Although phishing has been in the rising for some time, there are still lots of people who don’t know what it is and how it works. This is used by phishers to steal data from innocent users for their own profit.
So, first of all, what is phishing? It’s a technique used to steal private data from the user by tricking him to give it away. This private data is usually passwords for sensitive sites, credit-card numbers or PIN codes for bank accounts.
How do phishers trick the user? The most common way to ask for the data is through email. Phishers send emails which look legitimate, usually mimicking the look of real ones but pointing to their own servers instead of legitimate ones.
Most phishing tells the users that account might have been compromised and they need to authenticate again to confirm the account. They give a link which looks like a legitimate one, but points to another site controlled by the phisher. This site also looks like the original one, as they steal images and layout from the legitimate one and upload them to another server.
So, when the user enters the username and the password in this site, the data gets stored in a database controlled by the attacker, who will be able to retrieve it later and use the data in his own profit.
This is an example of a phishing email I received:
The link seems to point to cards.fleet.com but, in reality, it goes to 4.60.21.232:34,a link which doesn’t work by now but which was under the control of the phisher.
Lately, the sophistication of this kind of e-mail has increased, every time looking more credible and using new techniques to trick the user, like emails looking like a question from a possible buyer from eBay which points to another site or even targeting e-mail to users depending on the bank they use.
In the next post, we will see how to protect against phishing.
0 Responses to “Phishing (I): what is it?”