What is phishing?

>> Sunday, September 06, 2009

phishingSo, what is phishing? In a nutshell, phishing is the act of stealing one’s personal information by pretending to be a legitimate and trustworthy entity. Most commonly the target websites are E-Mail services and E-Commerce websites. According to www.phishtank.com,  in the month of December, 2008 the top targets for phishing attacks were:
Top 10 Identified TargetsValid Phishes
1JPMorgan Chase and Co.12,110
3eBay, Inc.262
4Bank of America Corporation212
5Sulake Corporation199
7Poste Italiane163
8Internal Revenue Service142
9Capital One128
10Wells Fargo73

Phishing attacks are most commonly executed through E-Mails. The E-Mails look like they come from trusted sources and ask for personal information like usernames, passwords, credit card numbers, and social security numbers.

To avoid falling for phishing attacks, never go to important websites through links in E-Mails. Also, when logging into a website like Yahoo.com, look at the site URL and make sure it says www.yahoo.com  or a subdomain like login.yahoo.com. If it doesn’t, you know that it is a fake.  For more information on avoiding phishing scams see antiphishing.org.

To learn how phishing sites are created and executed, see the Hacker’s Underground Handbook.

blog comments powered by Disqus

Post a Comment

Related Posts with Thumbnails

  © Blogger template Webnolia by Ourblogtemplates.com 2009

Back to TOP