E-mail phishing is a criminal activity where the one doing it sends out genuine-looking e-mails that appear to come from trusted web sites. This attempt is made in order to gather personal information from the recipient. The term 'phishing' is coined after 'fishing' because the phisher puts the lure hoping to fool at least a few of the prey that encounter the bait.

Web sites that are frequently spoofed by phishers include PayPal, eBay , MSN, Yahoo, BestBuy, and America Online.

Phishers use what is known as social engineering and e-mail spoofing. Social engineering involves manipulating people and tricking them to break normal security procedures. E-mail spoofing is faking an e-mail header so that the message appears to have originated from someone or somewhere other than the actual source.

The Federal Trade Commission (FTC) warns users to be suspicious of any official-looking e-mail message that asks for updates on personal or financial information and asks them to go directly to the organization's Web site to find out whether the request is genuine. FTC also encourages users to report any e-mail that you suspect as phishing to them at uce@ftc.gov.

Attempts to deal with the growing number of reported phishing incidents include legislation, user training, and technical measures.

More Terms Explained Here...

Whitepapers

The spyware battle
Spyware - a hidden threat

Suggest an Article

Haven´t found the article you are looking for, please suggest your article. We value all your suggestions and comments.

Home

Disclaimer

Copyrights