Phishing explained

April 14, 2008

Most people associate phishing with e-mail messages that spoof, or mimic, banks, credit card companies or other business like Amazon and eBay. These messages look authentic and attempt to get victims to reveal their personal information. But e-mail messages are only one small piece of a phishing scam.

From beginning to end, the process involves:

Planning. Phishers decide which business to target and determine how to get e-mail addresses for the customers of that business. They often use the same mass-mailing and address collection techniques as spammers.
Setup. Once they know which business to spoof and who their victims are, phishers create methods for delivering the message and collecting the data. Most often, this involves e-mail addresses and a web page.
Attack. This is the step people are most familiar with — the phisher sends a phony message that appears to be from a reputable source.
Collection. Phishers record the information victims enter into web pages or popup windows.
Identity Theft and Fraud. The phishers use the information they’ve gathered to make illegal purchases or otherwise commit fraud. As many as a fourth of the victims never fully recover .

Phishing scams began in the mid-1990s not to obtain bank or credit card information, but to get free online access. In those days, ISPs like AOL charged by the minute. Phishers would try to obtain AOL members login user id and passwords by sending e-mails appearing to come from AOL’s member services department. The fake email would ask recipients to verify their user names and passwords. The scammers would then log on, using the victims’ accounts, and run up a bill.” - http://www.consumerfraudreporting.org/phishing.php

I think it would be quite interesting to create an example of phishing for the final piece. Mimicing a website is very easy nowadays and using the users input I could hopefully save to a text file. Just like to point out that this is for know financial gain and will not be used maliciouslly it’s merely for a university project which is due in on wednesday.

Posted by mrmcgirr
Filed in IDAT 203, Year 2
Leave a Comment »

Leave a Reply