Phishing

Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details, by disguising a message as an official, trustworthy electronic communication. Phishing is typically carried out by e-mail spoofing — as well as via SMS (“smishing”), instant messaging, and text messaging — a phishing message includes a hyperlink (or another method) to direct a victim to enter personal information at a fake website which has been designed to look like the official site.

Read the post: How banks protect their clients to learn more.

Phishing is an example of a social engineering technique used to deceive users. Users are lured by communications claiming or pretending to be from trusted parties such as social websites, auction sites, banks, colleagues/executives, online payment processors or IT administrators.

A phishing attempt always involves the victim receiving an e-mail (or other electronic communication) and can usually be identified by the following:

  • includes a hyperlink to click on
  • includes an attempt to create a sense of urgency: “You have one week to update your banking details before you are locked out of your account”.
  • often contains grammar and spelling errors
  • is not personalised & contains none or very little of your information

Question time

Do not confuse phishing with pharming:

PharmingPhishing
E-mail (or SMS etc.) with link to a fake websiteFake website
Very easy to create & send electronic messages & create a fake websiteVery difficult to hack DNS servers to redirect traffic to the fake site
Aim: to obtain your login credentials so that the criminal can log in to your REAL account and commit fraud.

By MisterFoxOnline

CAT Educator

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.