Brainfoldb4u's Blog

Just another WordPress.com weblog

Phishing

Posted by brainfoldb4u on January 1, 2010

Phishing:

One of the hot topic of 2009 Information Security industry is phishing. According to a Truster’s  recently released report with the sample of 3 million users over the period of 3 months time, it is identified that 45% of the time, users were spoofed into a fake  log on page.  The report also claimed that  most of the discovered phishing sites are live and also has the capability to bypass anti-spam and anti-phishing protection if any present on the victims browser.  Banking along with online shopping cart users are the most targeted and affected among the phishing victims.Below graph from Phishtank shows phishing sites by country of host for Nov 2009.


In phishing attack, hackers create an almost identical looking replica of a chosen banking or online shopping web site , then attempt to trick users to show personal information and log in credentials like user name, password, PIN number. Trapped user will fill the form thinking it as the legitimate website , exposing wide window of opportunity to hackers to misuse  victims sensitive information.

Hackers uses various phishing techniques to victimize users to make them access their fake web page, one such method is by sending email that pretend to be from your debit or credit card company asking you to update your personal information. Being a look-alike of a legitimate website, recipient will click on the link in the email, they are directed to the fake website and where they are tricked to expose their information.

To stay protected, below are some of the steps a user can take:

  • Check for digital signature, unless the email is digitally signed, email cannot be trusted to pass on the sensitive information.
  • Be aware of such fake emails, remember it is highly unlikely that your bank will ask your sensitive information by email.
  • When there is a need to fill in your log in details in a webpage look for https in your URL box. Also look for lock symbol on the lower right hand corner of the web browser. Double clicking the lock will enable your access to digital certificate. If you don’t see both https and secure lock do not give your information. Alternatively contact your bank by telephone.
  • Instead of clicking the link from your email message, try typing the URL into your web browser .
  • Mozilla’s current version 3.5 has good anti phishing functionality and using Mozilla Firefox may provide more advantage over phishing sites.
  • Make sure to update your web browser of choice with updated security patches.
  • Check your bank account regularly once making transaction, if you note any suspicious activities, report your bank immediately
  • Always report “phishing” or “spoofed” e-mails to the following groups:
  1. forward the email to reportphishing@antiphishing.org
  2. forward the email to the Federal Trade Commission atspam@uce.gov
  3. forward the email to the “abuse” email address at the company that is being spoofed (e.g. “spoof@ebay.com”)
  4. when forwarding spoofed messages, always include the entire original email with its original header information intact
  5. notify The Internet Crime Complaint Center of the FBI by filing a complaint on their website: www.ic3.gov/

Phishing statistics for the month Dec 2009.

Phishing statistics below are from 1st December 2009 records from phishing. While visiting the below mentioned websites make sure to verify the above mentioned tips and minimize the risk of getting victimized.

Popular Targets

Top 10 Identified Targets Valid Phishes
1 PayPal 10,361
2 Internal Revenue Service 870
3 Tibia 784
4 eBay, Inc. 458
5 Facebook 439
6 Bank of America Corporation 270
7 JPMorgan Chase and Co. 202
8 HSBC Group 201
9 Google 146
10 HSBC 121

Phishing URLs

In November, 278 phishes (5% of valid phishes that month) used an IP address (i.e. http://12.34.56.78) and 4,980 (or 95%) used a domain name (i.e. http://example.com).

Top 10 Domains (valid phishes)
1 atspace.com (237)
2 submissionradio.com.au (67)
3 oksamyt-inter.com.ua (60)
4 85studio.pl (50)
5 sisek.net.ua (49)
6 virtualbattlespace2.com (44)
7 wilsden.com.au (40)
8 110mb.com (39)
9 aidastreasures.com (37)
10 dezigner.ru (34)


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

 
%d bloggers like this: