You are here: Solutions > What is Phishing?
What is Phishing?
In computing, phishing is a criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Phishing is usually carried out using email or an instant message.
How is Phishing Performed?
Most methods of phishing use some form of technical deception designed to make a link in an email appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers. An attacker will typically choose a bank, payment service, or online auction site and target their customers.
For example, let's say your bank's URL is http://www.yourbank.com . The attacker will send mass emails to the user base of the chosen target site and inform them that they need to login to their account and change their password because of a security risk or a system upgrade.
The hacker will provide a link to the fake site (e.g. http://www.yourbank.com) but in the email it will say http://www.yourbank.com because the email is in HTML. From there, the user will think that the email is valid and visit the fake site and give their sensitive details.
They direct the user to sign in at their bank or service's webpage, where everything from the web address to the security certificates appears correct. In reality, the link to the website is crafted to carry out the attack, although it is very difficult to spot without specialist knowledge. Just such a flaw was used in 2006 against PayPal.
What does Anti-Phishing Do or Prevent?
The SecPoint Protector prevents phishing using several techniques. All emails are scanned for fake sites that do not match the content, so if the content is only 1% erroneous, a warning will be issued to the user. Other techniques are applied to block phishing fake sites so that if a user by a mistake clicks a phishing link, it will be blocked anyway.
What can the User do to Avoid Getting Scammed?
Do not click on links in your email.
If you receive a message from your bank asking you to do something, do not click on links in the email and do not use forms in the email to login. Instead, open your browser, go directly to your bank's website, login, and continue from there. Even if the email is from someone you know, DO NOT CLICK ON THE LINKS.
Invalid credentials usually work on impersonated websites.
If you feel there is something wrong with a website, use an invalid username and invalid password to login. If the website then presents you with the "Logon failed" page, you are possibly on a legitimate website. It may not always work as sometimes impersonators simulate failed logons for double-checking victim's input or redirect to a legitimate website after collecting credentials. But if your invalid credentials get you right through, it is definitely a phishing attempt.
Report the message to the company impersonated in the email.
Most financial organizations have guidelines and dedicated email addresses where you can report security problems. If you suspect a message is a phishing attempt, forward it to the organization. You should include all email headers. Do not expect a reply from the organization as they receive thousands of these reports.