Friday, April 07, 2006

Phishing

Now a days, phishing cases had increased so here is brief writeup to give insight a about phishing . Read Wikipedia to know about phising examples.
Phishing is a technique used to gain personal information for purposes of identity theft, using fraudulent e-mail, instant messages that appear to come from legitimate site. These authentic-looking messages are designed to fool recipients into divulging personal data such as account numbers and passwords, credit card numbers and Social Security numbers.

why phishing works :

  • Lack of knowledge
  • Visulal deception : Phishers use visual deception tricks to mimic legitimate text, images and windows.
    • Visually deceptive text.: Users may be fooled by the syntax of a domain name in “typejacking” attacks, which substitute letters that may go unnoticed (e.g. www.paypai.com uses a lowercase “i” which looks similar to the letter “l”, and www.paypa1.com substitutes the number “1” for the letter “l”). Phishers have also taken advantage of non-printing characters [25] and non-ASCII Unicode characters [26] in domain names.
    • Images masking underlying text. One common technique used by phishers is to use an image of a legitimate hyperlink. The image itself serves as a hyperlink to a different, rogue site.
  • Bounded attention
    • Lack of attention to security indicators: When users are focused on their
      primary tasks, they may not notice security indicators or read warning messages. The image-hyperlink spoof would ve thwarted if user noticed the URL in the status bar did not match the hyperlink image, but this requires a high degree of attention.

Techniques used within Phishing emails:
  • Official looking and sounding emails
  • Copies of legitimate corporate emails with minor URL changes
  • HTML based email used to obfuscate target URL information
  • Standard virus/worm attachments to emails
  • A plethora of anti spam-detection inclusions
  • Crafting of “personalised” or unique email messages
  • Fake postings to popular message boards and mailing lists
Preventing Phising :
  • If you get an email that warns you, with little or no notice, that an account of yours will be shut down unless you reconfirm billing information, do not reply or click on the link in the email. Instead, contact the company cited in the email using a telephone number or Web site address you know to be genuine.
  • Never respond to HTML email with embedded submission forms. Any information submitted via the email (even if it is legitimate) will be sent in clear text and could be observed.
  • Avoid emailing personal and financial information. Before submitting financial information through a Web site, look for the "lock" icon on the browser's status bar. It signals that your information is secure during transmission.
  • Before signing to a page check for URL(make sure it is valid page, there may be some deceptive text there,like i in place of l). Or yo can try first enteing wrong password so a nonvalid page (if it is accessing information and is redirecting to legimate page to avoid being caught) will redirect you to correct page.
  • Switc your browser: use one with anti-phising agent (like firefox)

No comments: