEO promises big increase in salesCNBC
Phys.Org -Gizmodo -Business Insider -Nest
all 116 news articles »

Tunisia must live up to promises to end impunity for security forces at UN Human Rights Council
Amnesty International
The use of torture in custody and human rights violations committed in the name of security and counterterrorism will continue unabated unless Tunisia lives up to the commitments it has made today at the UN Human Rights Council in Geneva, said Amnesty ...

and more »

Engadget

Knightscope's new security bot looks like a mini concept car
Engadget
Robot maker Knightscope has been in the news lately for all the wrong reasons. Its K5 security robot took a look at the harsh world and chose to throw itself into a fountain. And a different K5 robot was attacked and knocked over by a drunk guy. But ...

and more »

PBS NewsHour

White House refutes Erdogan's claim that Trump apologized for charges against security guards
PBS NewsHour
The White House on Wednesday refuted Turkish President Recep Tayyip Erdogan's claim that President Donald Trump apologized to him after the Department of Justice filed charges against members of Erdogan's security detail following a clash outside of ...
Turkish president: Trump apologized for indictment of security staff in brawlThe Guardian

all 221 news articles »

Washington Post

UC system will chip in at least $300000 to help Berkeley pay security costs for controversial speakers
Los Angeles Times
The University of California will chip in at least $300,000 to help UC Berkeley pay security costs for controversial speakers, an unprecedented step as criticism mounts over the financial toll the events are taking on the campus. “Free speech is not ...
UC President to Pay Half of Security Costs for Shapiro, YiannopoulosInside Higher Ed
'Substantial cost': University of California foots major security bill for free speechWashington Post

all 36 news articles »

National Review

For National Security!
National Review
Call it Cooke's Rule: Those losing the argument over a given domestic policy will eventually cry “necessity.” This morning, Matthew Olsen and Benjamin Hass provide a good example, arguing in Politico that “the Electoral College is a national security ...

and more »

10TV

Security robots used to help fight crime
10TV
The security bots use the same technology used at TSA security checkpoints to determine the size and shape of weapons. Creators are also working on audio detection to help security locate the scene of a crime. “The opposite of voice recognition, can ...

Google News

Message Board Security Problems

Security leaks can be a big problem for any site... Read More

Protect Your Little Black Book

The movie Little Black Book features a young woman, Stacy,... Read More

Just Whos Computer is this Anyway?

Well, this is an article I never thought I would... Read More

Keeping Worms Out of Your Network...

No auntie Sookie, not earth worms, computer virus worms that... Read More

Computer-Virus Writers: A Few Bats In The Belfry?

"Male. Obsessed with computers. Lacking a girlfriend. Aged 14 to... Read More

Spyware ? Your Web Browser is the Culprit!

My first experience with a spyware BHO based infection was... Read More

What to Look for before You Purchase Spyware Software

Huge number of spyware software applications are available in the... Read More

Mail Forwarding - Why Would You Do It?

First of all we need to get some terms stated.... Read More

Adware and Spyware: The Problems and Their Solutions

The Threat10 years ago you could probably have run no... Read More

Spyware Programs Are Out To Get You!

The average computer is packed with hidden software that can... Read More

Free Ways to Tackle Threats to Your Computer

Protect Your PCHaving problems with your pc? Do your kids,... Read More

Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking

Airport Menace: The Wireless Peeping Tom ---------------------------------------- As a network... Read More

Top Spyware Removers Considerations

Only the top spyware removers are successful at detecting and... Read More

Another Fine Mess!

I'm in the Anti-Spyware business, and I'm doing a lot... Read More

Dialing Up a Scam: Avoiding the Auto-Dialer Virus

For many, the daily walk to the mailbox evokes mixed... Read More

Email Hoaxes, Urban Legends, Scams, Spams, And Other CyberJunk

The trash folder in my main inbox hit 4000 today.... Read More

Computer Viruses, Worms, and Hoaxes

In recent days, I was one of the unfortunate persons... Read More

Hacking the Body Via PDA Wireless Device

First I would like to stress I am condoning the... Read More

Network Security 101

As more people are logging onto the Internet everyday, Network... Read More

Spyware Attacks! Windows Safe Mode is No Longer Safe

Many of us have run into an annoying and time-consuming... Read More

Is Shopping Online For Your Horse Gifts Safe?

Shopping for horse gifts or other gift items on the... Read More

With the Rise of Internet Crimes, Users are Turning to High-Tech ?PI?s? for Solutions

High-tech private investigators are becoming the answer for many Internet... Read More

Social Engineering - The Real E-Terrorism?

One evening, during the graveyard shift, an AOL technical support... Read More

Data Security; Are Your Company Assets Really Secure?

Is your data secure? Think again. Securing data is unlike... Read More

Identity Theft - Dont Blame The Internet

Identity theft ? also known as ID theft, identity fraud... Read More