Monday, December 29, 2008

Phishing

Phishing is now a common source of computer crime. The trend of phishing through email and websites is growing at high speed. It has become a threat to computer users as a major source of malicious software as well as a way to steal personal information. Scientific American published an article recently on how to foil phishing scams which provided some useful information on how to protect yourself.

First of all, upon a phish attack, do not blame your lack of computer knowledge or the complicated procedures of using anti-virus software. Phishing is not based on computer tricks. It is based on human greed and carelessness. You have yourself to blame if you are phished.

Here are some examples: E-mail from a bank warning you that your online banking services was in danger of being deactivated, from Apple complaining that you had unpaid bills for music downloads, from an airline offering you the opportunity to earn a quick $50 for filling out a survey, and from the Red Cross asking you to contribute money to help earthquake victims in China. These messages are all very convincing and looked authentic, but they are all fraudulent e-mail known as phish.

Phish e-mail are written by professionals to resemble legitimate communications, often from reputable companies familiar to you. They usually create a sense of urgency and ask you to take immediate action to avoid a consequence or receive a reward. The response commonly required is for you to log in to a web site or call a phone number to provide personal information. Sometimes you only need to click on links or open e-mail attachment for your computer to become infected by malicious software. The details of phishing scams may vary, but their aim is to trick you into giving away information which can be used to break into your accounts and steal your money or identity. Phishing exploits human vulnerabilities and uses simple psychology targeting inattention or misdirecting attention.

As the phishing email do not contain malicious codes, the common techniques used by anti-virus software do not normally work. However, computer security experts are still able to develop phish filters aiming at the characteristics of phishing email. They include:
- Age of domain. Newly created domain less than 12 months are suspectable;
- Known logo images. Page contains known logos but is not a domain owned by the logo owners;
- Suspicious URL. URL contains @ sign, hyphen, an IP address or more than five dots;
- Suspicious links. Link on page contains @ or hyphen;
- Forms. Page contain a text entry field;
- Lexical signature search result. URL does not match address or Google-ranked legitimate page.

The filters use a combination of these signs to identify phish. However, some legitimate email may also have such characteristics. When the filter is not sure, a warning may be displayed so that the recipient of the email may exercise judgment. Other signs include a sender who is not familiar to you, an urgent message which is suspicious, or a threat which may not be realistic. You should also take a look at the website address appearing at the browser's status bar when you place the cursor over a link to see if it is suspicious.

The computer security experts noted that the major vulnerability is the lack of awareness of users towards phishing. A research showed that many users did not take notice of the warning sent by the phish filter. The experts considered that anti-phishing training should be improved. The combined efforts of law enforcement, computer security experts and computer users are needed to reduce the success of phishing.

No comments:

Post a Comment