One day and find a e-mail from your Google that seems suspicious, specially since it threatens to close your account if you don't reply. What do you do?
This message and others like it are examples of phishing. The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site (uploaded by phishers) where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers. The Web site, however, looks like original but it is fake and set up only to steal the user’s information. Phishers can also infect computers with viruses and convince people to participate unwittingly in money laundering.
Most people associate phishing with e-mail messages that spoof, or mimic, banks and credit card companies, mail accounts or other business like Amazon and eBay. These e-mails look authentic and attempt to get victims to reveal their personal information. E-mail is the most common way to distribute phishing lures, but some scammers seek out victims through: Instant messages, Cell phone text (SMS) messages, Chat rooms, Fake banner ads, Message boards and mailing lists etc.
As there are several methods from which one can send a e-mail from others account by just knowing him/her e-mail id. One of them is sending e-mail through cmd. Once phishers know who their victims are, phishers create methods for delivering the message and collecting the data. Most often, this involves e-mail addresses and a Web page. Phishers record the information of victims from the Web pages or popup windows, which are filled by victims. The phishers use the information they've gathered to make illegal purchases or otherwise commit fraud.
Phishers often use company logos and legitimate e-mail messages, with links that direct the victim to a fraudulent page. They use spoofed, or fake, e-mail addresses in the "From:" and "Reply-to" fields of the message, and they use obfuscate links (misspelled versions of the company url, Using alternate formats, like hexadecimal etc) to make them look legitimate. Most phishing messages give the victim a reason to take immediate action, prompting him to act first and think later.
Tips for users
1. Always check the url before filling your personal information.
2. If it is asking for username n password, first try login with wrong one. If it not fake, it will identify that your password is wrong.
No comments:
Post a Comment