Phishing

Recently I have received email from my bank/credit Card Company, eBay & pay pal saying that my account has possibly been compromised and I need to confirm my details and password in order to get continued access.

Spam email now has a new and more frightening variant, it's called phishing and it has been made by criminals and hackers who aim at getting unwitting consumers to reveal account numbers and passwords.

Usually after getting an email like the ones mentioned above from reputable companies, most of us would race to respond as quickly as possible. However, in most cases you will find that you won't be helping anyone other then the criminal who wrote that email and who has nothing to do with the actual organizations.

What is Phishing?

It is when someone creates false email that pretends to be from a bank or other authority, but which is actually designed to collect sensitive information such as passwords. This process of stealing information used for fraudulent purposes is the latest problem to plague Internet users. It is a phenomenon know as phishing i.e. emails 'fishing' for important information.

Just like Spam, phishing mails are sent to the widest possible audience so it's not unusual to receive a message asking you to confirm account details from an organization you do not actually deal with. You may be asked to fix up your eBay account when you haven't even got one!

In addition to collecting sensitive information many phishing messages try to install spy ware, Trojans etc. allowing hackers to gain backdoor entry into computers.

Types of Phishing Emails:

Some phishing emails ask for a response by email.

Some emails include a form for collecting details that you are told to fill out.

Some even include a link to a web site that resembles the actual site you expect to visit, but is actually a clone of the original site.

Number of active phishing sites reported in March, 2005: 2870

Number of brands hijacked by phishing campaigns: 78

Contains some form of target name in URL: 31%

Country hosting the most number of phishing sites: United States of America

Source: http://www.antiphishing.org

Phishing attacks can be really sophisticated. Some time ago a flaw in Internet Explorer allowed hackers to display a false address while redirecting the user to an entirely different site making it almost impossible to distinguish a phishing attack from a legitimate email.

Possible solutions:

New technologies can provide a better means of countering phishers. One option being explored by a lot of banks is the use of a secure token, a small electronic gadget that generates a unique password to be entered each time a user logs onto the web site. This would make a phishing attack useless because without the physical possession of a token it is impossible to access the account. This approach is somewhat similar to what is used at Automated Teller Machines around the world where you need to have both the card and the Pin number in order to use the machine.

One option is to use a technology popularly knows as PassMarks that effectively acts as a second password. After entering the user name a unique image pre selected by the user is displayed before s/he is asked for the password. If the proper image is not displayed the user will come to know that s/he is not on the authentic site. Another option that a lot of organizations are exploring is using text messages instead of email messages. Text messages cost money to send, so Spammers are less likely to partake in the process making it easier to distinguish between legitimate messages and fakes.

Ashish Jain
M6.Net Web Helpers
http://www.m6.net

In The News:

Scanning for Flaws, Scoring for Security  Krebs on SecurityIs it fair to judge an organization's information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and ...
Huawei $2 billion security pledge followed walkout by British official: sources  ReutersLONDON (Reuters) - Huawei's relations with British authorities hit a low last month when a top official walked out of a meeting with the Chinese company over its ...
China Says Two Canadians Suspected Of Threatening National Security  NDTV NewsChina confirmed Thursday two Canadians are under investigation on suspicion of endangering the country's national security, fuelling tensions after Canada's ...
Over half of Brazil's population exposed in security incident  ZDNetRecords of 120 million taxpayers have been openly available online for weeks, according to experts.
UN Security Council to meet on Hezbollah tunnels  The Jerusalem Post - Israel NewsThe UN Security Council is scheduled to meet next Wednesday – at the request of the US – to discuss Hezbollah's cross-border attack tunnels, Israel's ...
Why has Israel's fabled security services failed to stop terror attacks?  The Jerusalem Post - Israel NewsIsraeli security forces shot dead a suspect and arrested a number of accomplices on Wednesday night, but the military isn't sure that the entire terror cell has ...
Interview: Security On Blockchain-Based Trading Platforms - Is There a Solution?  ForbesSecurity is one of the most important issues in the blockchain world with almost, not a day going by without learning of hacks and/or fraudulent schemes that ...
UK white hats blacklisted by Cisco Talos after smart security code stumbles  The RegisterUK security training company Hacker House briefly had its site blocked after being mistaken for malware by Cisco's security wing Talos' smart "threat ...
Invention promises airport security screening without queues  Phys.orgA research team led by The Australian National University (ANU) has invented a device that could be developed into ultra-sensitive cameras for security ...
After its worst year ever, Facebook hands out free hot chocolate and security tips  CNNAfter a year of scandal after scandal, Facebook hosted a pop-up event at a New York Christmas market to hand out free hot chocolate and security advice.
2 security guards injured in explosion at north Edmonton bank  CBC NewsTwo security guards were injured by an explosion Thursday during an armed robbery inside a bank in north Edmonton. The security officers were delivering ...
State has forgotten how to run Border security, says retired general  The Irish TimesBorder 'strong points' and patrols needed to enforce customs and migration post-Brexit.
'Walls Work,' Department of Homeland Security declares in post instantly mocked on social media  USA TODAY"Walls Work," reads the title of a press release posted on the Department of Homeland Security's website Wednesday, which makes dubious claims about the ...
New cyber-security "cluster" announced  RTE.ieA new cluster of cyber-security businesses is to be created here.
Officials considering more security at troubled Madison apartment site for homeless  Madison.comMore security guards at a troubled Madison apartment site for formerly homeless families is among several ideas under consideration to address an increasing ...
Extra security in place at Lincoln Park HS after threat found  WLS-TVExtra security is in place at Lincoln Park High School Thursday after a threat was discovered.
Global investment rules tighten in national security era - U.N.  Reuters UKA U.N. survey of governments' investment regulations has found 30 percent of measures adopted in the first ten months of this year were a tightening of ...
Predicting cyberattacks: the need for new cyber security tools  Army TechnologyThe UK Government's Defence and Security Accelerator (DASA) has launched a new competition to create a deployable solution for predicting cyberattacks.
Baraboo schools deem threat not credible, take extra security precautions  Channel3000.com - WISC-TV3School officials in Baraboo are taking extra security precautions after investigating a threat they deemed to not be credible, according to a release.
Hiring our Heroes president: Military spouse employment is 'critical to national security'  Military TimesHow many *service* members have talked about leaving the military because their spouse can't find a job? According to a recent Hiring Our Heroes survey, that ...
Despite skepticism, DoD, NBIB insist pending security clearance transfer will be seamless  Federal News NetworkTop officials at the National Background Investigations Bureau and the Pentagon's Defense Security *Service* tried to ensure lawmakers that the transfer of the ...
Durban beefs up beachfront security before festive season influx  SowetanLIVE Sunday WorldClose to 800 extra guards and police will be sent to Durban's beaches as the city beefs up security ahead of an influx of holidaymakers and other revellers.
VA mismanaged police force, costing millions of dollars and leaving security gaps, investigators say  USA TODAYWASHINGTON – The Department of Veterans Affairs failed to properly manage thousands of VA police officers who patrol its medical centers across the country, ...
Swedish security police arrest terror plot suspect  Euronews EnglishSwedish security police have arrested one person suspected of planning a terror attack.
Tigera raises $30M Series B for its Kubernetes security and compliance platform  TechCrunchTigera, a startup that offers security and compliance solutions for Kubernetes container deployments, today announced that it has raised a $30 million Series B ...
Amid Huwaei row, China probes Canadian on suspicion of 'harming' national security  Times NowBeijing: A second Canadian citizen is reportedly being investigated on suspicion of endangering national security, adding to tensions after Canada's arrest of a ...
Rome increases security at Christmas markets  Wanted in RomeRome has increased its security measures at the city's Christmas markets, museums and main shopping streets in response to the Strasbourg gun attack.
SoftBank to remove existing Huawei equipment amid security concerns  Nikkei Asian ReviewTOKYO -- Japanese mobile carrier SoftBank has decided to replace the Huawei Technologies equipment in its 4G telecommunications network infrastructure.
Barcelona security hit Tottenham fans with batons at the Nou Camp  Daily MailFootage has emerged of Tottenham fans being struck with batons by Barcelona security as violent scenes unfolded during their Champions League clash at the ...
Parkland shooting: Commission faults sheriff's deputies, details school security lapses in report  Washington PostThe massacre of 17 students and staff inside a Parkland, Fla., high school earlier this year was marked by security lapses at the school and failures by multiple ...
Google+ to shut down early after second major security incident  The Next WebAfter another data leak, its second such leak in a year, Google today announced it was shutting down its beleaguered social media platform, Google+.
'Queer Eye' star Tan France accuses TSA of labeling him 'security risk' due to skin color  USA TODAYTan France, one of the stars of Netflix's "Queer Eye" reboot, said he was put through extra security because of the color of his skin.
Huawei's presence in Saskatchewan risky, says security expert  CBC.caThe former head of the Asia-Pacific Bureau for the Canadian Security Intelligence *Service* (CSIS) says the presence of Chinese telecom giant Huawei's ...
France raises security alert level to maximum but what does that mean for the public?  The Local FranceThe French government has upgraded its security threat level to "emergency attack" - the highest level - following a deadly shooting at a Christmas market in ...
WATCH: Fists fly between photographers and security at CPUT graduation ceremony  News24Unaccredited photographers who wanted to get a piece of the action at a Cape Town graduation ceremony instead found themselves trading blows with security ...
Lawsuits claim false arrests by Mountain Valley Pipeline's security company  Roanoke TimesTwo Craig County residents are suing the security company working for the Mountain Valley Pipeline, claiming they were falsely accused of trespassing on a ...
2019: NSA pledges neutrality of security agencies  The PunchThe National Security Adviser, retired Maj.-Gen. Babagana Mongun0, has assured that security agencies. that will be deployed for election duties in 2019 will be ...
DXC Technology turns to BT Security to nab its infosec bossman  The RegisterDXC Technology UK arm has hired former BT Security CEO Mark Hughes to run its global security function, replacing yet another old timer from the Hewlett ...
Airport security shuffle is a 'milestone' step toward new Missoula terminal  MissoulianThere's a walk-through metal detector where the grizzly under glass once stood.
Trump says he’ll do ‘whatever it takes to get border security’ as shutdown looms  Washington PostPresident Trump pledged Thursday to do “whatever it takes to get border security,” deepening an impasse over border wall funding barely a week from a crucial ...
Strasbourg attack: Macron slated for French security failures - 'How many more attacks?'  Express.co.ukFRENCH opposition leaders on the right and far-right excoriated President Emmanuel Macron's government after Tuesday's deadly attack in Strasbourg, ...
Why even the 'worst of the worst' criminals get transferred to medium-security prisons  CBC NewsThe revelation that one of Tori Stafford's killers has been transferred to a medium-security prison has sparked significant outrage. But experts say moving ...
Rational Security: The 'Smocking Gun' Edition  LawfareThere have been big moves in the Russia investigation. We'll put this week's pieces together. U.S. tensions with China escalate following the arrest of a senior ...
Bug bounty: Kerala-based security engineer spots glitch in Microsoft Office 365, Outlook  Economic TimesNEW DELHI: A Kerala-based application security engineer has won bug bounty from Microsoft for discovering a series of vulnerabilities that left over 400 million ...
Trump’s departure from reality is a national security threat  Washington PostOne of the most alarming aspects of President Trump's unfitness for the job is the danger he poses to national security. The Post reports: President Trump ...
Security tightened ahead of announcement of next Rajasthan CM's name  Times of IndiaIndia News: Security was tightened here on Thursday ahead of the announcement of the name of the next Rajasthan chief minister as the supporters of both ...
Authentication security startup NuID raises $2.5M to help companies prevent breaches  GeekWireSecurity startup NuID today announced a $2.5 million round to help grow its user authentication technology. Founded in early 2017, the Seattle-based company ...
Dolton school security guard accused of threatening students with gun was not licensed by state, officials say  Chicago TribuneA private security guard accused of threatening two Dolton high school students with a handgun in the Academy for Learning parking lot last month was not ...
France steps up security at Christmas markets – but is it safe to visit?  The TelegraphSecurity at Christmas markets in France will be bolstered over the festive period as the country raised its terror alert to the highest level in the wake of a shooting ...
Afghanistan: Suicide bomber targets security convoy in Kabul  Al Jazeera EnglishAt least 12 killed, six wounded in a Taliban ambush that hit a convoy of security personnel in Kabul.
Security tighter at Diablo Valley College after violent threat scrawled on campus  KTVU San FranciscoSecurity is tight on the Diablo Valley College campus on Thursday after a threat was found on a bathroom wall.
FG has politicised security, says Governor Wike  VanguardRivers State Governor, Nyesom Ezenwo Wike has declared that the All Progressives Congress (APC) Federal Government has politicised security to the ...
Top security officials issue stark warning of Chinese espionage efforts | TheHill  The HillTop security officials issued a stark warning about China's espionage efforts against the United States on Wednesday, labeling the country as one of the greatest ...
5 smart home security gifts that provide some peace of mind  Popular ScienceAll too often, we buy gifts that aren't valued beyond the festive season. If you're looking for something more meaningful, check out these home security gifts at the ...
Granny's beefs up security  The CarillonGranny's Poultry has received a variance from the RM of Hanover that will allow them to use se... - Local - The Carillon.
J&K: Two militants killed in encounter with security forces in Sopore  The Indian ExpressSecurity forces launched a cordon and search operation in BrathKalan area following information about the presence of militants, a police official said on ...
Ring vs Nest: Choosing a DIY home security system is a bigger decision than you might think  TechHiveIf you've spent any time looking at DIY smart home security products, you'll have come across Ring and Nest. These aren't the only companies in this space, but ...
How Amazon Web Services runs security at a global scale  ZDNetAmazon Web Services (AWS) runs a pretty tight ship where security is concerned; the organisation, after all, holds critical business applications and information ...
Huawei and 5G — experts clash on the risk to Canada’s national security  Toronto StarThe question has been percolating since long before Canada arrested Huawei's chief financial officer Meng Wanzhou in Vancouver, on an American request, ...
SECURITY: 'Disruptive' virus that hit energy companies resurfaces  E&E NewsA crippling computer virus that wiped out tens of thousands of computers at Saudi Aramco six years ago has resurfaced, security researchers say.
Marriott Hotels: Series Of Data Breaches Reveals Lack Of Security Awareness  ForbesTo combat large scale data breaches enterprises must adopt a cybersecurity culture, encouraging companywide skills development and awareness.
DTCC Security Chief Cites Blockchain As Systemic Risk  ForbesThe Depository Trust and Clearing Corporation today identified blockchain as a potential threat to global financial infrastructures, in its annual Systemic Risk ...
RBI slaps Rs 1 crore fine on Indian Bank for violating cyber security norms  Economic TimesThis action is based on deficiencies in regulatory compliance and is not intended to pronounce upon the validity of any transaction or agreement entered into by ...
Security firm warns of new global campaign targeting critical infrastructure | TheHill  The HillA hacking group is aggressively targeting critical infrastructure in a new global campaign, a security firm revealed on Wednesday. The campaign, known as ...
Teachers need guns; schools need security, Parkland shooting panel concludes  Sun SentinelA report about the shooting at Marjory Stoneman Douglas High School chronicled lapses by Broward County agencies and called for an overhaul of school ...
Baylor and MCC team up for cyber-security training  KXXV News Channel 25The McLennan Community College Law Enforcement Academy and Baylor University partnered together to give local law enforcement training on cybercrime ...
State yet to reinstate my security detail, Lonyangapuo protests  The Star, KenyaThe government is yet to reinstate my security detail, West Pokot governor John Lonyangapuo has said.Lonyangapuo said on Thursday that the law dictates that ...
Accused of Failing to Disclose Security Breach, Google Sued by Rhode Island  GoverningBy Donita Naylor. Rhode Island is suing the parent company of Google for hiding a security breach that affected 52.5 million users, state General Treasurer Seth ...
Madison City Schools receives $100,000 donation for school safety, security  WAFFA local foundation donated $100000 Tuesday night to the Madison city school system's safety and security fund.
The border security reality show is a net positive for Trump  Washington PostIt is not like Republicans have ever escaped blame for a government shutdown. At least now the president is — as unusual as it is — in an honest place.
Security guards dressed as BUSHES protected stars in I'm A Celeb jungle in Australia  Daily MailStaff wrapped in leaves and branches hid in the trees and kept a watchful eye on the celebrities for the duration of the three-week show in Australia.
Equifax breach was ‘entirely preventable’ had it used basic security measures, says House report  TechCrunchA House Oversight Committee report out Monday has concluded that Equifax's security practices and policies were sub-par and its systems were old and ...
Defence contractor numbers explode, 31,925 given security clearances  The Sydney Morning HeraldAlmost 32,000 non-public *service* employees were given government security clearances by the Defence department in the past two years, pointing to an ...
NHS spends as little as £238 per trust on cyber security and training  Daily MailThe NHS's lack of cyber security is 'alarming', experts have warned after they discovered huge gaps in spending and training across the health *service*. Too few ...
PlayStation Classic Hacked Easily Due to Missing Basic Security Features  Gadgets 360The PlayStation Classic release date was December 3 and barely 10 days since, hackers appear to have laid the system bare.
IG Sreejith to return as security in charge at Sabarimala from Dec 15  The News MinuteInspector General of Police (IG) Sreejith has once again been put in charge of the security arrangements in Pamba and Sannidhanam as part of the third phase ...
Increased security at Government Buildings  Fiji TimesTHE Fiji Police Force has beefed up security at the Government Buildings in Suva. It is believed that this is due to the much anticipated court case for the 2018 ...
Has the tax on women in national security been cut?  Washington PostIn November 2017, as the #MeToo movement was in full roar, I queried female friends and colleagues who work in national security circles to ask them about ...
One in four NHS trusts spent no money on cyber security last year  Financial TimesOne in four National Health *Service* trusts in England and Wales spent no money on specialist cyber-security training or expertise in the past year, according to ...
EU agrees new cyber security policy after Wannacry 'wake up call'  The TelegraphEuropean Union negotiators have agreed on a cyber security act to defend against large-scale data breaches after the "wake up call" from Wannacry and ...
Mayor Frank Jackson reassigns top official in wake of security breach at Cleveland Hopkins International Airport  cleveland.comFred Szabo, the assistant director at Cleveland Hopkins International Airport, will be reassigned to another city department Wednesday for his role in a security ...
Patch Tuesday, December 2018 Edition  Krebs on SecurityAdobe and Microsoft each released updates today to tackle critical security weaknesses in their software. Microsoft's December patch batch is relatively light, ...
Why Economic Security Is National Security  The White HouseRonald Reagan understood it is only from strength that we may find a true peace. To Reagan, such strength was focused on military strength—an overwhelming ...
ICBC warns against fraud after security video allegedly shows faking of injury  CBC.caICBC is warning against fraudulent claims, after security video was shared showing someone allegedly faking an injury. Shortly after the discovery of the video, ...
Galaxy Note 8 on Verizon starts receiving the December 2018 security patch  SamMobileSamsung and Verizon have released the December 2018 security patch for the Galaxy Note 8. The update bumps the device firmware version to ...
Super Micro says external security audit found no evidence of backdoor chips  ZDNetSuper Micro sends a letter to customers with the results of a third-party security audit.
Why was Strasbourg targeted in the shooting? Euronews talks to security expert  Euronews EnglishChris Phillips, former head of the UK National Counter Terrorism Security Office, offered insights on why Strasbourg was targeted, what police are likely doing to ...
Security guards attacked at Rambam Hospital  YnetnewsThree security guards were attacked Tuesday at Rambam Hospital in Haifa by two patients and four members of their family. The security guards needed ...
Online security predictions for 2019: From cryptojacking to MiTB attacks  Information AgePedro Fortuna, CTO and founder of Jscrambler, provides his online security predictions for 2019 — can it get any worse?
December security update rollout started for Nokia 5, Nokia 6 and Nokia 8 Sirocco  NokiamobAfter Nokia 7 Plus, HMD Global started releasing the December security update for other Nokia Android phones as well. Phones that got the recent security ...
Google is shutting down its Plus social network sooner than expected after discovering a second security bug  CNBCGoogle is shutting down its beleaguered social network sooner than expected in the wake of a new security issue that affected 52.5 million users. Google Plus ...
Snap AV: security concerns at Twitter  Financial TimesA new note landed Monday from seasoned research shop MoffettNathanson, regarding everyone's favourite rage-as-a-*service* platform Twitter. The boffins at ...
Palestinians to protest to Security Council over ads calling for death of Abbas  The Times of IsraelEnvoy says letter urging international community to take action to be circulated, after posters appear across West Bank showing PA leader's head in crosshairs.
Labor vows to dump visa outsourcing plan, calling it a national security risk  The GuardianLabor vows to dump plan if it wins government as Department of Home Affairs releases formal tender documents.
Mallya extradition case: Arthur Road Jail keeps high security cell ready  Economic TimesAuthorities at the Arthur Road prison here have kept a high security cell ready for liquor tycoon Vijay Mallya if he is extradited from UK in connection with loan ...
Pentagon to Take Over All Security Clearances in Nine Months, Officials Say  NextgovThe Defense Department and Office of Personnel Management expect to have merged two offices and moved 2,000 federal employees and a 600,000-case ...
Banks Lock Horns With Fintech Startups Over Data Security  Inc42 MediaFintech startups are currently not bound by RBI's data norms. Startups accessing users' banking data could compromise on data security and privacy, banks say.
Huawei pledges $2bn in effort to allay UK security concerns  The GuardianThe Chinese telecoms giant Huawei is to spend $2bn (£1.5bn) in an effort to alleviate British security services' concerns about vulnerabilities in its products, ...
Suspicious bag cleared at Pearson Airport, contained security tools left by airport staff  Toronto StarA suspicious package left at Pearson Airport Wednesday night contained security devices that were possibly left by airport staff, Peel Police said after an ...
Protecting Your Security and Rights Online  Human Rights WatchHuman Rights Watch released an interactive online game today to help people understand how important strong encryption is to everyone's security in the ...

Identity Theft Article ? A Phisher Is Trying To Steal Your Identity!

Sooner or later everyone with an email account will receive... Read More

If You Sell Anything Online Your ePockets Are Being Picked

You and I are a lot alike. We are both... Read More

8 Surefire Ways to Spot an EBAY Scam E-Mail and Protect Yourself from Identity Theft

Ebay is a great site and is used by many... Read More

Data Security; Are Your Company Assets Really Secure?

Is your data secure? Think again. Securing data is unlike... Read More

Hacking Threats and Protective Security

The 1998 Data Protection Act was not an extension to,... Read More

Cyber Crooks Go Phishing

"Phishing," the latest craze among online evil-doers, has nothing to... Read More

Website Security - Creating a Bulletproof Site in 5 Easy Steps

When it comes to a secure website and passwords it... Read More

Message Board Security Problems

Security leaks can be a big problem for any site... Read More

Dialing Up a Scam: Avoiding the Auto-Dialer Virus

For many, the daily walk to the mailbox evokes mixed... Read More

Top Five Spyware Fighting Tips

Spyware and adware are becoming major problems for online surfers... Read More

SPYWARE - Whos Watching Who?

I am in the midst of Oscar Wilde's The Picture... Read More

Spy Scanners ? Don?t Compromise your Privacy

Spies, spyware, internet parasites are among what they are usually... Read More

Firewall Protection - Does Your Firewall Do This?

The first thing people think about when defending their computers... Read More

Web Conferencing Readers - So What Do We Do with the PAYPAL SPAMMER

From: "Paypal Security" Subject: New Security Requirements Date: Tue, 26... Read More

How Free Scripts Can Create Security Problems

With the Internet entering our lives in such an explosive... Read More

Spyware, This Time Its Personal!

First the basic definition of Spyware: It is a type... Read More

Technology and Techniques Used in Industrial Espionage

Industrial Espionage. These methodologies are being used on a daily... Read More

Its Time to Sing the Encryption Song - Again!

Yes, I'm wearing my encryption hat again. Why you may... Read More

Internet Shopping - How Safe Is It?

Millions of people make purchases online, but many people are... Read More

Road Warrior At Risk: The Dangers Of Ad-Hoc Wireless Networking

Airport Menace: The Wireless Peeping Tom ---------------------------------------- As a network... Read More

I Spy...Something Terribly Wrong (In Your Computer)

This really chapped my lips...I recently bought a new computer.... Read More

6 Ways To Prevent Identity Theft

These six ways to prevent identity theft offer you valuable... Read More

Passwords or Pass Phrase? Protecting your Intellectual Property

Much has been said on the theory of password protection... Read More

Adware and Spyware: The Problems and Their Solutions

The Threat10 years ago you could probably have run no... Read More

New CipherSend Online Security Service Thwarts Email Address Theft And Soothes Password Fatigue

In 1997, I decided after 15 years as a practicing... Read More