Spoofing Phishing And Link Altering Expensive Financial Traps

Spoofing Phishing And Link Altering Expensive Financial Traps



"Spoofing" or​ "phishing" frauds attempt to​ make internet users believe that they are receiving e-mail from a​ specific, trusted source, or​ that they are securely connected to​ a​ trusted web site, when that’s not the case at​ all, far from it. Spoofing is​ generally used as​ a​ means to​ convince individuals to​ divulge personal or​ financial information which enables the perpetrators to​ commit credit card/bank fraud or​ other forms of​ identity theft.

In "email spoofing" the header of​ an​ e-mail appears to​ originate from someone or​ somewhere other than the actual source. Spam distributors often use email spoofing in​ an​ attempt to​ get their recipients to​ open the message and possibly even respond to​ their solicitations.

"IP spoofing" is​ a​ technique used to​ gain unauthorized access to​ computers. in​ this instance the unscrupulous intruder sends a​ message to​ a​ computer with an​ IP address indicating that the message is​ coming from a​ trusted source.

"Link alteration" involves the altering of​ a​ return internet address of​ a​ web page that’s emailed to​ a​ consumer in​ order to​ redirect the recipient to​ a​ hacker's site rather than the legitimate site. This is​ accomplished by adding the hacker's ip address before the actual address in​ an​ e-mail which has a​ request going back to​ the original site. if​ an​ individual unsuspectingly receives a​ spoofed e-mail and proceeds to​ "click here to​ update" account information, for example, and is​ redirected to​ a​ site that looks exactly like a​ commercial site such as​ EBay or​ PayPal, there is​ a​ good chance that the individual will follow through in​ submitting personal and/or credit information. And that’s exactly what the hacker is​ counting on.

How to​ Protect Yourself
• if​ you need to​ update your information online, use the same procedure you've used before, or​ open a​ new browser window and type in​ the website address of​ the legitimate company's page.
• if​ a​ website’s address is​ unfamiliar, it's probably not authentic. Only use the address that you’ve used before, or​ better yet, start at​ the normal homepage.
• Most companies require you to​ log in​ to​ a​ secure site. Look for the lock at​ the bottom of​ your browser and "https" in​ front of​ the website address.
• if​ you encounter an​ unsolicited e-mail that requests, either directly or​ through a​ web site, for personal financial or​ identity information, such as​ Social Security number, passwords, or​ other identifiers, exercise extreme caution.
• Take note of​ the header address on the web site. Most legitimate sites will have a​ relatively short internet address that usually depicts the business name followed by ".com," or​ possibly ".org." Spoof sites are more likely to​ have an​ excessively long strong of​ characters in​ the header, with the legitimate business name somewhere in​ the string, or​ possibly not at​ all.
• if​ you have any doubts about an​ e-mail or​ website, contact the legitimate company directly. Make a​ copy of​ the questionable web site's URL address, send it​ to​ the legitimate business and ask if​ the request is​ authentic.
• Always report fraudulent or​ suspicious e-mail to​ your ISP.
• Lastly, if​ you've been victimized, you should file a​ complaint with the FBI's Internet Crime Complaint Center at​ http://www.ic3.gov.

Vigilance and Security
http://www.vigilanceandsecurity.com




You Might Also Like:




No comments:

Powered by Blogger.