Before we start proceeding with the types of phishing, let’s understand what is phishing? Phishing is a kind of online fraud or theft committed in disguise over the internet. The interesting thing here is phishing websites are live just for an average of 6 hours, though the latest trends report that an average time a phishing website online is around 3.8 days, with one or two updates. Within this time line lakhs of internet users fall prey to the phishers. You may ask me, is there a way to stop falling prey to the phishers completely. My answer would be a big “NO”, because most of them are not aware about what are phishing attacks, and the approach of the phishers. Once people, I mean the Internet Users are aware about the phishing technology used, then on an average of 75% of cyber users can be safe.
Types of Phishing attacks
There are different methods of phishing; a phisher counterfeits to steal an identity and confidential information. The phishing methods include
– is a method in which the phisher creates an email messaging stating that account is expiring or suspended and some other reason, with a URL, which intends to be looking like the original website. But if clicked the site will be redirected to a fake URL. For instance, if a original site is http://www.example.com/
, the site will take you to www.fake.example.xxxxx.com/jfj387e3fd
or so. So if the user gives the information, he would be falling prey to phisher.
Malware Phishing – refers to malicious software based phishing attack. The phisher creates some malicious software in form of exe and injects it into a user’s PC over the internet. So malware, gathers all the necessary information and sends it to the third party, i.e. the phisher.
Trojans and Worms Based phishing, mostly commonly enters in to the user’s PC via email or some other unwanted website, when the users downloads an email attachment or so invisibly and collects the confidential information from the user’s computer and transmits it to the phisher.
Spyware and Keyloggers are also kind of malwares, which monitors the systems activities and note the keyboard impressions and send it to the phishers. The phishers will use this key typed data and recognizes the password to hack a computer.
Online Session Hijackers monitors the users activities, and targets the sign-up, sign in times, once the session is started, the virus or worms make an unauthorized transaction without the user’s knowledge. The User would be realizing that additional funds have been transferred to some other unknown account, only when he sees the transaction receipt or statement.
DNS Phishing Method is a method where the host file is being poisoned with some other bogus fake address. A fake website is created like the same original website, and when the users believes it to be a real website and enters his confidential information he/she falls prey to the phisher. This is also known as Pharming, as a fake website is being created and managed by a phisher to steal user’s identity.
Faulty Website Phishing
– A phisher registers with a website address similar to the one already available in the website. For example – my original website would be http://www.ezencrypt.com/
whereas a fake website would be created in the name http://www.ezncrpyt.com/
,which ad user won’t be able to identify it, as the name is similar. Also sometimes, when the URL is being added in the favourites in browser would be changed with the faulty website, and the phisher would be easily able to gain access as the user believes that it is from the favourites, and a true website he added to the favourite folder.
Content Injection Phishing is a method where the phishers gains access to a legitimate website and changes the content of the page, with his fake content to redirect the website visitor to his fake website, to gather their information steal their identity.
Man-in-the-Middle attacks – is a kind of phishing attacks, where a phishers plays the role of an intermediate between two users to complete an transaction, and once the any of the users go offline, they will secretly collect all the information and sell or use it for stealing financial information. This kind of phisher are difficult to identify as the transactions would be completed success but later only realised that some confidential information has reached to a third party and used when the users system is inactive.
There are also phishers who creates website more attractive, stating that they can purchase things at attractive discounts using their credit cards and so. When the user gets attracted to the phishers discount offer and purchases, the credit card would be charged, but they won’t get the material or the product ordered, and finally realize that there is not physical address existing for that website.
How is a phishing attack reported?
If you find or feel that seems to be phishing website you can report it to APWG
(Anti-Phishing Working Group). The life of a phishing website is minimal because, if suspected, the criminals would be caught red-handed easily. So they make it live for few hours, shoot an bulk emails, see how many people fall prey to their attack, gather the information, steal their identities , financials, and anything that is possible and make the website inactive. The mail would be shot to thousands and lakhs of internet users, out of which a few might report it and the site shut down process and tracking the criminals would be taking place. Say for example if an phishers creates a fake website for online banking or online shopping site, and shoots out a bulk email, they customer may report it to the concern organisation, bank or shopping site domain holder. So the domain holder will report it to the local Computer Emergency Response Team, who will in turn check out and report to the cyber crime authorities, and the cyber crime police authority will check from where the website is hosted, and asks the concern ISP to stop or de-activate the IP, and see who has did such kind of fake website and nap the thief. Because of getting caught the phishers make the site active only for few hours.
Also we have been updating the virus news and vulnerability news in www.k7computing.com under the topic virus and risks, thought you would be interested in knowing the lastest security threats news. :)
Also know more about adware, spyware, virus, rootkits, trojans, firewalls at http://yuvi-internetsecurity.blogspot.com/2008/10/adware-spyware-firewall-antivirus.html
Labels: deceptive phishing, phishing, phishing methos, phishing types, report phishing, types of phishing