Hi…everyone! Welcome to our blog AGAIN... This week, I am going to tell you all about the threat and attack that the e-commerce will face in this modern day. Even though, E-commerce has let our life more convenience nowadays, however, it also bring some problem to us where many deceivers actually make use of it on their self benefits. Thus, many users nowadays complaint that they have been cheated when they made any transaction through the internet.
One of the most popular threats nowadays is called PHISHING. The pronunciation of Phising is same as fishing. It is an act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to deceive the user into disclosing their private information that will be used for theft purposes. The e-mail usually will contain a link that direct the user to visit a website where they are asked to update their personal information, such as passwords, credit card numbers, and bank account numbers.
Phishing not only happen by sending email messages, but it actually exists in many ways. The other examples are:
a) On a social networking website.
b) On a fake website that accept donations for charity.
c) On a website that imitate your familiar website that you would not be realized of it.
d) In your instant message program
e) On your cell phone or mobile device.
Now, even has a new type of phishing which is spear phising. It focuses on a single user or a department within an organization. The e-mail message appears to be legitimately addressed from someone within the organization normally in a position of trust such as head of human resources or IT. From there, the employees are being requested for their login IDs and passwords. Once data is gained, the hackers can entry into secured networks and steal the data. Another type of spear phishing attack will ask users to click on a link, which deploys spyware that can steal their data as well.
So, to prevent this attack happen on ourselves, we need to learn how to spot a phishing scam. Normally, phishing scam will contain several elements:
a) The "From Field" shows the e-mail is send by the legitimate companies which normally appear as your bank or financial institution or a company you regularly to deal with such as e-bay, Paypal or Microsoft. User need to be very careful in looking out the senders as those deceivers can make use of the company name easily.
b) The e-mail will usually contain logos or images that have been taken directly from the legitimate Web site of the company. So, the existence of logo does not necessarily means that the e-mail is send by legitimate company. However, there will be some logos that are not an exact match to the company's logo or contain spelling errors. In such case, user should be alert that this a fake e-mail.
c) The e-mail will contain a clickable link which suggests you to use the inserted link to validate your information. When you rest your mouse on the link, it will show the real website address to which you will go. Note that the hyperlink usually does NOT point to the URL of the legitimate company. Somehow, the link will contain percentage signs followed by numbers or “@” signs, or random names. Besides, the deceivers will use web addresses that resemble the name of the legitimate company but slightly altered by adding or omitting letters. For example, the address "www.microsoft.com" could appear as, www.micosoft.com , www.mircosoft.com
d) It contains several phrases such as:
I) verify your account
II) You have won the lottery
III) If you don't respond within XX hours, your account will be closed
So, you all know what phishing mail look like. Now, it is the time to learn the prevention method.
a) We should always be alert to any email with urgent requests for personal financial information. Normally, a bank or other organization would not request your personal information through e-mail. However, there is digitally signed e-mail [more on: http://www.antiphishing.org/smim-dig-sig.html] which send by bank. These e-mails normally are more reliable and certified by third party which shown in the picture. However, it is more safety if you can contact the bank or related authority and confirm with them.
Nowadays, the crime rate in the internet has increased gradually. So, we need to alert to the happening around us regularly to prevent us from being cheated and of course being a brilliant customer in nowadays is important as well. I hope this information can provide a useful guide to you all.
0 comments:
Post a Comment