Phishing

You can be a victim of phishing by blindly following a link in an email

by Amit Verma on February 14, 2009

in email

IBM developerWorks Live!
IBM developerWorks is organizing a forum on February 18th at India Habitat Centre, meningitis New Delhi. The topic of the forum is “Leverage the power of Web 2.0 Forum” .
IBM developerWorks Live!
You will get a chance to explore IBM WebSphere sMash, somnology Lotus Mashups, SOA and Web2.0 – IBM’s latest innovations. Based on the highly-acclaimed Project Zero, IBM WebSphere® sMash software is a development and execution platform. It advances Smart SOA’s simplicity, and accelerates the alignment of business and IT by allowing faster delivery of Web 2.0. based applications, thereby enabling mashups. You can also be a part of dynamic, interactive discussions that include Representational State Transfer, Groovy and PHP.

Click here to register for the forum.
IBM developerWorks is organizing a forum on February 18th at India Habitat Centre, treatment New Delhi. The topic of the forum is “Leverage the power of Web 2.0 Forum” .
IBM developerWorks Live!
You will get a chance to explore IBM WebSphere sMash, Lotus Mashups, SOA and Web2.0 – IBM’s latest innovations. Based on the highly-acclaimed Project Zero, IBM WebSphere® sMash software is a development and execution platform. It advances Smart SOA’s simplicity, and accelerates the alignment of business and IT by allowing faster delivery of Web 2.0. based applications, thereby enabling mashups. You can also be a part of dynamic, interactive discussions that include Representational State Transfer, Groovy and PHP.

Click here to register for the forum.
IBM developerWorks is organizing a forum on February 18th at India Habitat Centre, here New Delhi. The topic of the forum is “Leverage the power of Web 2.0 Forum” .

IBM developerWorks Live!

You will get a chance to explore IBM WebSphere sMash, Lotus Mashups, SOA and Web2.0 – IBM’s latest innovations. Based on the highly-acclaimed Project Zero, IBM WebSphere® sMash software is a development and execution platform. It advances Smart SOA’s simplicity, and accelerates the alignment of business and IT by allowing faster delivery of Web 2.0. based applications, thereby enabling mashups. You can also be a part of dynamic, interactive discussions that include Representational State Transfer, Groovy and PHP.

Click here to register for the forum.
If you receive an email from a unknown source especially from a bank or financial institution and asks you to click on a link then you should check the actual destination page of the link.

Normally spam filter filters such mails but it is always better to check if the email delivered in Inbox. The actual destination of the hyperlink can be checked by looking at the HTML code.

What is Phishing?

Phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, this site passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.

What makes a hyperlink?

Following code is used to form a hyperlink in which [destination page] is the actual linked URL.

<a href=”[destination page]”>[Link text]</a>

What should check?

The link “ABC Bank Login page” should take you to the bank’s login page. But it may take you to the login page but on a phishing site where your bank login details can be exposed.

<a href=”http://phishingsite.com/login“>ABC Bank login</a>

In this example, allergist the link is saying “ABC Bank login” but in fact the linked URL is “http://phishingsite.com/login” page.

But it may also look like

<a href=”http://www.abcbank.com@167.101.107.111“>ABC Bank</a>

Here the linked URL is http://www.abcbank.com@167.101.107.111 which looks like a correct URL but it is not. This URL will take you to the IP “167.101.107.111”.

It may also look like

<a href=”http://www.abcbank.com.security.phishing.com“>ABC Bank</a>

Which is again looks ok but it will take you to the “phishing.com”. In this URL, implant “www.abcbank.com.security” part is the sub-domain of “phishing.com”.

and

<a href=”http://www.abcbank.com@%31%36%37%2E
%31%30%31%2E%31%30%37%2E%31%31%31“>ABC Bank</a>

This is a encoded URL. The actual URL is http://www.abcbank.com@167.101.107.111 which goes to http://167.101.107.111.

So until you are very sure of the linked URL better not to use it.

How to check?

If you are accessing your mail in a web browser then the most easiest way to check the destination URL is, take you mouse pointer on the link and the URL will come in the Status bar.

How to prevent?

It is always safer to enter the URL in the browser instead of following the link.

More…

If you know more about email phishing please add it below.

Be Sociable, Share!

{ 4 comments… read them below or add one }

p@r@noid February 18, 2009 at 8:18 am

That’s a nice info and according to a survey 8/10 public email service receive such phishing email…and people like us whose email are generally public they receive lots of phishing email…

Reply

Amit Verma February 18, 2009 at 9:44 am

@p@r@noid – That’s true. I generally get around 100 spams per day in my spam folder.

Reply

List of Do follow forum March 9, 2009 at 5:40 am

The fact is spammer use the hacked email ids or create new email id using new domain..So most of the email land into your Inbox..
And most of people click there and 2/10 fall into that scam.
I believe every blogger should write about this post so that general people will be aware of the new scam messages.

Reply

Amit Verma March 9, 2009 at 10:02 am

that’s true

The email spam filters are getting smart but some spammers manage to fool spam filters.

Reply

Leave a Comment

Previous post:

Next post: