Fishing is groovy, but what about phishing or vishing?
Ecrit par: Global
Nombre de lectures: 1394
Nombre de mots: 640
We encounter daily many risks on the internet. But, surprisingly a lot of us don’t take safety measures to prevent risk that attack us. In this blog one of our subjects is E-Security (Electronic security on the internet). Because we are talking about E-Business we are going to post some interesting information about how to protect your business and your personal information on the web.
Here are some risks you have on the internet.
Firstly, we would like to talk about phishing. That is a type of attack. The attacker put a tempting lure in an e-mail or web site, in that way the receiver is convinced to visit a spoofed web site. This link in the e-mail seems to be serious and from a serious enterprise (for example your Bank or an E-business website). By clicking on this link, the user risks to lose his personal or confidential information. Such as, account information or sensitive information the attacker can use for identify theft and get “some” money. ID Theft: by acquiring key pieces of information such as your Social Security Number, birth date, home address, drivers license number or other sensitive, personal information, an attacker may be able to convince an individual or organization that they are you and access your accounts, open new accounts in your name or purchase merchandise in your name (Tony Bradley for About.com).
Some tips to avoid phishing on you
- When you receive a message coming form a bank or an E-Business web site, you must ask you the following questions:
- Did I give to them my e-mail address?
- Has the incoming e-mail some personal elements that show its veracity (client number, bank code…)?
- Moreover, try to follow these counsels:
- Don’t click directly on the link. Open another window and copy by yourself the link
- Mistrust forms that ask banking information. It is unusual (even impossible) that a bank ask for information that important by this way. If you have a doubt, call your bank!
- Be sure that your page is in security mode before writing sensitive information. Your browser bar must begin with https and a little padlock must be posted in your status bar in the bottom of your computer.
For more information about protection from phishing or to report phishing: http://www.antiphishing.org/ . 20.000 web sites supporting these attempts of extortion have been listed by the Anti-Phishing Working Group.
Secondly, there is another risk, vishing (Voice or VoIP phishing). The only difference between phishing and vishing is that the attack mode is different. This time, you can be attacked through VoIP (Voic over IP), voice email, landline or cellular telephone. This method does not always happen over the Internet. As stated on http://searchunifiedcommunications.techtarget.com/ this is the method followed by thieves “The potential victim receives a message, often generated by speech synthesis, indicating that suspicious activity has taken place in a credit card account, bank account, mortgage account or other financial service in their name the victim is told to call a specific telephone number and provide information to "verify identity" or to "ensure that fraud does not occur." If the attack is carried out by telephone, caller ID spoofing can cause the victim's set to indicate a legitimate source, such as a bank or a government agency”.
Consequently, avoid calling a “supposed bank phone number” that has been sent by e-mail or communicated by a vocal message or even a sms.
For further information about E-Business security visit the website, blog and interviews of Mr. Israel. E-business security professor at the University of Lille 1, Master Global E-Business. See our blogroll.
A propos de l'auteur
We are two students of Master Global E-business, université de Lille 1. We are making this blog to share information about global e-business, IT, management and all other subjects related.
Vote: Pas encore voté
Identifiez-vous pour voter