Consequences of Pishing

Phishing is an online technique to fraud you in giving your personal information. The criminals use various techniques to deceives you for example, by using the web sites and emails resembles the well known institution. They usually spam the victims with messages with the intention to acquire the recepients personal info especially the financial information. This crime can gives negative impact wether personally or even within in an institution.

Personal Consequences

• Successful phishers can access victims account and this will enable them to withdraw money or even purchase products.
• Phishers can open new bank account or apply for credit card account under the victims name
• Phishers can send viruses to the victims computers

Institutional Consequences

• Phishers can access institutional data such as social security numbers, banking information and health information
• Causing reputational damage and be blacklisted by financial or internet service companies.
• Wasting the staff time to address on the phishing issues rather than using it for a more productive work

Hence, we need to spread the awareness on the web phishing syndicate in order to avoid the unwanted impact happening to either individually or institutionally.

Phishing Scam cases

As we already know, Phishing is an online technique to obtain important information of the other party. This activity happens for many kind of reasons and using a disguise as a well known institution method to convince the victims to give out their data.

Below are some of the popular cases happened related to web phishing


1) United Kingdom Phishing Scam

Three man had launch a phishing scam to get the access to the accounts of the bank customers in 14 countries. They stay in London during their scam activities which launched thousands of phishing pages disguising as a banking websites. They were caught in the hotels and the police then discovered that they manage to acquire 30,000 bank customer's details with 70 million customer email address which they used in the activities.


2) Phish Phry

 100 people in 2009were charged by U.S. authorities stealing account details from thousands of users and had transfered around 1.5$ million into a fake accounts. They also found group of fraudsters which targeted the United States bank account holders which then causes them to spend 20 years of their life in prison.



3) The breached of RSA data

In March 2011, RSA face a data breach when they fall into the phishing attack . This then exploited the Adobe Flash.

Phishing Detection Approaches

The web pishing cases increases each day. Hence, the approaches to decrease the number of this cases should be reinforced. These are some of the way that can be done to solve this cases.

1) Blacklist Approach

     This approach ca be done by comparing the original URL with the phishing URL. However, this approach take time to detect the existence of phishing in the internet. The disadvantages of this approach is the blacklist cannot cover all the phishing websites as a newly created phishing website will take some time before it can be included in the list

2) Heuristic Search Approach

       This approach is based on the search method in which number of website features are identified to determine the type of website. This approach however is a better way to detect the newly created phishing website 

Hence, more effort to solve this web phishing crime need to be enforced. This crime not only affect individuals, but also institution and can lead to a nation crisis. To know more about phishing detection approaches, you may refer to the url below.

Dudhe, D. P. , Prof Ramteke, P. L. (February 2015) " A Review On Phishing Detection Approaches" Retrieved from : http://www.ijcsmc.com/docs/papers/February2015/V4I2201539.pdf

Welcome!

This is our first post on this blog. Basically this blog will provide the information that are needed in order to avoid web user from trapped by web phishing attacker. This is quite simple cyber crime but not many realize it can totally damage the user. In simple words, an attacker will provide you a fake link to your everyday visit site and when you click it, it will direct you to a site that have almost exactly same with the actual site, but it is fake! The web will require you to put you registration, such as username and password in order to log in, but instead your information will be send to the attacker, not to the site that you desire. [will be continue...]