Social Engineering -
Are you Cyber Savvy?

 

The Science of Phishing

       
    Phishing, also referred to as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

Phishing is the act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft.

The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user’s account was about to be suspended unless he clicked on the provided link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a Web site look like a legitimate organizations site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBay’s site to update their account information. By spamming large groups of people, the “phisher” counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately. 

Webopedia

Trivia: The word phishing comes from the analogy that Internet scammers are using e-mail lures to fish for passwords and financial data from the sea of Internet users. The term was coined in 1996 by hackers who were stealing AOL Internet accounts by scamming passwords from unsuspecting AOL users. Since hackers have a tendency to replacing "f" with "ph" the term phishing was derived.
 

 
   
All About Phishing [example+descriptions]:
http://www.webopedia.com/DidYouKnow/Internet/2005/phishing.asp
More information:
http://www.antiphishing.org
How to avoid Phishing Scams:
http://www.antiphishing.org/consumer_recs.html
What to do if you gave out your information to a Phisher?
http://www.antiphishing.org/consumer_recs2.html
FTC Guidelines for avoiding Phishing Scams:
http://www.ftc.gov/bcp/conline/pubs/alerts/phishingalrt.htm
 
 
   
 
 
 
 
 
 

 Home ] Dolphmera Solutions ] Contact Us ] Social Engineering ] Definitions ] Informative Links - Identity Theft ] [ Phishing ]

This website is protected by copyright © 1996 Dolphie and its licensors. All rights reserved.
A link is included on each page for non-author created graphics used, if required.
Last Update: 10/21/2005 11:23:59 AM