Beware!!!!!!Internet Scams.......... (Part II)
SPOOFING: E-mail spoofing describes fraudulent alteration of e-mail “header” to make it appear that message has originated from someone or somewhere other than the actual source. Spoofing the IP Address of a machine is another variation of this. In these attacks, malicious party intercepts a legitimate communication and then controls the flow or alters the information being exchanged between tow friendly parties without each party knowing about it. The distributors of spam commonly use spoofing to hide or modify the origin of e-mail messages, so as to get the recipients to open and respond to their solicitations. Most of the spoofed emails fall into the “nuisance” category and require simple deletion. However the malicious varieties can cause serious problems and security risks.
PHISHING: the word phishing comes from the analogy of scammers using e-mail lures to fish for codes, passwords, and other personal data from the sea of internet users. It involves e-mails appearing to come from legitimate sources such as bank or a credit card issuer, with an earnest request to to verify personal information or account details. Such e-mails usually contain a hyper link and urge the addressee for online verification of his banking or credit card information, to avoid suspension or closure of her / his account. Th hyperlink however directs the users to a bogus website set up only to steal the users information. Thus phishing is based on impersonation and is a criminal activity. Most fishers use some form of technical deception to make the link in e-mails appear legitimate, so that the users do clickthrough and reach the spoofed websites. Once the users are aware of one trick, perpetrators adopt newer ways to phish.
SPEAR PHISHING: These e-mails appear to come from company’s human resource or technical support division and target a single user or a department within an organization. Once the phisher acquires sensitive information, they use it to create fake accounts in victims name, access victims accounts, ruin a victims credit or even prevent victims from accessing their own accounts.
VISHING: Vishing is a combination of voice and phishing. It leverages Voice Over Internet Protocol phones instead of misguiding hyperlinks to steal personal and financial information from the public. In this activity, a dialer calls out customers in a given region and an automatic announcement advises them to call back on certain local telephone number.
When customers call up, computerized IVR guides them into a verification routine and the visher fraudulently captures bank or credit card details of callers. In the Indian context, phone banking, net banking and online shopping are all in the early stages. Therefore it is very important for the banks credit card issuers and shopping portals to run special drive to educate the customers on new age frauds and train them on effective habits for safe and secure use of online services.
PHISHING: the word phishing comes from the analogy of scammers using e-mail lures to fish for codes, passwords, and other personal data from the sea of internet users. It involves e-mails appearing to come from legitimate sources such as bank or a credit card issuer, with an earnest request to to verify personal information or account details. Such e-mails usually contain a hyper link and urge the addressee for online verification of his banking or credit card information, to avoid suspension or closure of her / his account. Th hyperlink however directs the users to a bogus website set up only to steal the users information. Thus phishing is based on impersonation and is a criminal activity. Most fishers use some form of technical deception to make the link in e-mails appear legitimate, so that the users do clickthrough and reach the spoofed websites. Once the users are aware of one trick, perpetrators adopt newer ways to phish.
SPEAR PHISHING: These e-mails appear to come from company’s human resource or technical support division and target a single user or a department within an organization. Once the phisher acquires sensitive information, they use it to create fake accounts in victims name, access victims accounts, ruin a victims credit or even prevent victims from accessing their own accounts.
VISHING: Vishing is a combination of voice and phishing. It leverages Voice Over Internet Protocol phones instead of misguiding hyperlinks to steal personal and financial information from the public. In this activity, a dialer calls out customers in a given region and an automatic announcement advises them to call back on certain local telephone number.
When customers call up, computerized IVR guides them into a verification routine and the visher fraudulently captures bank or credit card details of callers. In the Indian context, phone banking, net banking and online shopping are all in the early stages. Therefore it is very important for the banks credit card issuers and shopping portals to run special drive to educate the customers on new age frauds and train them on effective habits for safe and secure use of online services.
Labels: hacking, pharming, phishing, spear phisihing, vishing
posted by ANONYMOUS at
4:51 PM
0 Comments:
Post a Comment
Subscribe to Post Comments [Atom]
Links to this post:
Create a Link
<< Home