Hi…everyone! Welcome to our blog AGAIN... This week, I am going to tell you all about the threat and attack that the e-commerce will face in this modern day. Even though, E-commerce has let our life more convenience nowadays, however, it also bring some problem to us where many deceivers actually make use of it on their self benefits. Thus, many users nowadays complaint that they have been cheated when they made any transaction through the internet.

One of the most popular threats nowadays is called PHISHING. The pronunciation of Phising is same as fishing. It is an act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to deceive the user into disclosing their private information that will be used for theft purposes. The e-mail usually will contain a link that direct the user to visit a website where they are asked to update their personal information, such as passwords, credit card numbers, and bank account numbers.

Phishing not only happen by sending email messages, but it actually exists in many ways. The other examples are:

a) On a social networking website.
b) On a fake website that accept donations for charity.
c) On a website that imitate your familiar website that you would not be realized of it.
d) In your instant message program
e) On your cell phone or mobile device.

Now, even has a new type of phishing which is spear phising. It focuses on a single user or a department within an organization. The e-mail message appears to be legitimately addressed from someone within the organization normally in a position of trust such as head of human resources or IT. From there, the employees are being requested for their login IDs and passwords. Once data is gained, the hackers can entry into secured networks and steal the data. Another type of spear phishing attack will ask users to click on a link, which deploys spyware that can steal their data as well.

So, to prevent this attack happen on ourselves, we need to learn how to spot a phishing scam. Normally, phishing scam will contain several elements:

a) The "From Field" shows the e-mail is send by the legitimate companies which normally appear as your bank or financial institution or a company you regularly to deal with such as e-bay, Paypal or Microsoft. User need to be very careful in looking out the senders as those deceivers can make use of the company name easily.


b) The e-mail will usually contain logos or images that have been taken directly from the legitimate Web site of the company. So, the existence of logo does not necessarily means that the e-mail is send by legitimate company. However, there will be some logos that are not an exact match to the company's logo or contain spelling errors. In such case, user should be alert that this a fake e-mail.


c) The e-mail will contain a clickable link which suggests you to use the inserted link to validate your information. When you rest your mouse on the link, it will show the real website address to which you will go. Note that the hyperlink usually does NOT point to the URL of the legitimate company. Somehow, the link will contain percentage signs followed by numbers or “@” signs, or random names. Besides, the deceivers will use web addresses that resemble the name of the legitimate company but slightly altered by adding or omitting letters. For example, the address "www.microsoft.com" could appear as, www.micosoft.com , www.mircosoft.com



d) It contains several phrases such as:
I) verify your account
II) You have won the lottery
III) If you don't respond within XX hours, your account will be closed

So, you all know what phishing mail look like. Now, it is the time to learn the prevention method.

a) We should always be alert to any email with urgent requests for personal financial information. Normally, a bank or other organization would not request your personal information through e-mail. However, there is digitally signed e-mail [more on: http://www.antiphishing.org/smim-dig-sig.html] which send by bank. These e-mails normally are more reliable and certified by third party which shown in the picture. However, it is more safety if you can contact the bank or related authority and confirm with them.


b) Don't click on the links in an email or instant message to get to any web page if you suspect the message might not be authentic or you don't know who the sender is.

c) Avoid filling out forms in email messages that ask for personal financial information instead you should only communicate information such as credit card numbers or account information via a secure website or the telephone.

d) Make it a habit to enter the address of any banking, shopping, auction, or financial transaction website yourself and not depend on displayed links. This is because phisers can mimic the legitimate URL which can lead you to the forge website.

e) Installing a Web browser which contains phising filter to protect you from phishing websites. You can get a free browser toolbar from: http://www.earthlink.net/earthlinktoolbar

f) Log into your online accounts and change the password regularly.

g) Check your bank, credit and debit card statements to ensure that all transactions are legitimate regularly.

h) Report to the legitimate company if you received a phising e-mail. Otherwise, you can report to reportphishing@antiphishing.org. which is an anti-phishing organization.

Nowadays, the crime rate in the internet has increased gradually. So, we need to alert to the happening around us regularly to prevent us from being cheated and of course being a brilliant customer in nowadays is important as well. I hope this information can provide a useful guide to you all.


Reference:





0 comments:

Post a Comment

Introduction of youthgeneration blog

Welcom to our blog!!! This is first time we blogging here and hope all of you will come to have a look and drop a comment to us and we will provide all of you some useful information and share with all of you. Let keep in touch all the buddy!!

THANK!!!

We have receive a lot comment from the visitors and we hope that we will provide more useful information to all of you in the coming days. Thank for the support, we will do better next time! :) I also would like to thank all of you for the praise of the design of our blog, anything want to share or discuss with us about the design we are welcome you leave a comment to us. :) have a nice day to all of you. Hope all of you will come revisit our blog again!

*My Favour Song*


MusicPlaylist
MySpace Music Playlist at MixPod.com

Copyright 2009 - yOuThGenEraTion @ BAC 5

Blogspot Theme designed by: Ray Creations, Ray Hosting.