Phishing is a subcategory of social engineering where attackers deceptively obtain sensitive information, such as credit card numbers, usernames, and password, by camouflaged as a trustworthy entity in an electronic communication. It is likely that you have received phishing e-mails in the recent past. Some of the most common phishing attacks involve recognized names such as PayPal, eBay, Amazon, and various banks.

            Phishing is normally carried out through e-mail. Instant messaging is another common vehicle for attacks. The key to deceiving people through phishing is to make a link in an email appear to belong to a legitimate company while the link really points to the site controlled by the criminal. A common trick is to make the anchor text for a link appear to be a valid URL when the link actually goes to the phishers’ site.

Phone phishing is the same principal with a low-tech twist. Instead of e-mail, attackers use the phone to contact their victims. They might leave a message pretending to be calling from a legitimate business such as a bank or long distance provider, leaving a phone number that terminates at the phisher location.

This entry was posted on Monday, October 1st, 2007 at 6:59 pm and is filed under Securing Your Business, Internet Business, Starting a Business, Business Help, Business Advice. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.