Newsletter - link to JISCmail web
Issue 8 - December 2005 | Page 1/5
 


1.PHISHING,PHARMING,TROLLING

Phishing

What is Phishing? Phishing (FISH.ing) pp. Creating a replica of an existing Web page to fool a user into submitting personal, financial, or password data. —adj. —phisher n.
The term phishing comes from the fact that Internet scammers are using increasingly sophisticated lures as they "fish" for users' financial information and password data. The most common ploy is to copy the Web page code from a major site — such as AOL — and use that code to set up a replica page that appears to be part of the company's site. (This is why phishing is also called spoofing.) A fake e-mail is sent out with a link to this page, which solicits the user's credit card data or password. When the form is submitted, it sends the data to the phisher while leaving the user on the company's site so they don't suspect a thing. The bogus web pages set up for phishing are usually only in use for a short time and will then be moved to another web site
JISCmail will only ever require the following information about you, email address, password firstname and lastname
Please remember that most banks and other financial institutions never send emails to people asking them for personal details. Be wary of any message asking you to visit a web site and to leave personal details

Xmas Logo



Some figures from Computer World from November 2004

  • Number of active phishing sites reported 1518
  • Average monthly growth rate in phishing sites (Jul-Nov): 28%
  • NUmber of brands hijacked by phishing campaigns: 51
  • Number of brands in the top 80% of phishing campaigns: 6
  • Country hosting the most phishing websites: USA
  • Contain some form of target name in URL: 22.1%
  • No hostname just IP addrsss: 67%
  • Percentage of sites not using part 80: 19.2%
  • Average time online for phishing site: 6.2 days
  • Longest time online for phishing site: 31 days

Pharming

Pharming takes this attack one step further by attempting to intercept communication of personal data between a user and a genuine enterprise Web site

 
Green Divider