Security Sin 3 – expert opinion

jjones | Guides | 29/09/2008 11:48am
No Comments

How do phishing scams work?

Hackers use telecoms systems (such as email) to catch sensitive information from the victims by setting up baits. These are heavily
reliant on social engineering tricks to fool people into believing that the received electronic communication is authentic and trustworthy.

In a typical phishing scam, the person receives an email disguised as an official email from PayPal, eBay or their online bank. The email asks them to follow the forged link and enter details into the hacker’s web site, which is disguised to look authentic. The hacker may then log on to the victim’s account by using the details, change the password to lock the victim out from their own account, and transfer their money into so-called ‘drops’, bank accounts used by money-laundering criminal groups.

Why have phishing scams grown so fast?

The internet is growing rapidly. People who are new to it are not aware of the risks. In fact, many blindly trust everything they receive.
Cyber-crooks can camouflage malicious activity by hiding their true identity and intentions.

There are no regulations against fraudulent web sites, and very often they are hosted by fraudulent internet service providers. It takes
time for the security community to shut them down, so there is always a window of opportunity for phishers.

What is the best way to protect myself?

If someone contacts you, and you are willing to respond, contact them using alternative means. For example, if PayPal, eBay or your
bank asks you to log on to resolve a dispute, clarify a transaction or renew your details, give them a phone call.

This entry was posted on Monday, September 29th, 2008 at 11:48 am and is filed under Guides. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a comment, or trackback from your own site.