My Article Database: Free Articles for Teaching and Studying English as a Foreign Language in China - by Paul Sparks




 Homepage
 About Me
 Teachers
 Students
 Lessons
 Photographs
 Links
 World News
 ICQ Chat
 Contact Me
 Articles
 
My Article Database:

 

Accounting
Acne
Adsense
Advertising
Aerobics
Affiliate
Alternative
Articles
Attraction
Auctions
Audio Streaming
Auto Care
Auto Parts
Auto Responder
Aviation
Babies Toddler
Baby
Bankruptcy
Bathroom
Beauty
Bedroom
Blogging
Body Building
Book Marketing
Book Review
Branding
Breast Cancer
Broadband Internet
Business
Business Loan
Business Plan
Cancer
Car Buying
Career
Car Insurance
Car Loan
Car Maintenance
Cars
Casino
Cell Phone
Chat
Christmas
Claims
Coaching
Coffee
College University
Computer Tips
Cooking
Cooking Tips
Copywriting
Cosmetics
Craft
Creative Writing
Credit
Credit Cards
Credit Repair
Currency Trading
Data Recovery
Dating
Debt Relief
Diabetics
Diet
Digital Camera
Diving
Divorce
Domain
Driving Tips
Ebay
Ebook
Ecommerce
Email Marketing
E Marketing
Essay
Ezine
Fashion
Finance
Fishing
Fitness
Flu
Furniture
Gambling
Golf
Google
GPS
Hair
Hair Loss
HDTV
Health Insurance
Heart Disease
Hobbies
Holiday
Home Business
Home Improvement
Home Organization
Interior Design
Internet Tips
Investment
Jewelry
Kitchen
Ladies Accessories
Lawyer
LCD / PLASMA
Legal
Life Insurance

Return to Articles about Spam Blocking

Phishing

by: Ashish Jain
Recently I have received email from my bank/credit Card Company, eBay & pay pal saying that my account has possibly been compromised and I need to confirm my details and password in order to get continued access.

Spam email now has a new and more frightening variant, it's called phishing and it has been made by criminals and hackers who aim at getting unwitting consumers to reveal account numbers and passwords.

Usually after getting an email like the ones mentioned above from reputable companies, most of us would race to respond as quickly as possible. However, in most cases you will find that you won't be helping anyone other then the criminal who wrote that email and who has nothing to do with the actual organizations.

What is Phishing?

It is when someone creates false email that pretends to be from a bank or other authority, but which is actually designed to collect sensitive information such as passwords. This process of stealing information used for fraudulent purposes is the latest problem to plague Internet users. It is a phenomenon know as phishing i.e. emails 'fishing' for important information.

Just like Spam, phishing mails are sent to the widest possible audience so it's not unusual to receive a message asking you to confirm account details from an organization you do not actually deal with. You may be asked to fix up your eBay account when you haven't even got one!

In addition to collecting sensitive information many phishing messages try to install spy ware, Trojans etc. allowing hackers to gain backdoor entry into computers.

Types of Phishing Emails:

Some phishing emails ask for a response by email.
Some emails include a form for collecting details that you are told to fill out.
Some even include a link to a web site that resembles the actual site you expect to visit, but is actually a clone of the original site.

Number of active phishing sites reported in March, 2005: 2870
Number of brands hijacked by phishing campaigns: 78
Contains some form of target name in URL: 31%
Country hosting the most number of phishing sites: United States of America
Source: http://www.antiphishing.org


Phishing attacks can be really sophisticated. Some time ago a flaw in Internet Explorer allowed hackers to display a false address while redirecting the user to an entirely different site making it almost impossible to distinguish a phishing attack from a legitimate email.

Possible solutions:

New technologies can provide a better means of countering phishers. One option being explored by a lot of banks is the use of a secure token, a small electronic gadget that generates a unique password to be entered each time a user logs onto the web site. This would make a phishing attack useless because without the physical possession of a token it is impossible to access the account. This approach is somewhat similar to what is used at Automated Teller Machines around the world where you need to have both the card and the Pin number in order to use the machine.

One option is to use a technology popularly knows as PassMarks that effectively acts as a second password. After entering the user name a unique image pre selected by the user is displayed before s/he is asked for the password. If the proper image is not displayed the user will come to know that s/he is not on the authentic site. Another option that a lot of organizations are exploring is using text messages instead of email messages. Text messages cost money to send, so Spammers are less likely to partake in the process making it easier to distinguish between legitimate messages and fakes.

About the author:
Ashish Jain
M6.Net Web Helpers
http://www.m6.net
Ashish works for M6.Net and assists in making Internet technology work for People.


Circulated by Article Emporium

 

New! Watch Online Articles with YouTube for Free:

 

 

 

 

Click Here to Return to Top of Page