What is phishing?

phishingSo, what is phishing? In a nutshell, phishing is the act of stealing one’s personal information by pretending to be a legitimate and trustworthy entity. Most commonly the target websites are E-Mail services and E-Commerce websites. According to www.phishtank.com,  in the month of December, 2008 the top targets for phishing attacks were:
Top 10 Identified Targets Valid Phishes
1 JPMorgan Chase and Co. 12,110
2 PayPal 7,369
3 eBay, Inc. 262
4 Bank of America Corporation 212
5 Sulake Corporation 199
6 Google 169
7 Poste Italiane 163
8 Internal Revenue Service 142
9 Capital One 128
10 Wells Fargo 73

Phishing attacks are most commonly executed through E-Mails. The E-Mails look like they come from trusted sources and ask for personal information like usernames, passwords, credit card numbers, and social security numbers.

To avoid falling for phishing attacks, never go to important websites through links in E-Mails. Also, when logging into a website like Yahoo.com, look at the site URL and make sure it says www.yahoo.com  or a subdomain like login.yahoo.com. If it doesn’t, you know that it is a fake.  For more information on avoiding phishing scams see antiphishing.org.

To learn how phishing sites are created and executed, see the Hacker’s Underground Handbook.
Share:

0 comments:

Post a Comment

DISCLAIMER

The information provided on hottechtips.blogspot.com is to be used for educational purposes only. The website creator is in no way responsible for any misuse of the information provided. All of the information in this website is meant to help the reader develop a hacker defense attitude in order to prevent the attacks discussed. In no way should you use the information to cause any kind of damage directly or indirectly. The word “Hack” or “Hacking” on hottechtips.blogspot.com should be regarded as “Ethical Hack” or “Ethical hacking” respectively. You implement the information given at your own risk.