Friday, January 19, 2007

Phishing (good to know)

Today, 10 times more Indians use the internet for their banking needs than five years ago. And not surprisingly, the number of fraudsters eyeing your account have also multiplied. Globally, $6 billion is stolen from consumer accounts by attacks called phising and the scale of such fraud in India is fast catching up.

Cyber security expert, Vijay Mukhi says, "Phishing normally begins by you getting an innocuous e-mail - let's say from the bank - saying that someone is trying to hack into you account so you need to re-give us your password. So, you click on the link. That website is a fake or the spoofed website. Here you actually key in your personal details - you key in you name, your password when you click on ok, you don't realize that your user name and password has gone to the phisher."

Once the password and user name are with the phisher, it's only a matter of a few minutes before your money is transferred from your account to the phishers Just a few days ago, UTI Bank and ICICI bank were the victims of a phishing attack. According to the police, phishers allegedly sent e-mails that included a hyper-link within the e-mail itself. A click on that link took the recipients to a web page which was identical to Bank's site. After the customers had logged in with their passwords and names, the information was sent to the alleged fraudsters who then used the information to transfer large sums of money to various accounts, all over the world, using the internet banking facility.

  • The best way to keep your money safe is to protect yourself from such attacks.
  • Be on the alert when a banking e-mail uses dramatic information to get you to react immediately.
  • Beware of e-mails from shopping websites offering free goods. It might be a scam to get your banking details.
  • Phishing e-mails are not personalized. Your bank will generally use your name when they contact you.
  • Finally, clicking on phishing sites may install a spying device on your computer. Downloading an anti-spying programme will help.

Even as banks are gearing up to tackle phishing, there is another kind of threat emerging - phishers are trying to get account details over the phone and this is called wishing., where they are using VoIP. Banks are telling people not to click on links. Now e-mails are coming saying that call us on this number for some particular reason and when people dial that number, actually it's not going to the interactive voice response or IVR of the bank, it's going to some other IVR, which mimicks the IVR of the bank and you are asked your credit card details or some other details.So beware.

For further information you can look upAnti-phishing working group: http://www.antiphishing.org/


-guest write up/forward rom a blog friend
Posted by at
Labels:

1 comment:

amazing santro said...

hi amit bhai..good to see u here..well though i read 'phishing' there in iland but leaving comment here.. :)
i heard something about phishing but not so much..it's very informative..thanks for sharing.. :)

January 20, 2007 at 6:37 PM

Post a Comment

Subscribe to: Post Comments (Atom)