Growing Issues With Phishing Scams Information Technology Essay

There are thousand millions of people browsing net all over the world. So, the scammers or the hackers in order to make money sends the spoofs emails to the victims asking them to provide their personal details like bank account number, credit card number, user name and password. This is known as phishing. Emails are basically used for the business as well as for the personal usage. But this has ‘Phishing’. This is becoming a major issue in our day to day life.

In this journal we will be seeing what phishing is, how it can be avoided by taking necessary steps, how we can identify them and also I will be discussing about the technologies that are developed in order to stop phishing.

Objectives:

We know that emails are the most common way for communication. But it’s a risk by sending any private data or sending any online details just because of phishing. We may not be sure whether the details we are entering are into correct site are not. For this i.e. for identifying a phished page we can design software by using the concept of EMD which compares the original web page with the fake web page. This is very much helpful for the bigger companies. There are many groups all over the world trying to stop phishing.

Earlier the phished web pages would have not been having the hypertext transfer protocol before the URLs but now a day in a phished web page we can even find this http. So, in order to avoid phishing this is very much necessary for bigger companies to have software which differentiates the original one and the fake one.

Phishing:

In the early 1970s there were the ‘Phone Phreaks’ who used to hack the telephone system and from there only the symbolic word ‘f’ has passed where the web users’ identity is fished by the email fraudsters [1].

Phishing a scamming technique is basically done for stealing ones information. This can be done through sending emails to the users by attracting them to open the link and fill in the necessary details like sharing user name and password and also some financial information. The hacker which sends fraud emails to the victims appears to be almost same as the emails that come from the bank or some other websites like eBay, PayPal etc. The fraud emails sent by the attacker or the hacker is generally known as phishing. Some of these emails look exactly like the original one, some of them look extremely professional and realistic and where some of them are not constructed correctly. The fake web pages which are created by the attacker look exactly same as the original web pages but with very minor changes made in it like the pixels size or the font size [1,2].

How Phishing is done:

There are different techniques used in this phishing. Some of them are sending emails to the victims asking them to provide the user name and password. The most commonly used technique in order to get the victims bank details is by sending them an email saying ‘ Your account needs to be verified as there is some problem with it else your account will be closed’ . The victim might give in the details of it. When the victim clicks on the link given below which is a fake link, the web site might open but not the original one. There may be very little changes in the web site which would be difficult to judge if it’s the original one or not. Phishing is mostly used in the websites like eBay, PayPal etc.

Steps to avoid phishing:

Phishing is drastically growing day by day and to control them it is better to learn some techniques in order to control them. Anyone can be phished but if we take necessary steps we may not be phished [1, 3, and 4].

Let us now see some of the steps for avoiding phishing:

We must be careful with the emails that come with urgent requests to provide information about us. They ask us to fill in the form by exciting us saying you have won so and so amount and to claim that provide us the details.

The email which is received which comes with asking our personal data should be ignored.

In the emails which we receive there might be some links, it is better if we directly do not open those links. If we receive any such kind of email then to know if it is a fake one better copy the link and open it in a new browser.

If we receive any email from the any of the bank which is a spoofed one, its better if we call up to the bank and ask them if at all this email which asks for our information has been sent by them or not.

We must avoid filling up online forms which asks for our personal information.

We must never download any attachment sent by the unknown person because it is a method of the hacker or the attacker that loads malware onto our computer.

Even if we are sure that the email which might not be spoofed has come from any company then it is better to open the directly the company’s site and type in the URL there.

We must make a habit of ensuring that when we are providing with our credit card details online we must check if the web site is secured or not because the hackers are now able to spoof http:// that we can normally see when we are in a secure Web server.

We must also make a habit of entering the address of any bank or shopping mall etc on our own rather than using the link which maybe there.

We must everyday log on into our bank account and check for the credit card and the debit card details if the transactions in it are legitimate or not.

There are many groups for the anti-phishing. If the emails we receive are spoofed we must report them.

How to identify Phishing:

There are many ways of identifying phishing [5,6,7].

Some of them are:

Any email which the victim receives which asks for the personal information is phishing.

Through the email they may ask us to make a phone call where while speaking to them they will ask for the personal data like user name and password and also the credit card number.

Read also  The History Of The Hcl Business Model Information Technology Essay

A link when we directly open from the email which we receive, it might not be the secured site. Whatever sites are secured we can see the http protocol at the beginning of the URL. So, even if the website looks real and if it doesn’t have http before the URL that means it is not real.

Sometimes there might also be misspelled words in the URLs. For example www.llloydstsb.com .

In other words in order to identify phishing is using our judgement. No institutions or company’s or banks asks for our information. They already will be having enough of our information required for them. In fact most of the company’s or institutions clearly state that ‘we will never ever ask any personal information via phone or via email’.

Types of Phishing Attacks: There are different types of phishing attacks. Let’s see what they are:

Deceptive phishing.

Malware-Based phishing.

Key loggers and screen loggers.

Session Hijacking.

Web Trojans.

Poisoning the host file.

Attack caused when system re-configures.

Data Theft.

DNS- Based Phishing (“PHARMING”).

Content-Injection Phishing.

Man-In-The-Middle Phishing.

Search Engine Phishing.

Let us now individually see what exactly these types are. Each of these phishing types tells about hackers who use these different techniques in order to phish malicious people [8, 9, 10, and 11]

Deceptive Phishing: The most common broadcast method used today is deceptive email message. Emails like verify your account, new free services for you, lost information due to system crash and many more. They try to steal the personal information of ours by asking us to click on the link. The hackers will be sending these emails to huge number of people hoping that at least some would click the link. If at all we click the link sent by the hacker, it will take us to some fake website where they ask us to enter our confidential data. This is how they try to steal information.

Malware-Based Phishing: It might be problem running too many software’s on a single PC. This malware is used as an email attachment which is like a downloadable file from a website. This is a particular issue for the SMB’s i.e. small and a medium business who won’t be updating their software’s up to date.

Key loggers and Screen loggers: This type of phishing attack is done through the keyboard input. The attacker tracks the keyboard input and sends some information that is required for the hacker or the attacker via internet. As a small utility programme known as the helper objects that run automatically into the system files acts as a device drivers or screen monitors and also this helper programme starts automatically when the browser is started, the hacker taking this as an advantage embed themselves in this browser and try to hack the information.

Session Hijacking: In this type of attack the user’s activities are monitored until they do any transactions or log in into an account and establish their copied credentials. At that particular point many software’s open up and undertakes many actions like transferring funds unwary of the user.

Web Trojans: In this type of attack the attacker pop up anonymously when the user tries to log in. At that particular time the attacker collects the user’s authority and then transmits them to hacker.

Poisoning the Host File: Before the transmission over the internet, the URL typed by the user to visit a website must be first translated into the IP address. Many of the SMB’s users system are running with Microsoft windows operating system, they first look up the host names in the hosts file before they undertake a DNS i.e. Domain Name System lookup. Hence by taking this as an advantage, the attacker ‘poisons’ the host file where the attacker or the hacker who transmitted a fake website, takes the user to that website and asking them to enter their details.

Attack Caused when system re-configures: Many things might be modified in the users PC’s. While formatting the system certain things might not be done like the URL’s. Suppose for example there are certain URL’s stored in our favourites by which directly clicking on that may take us to the website. Suppose we have a bank name “lloyds.com” , it can be changed to “loyds.com”. This is what exactly system reconfiguration attack is.

Data Theft: In this type of phishing attack, the hacker steals the business data and sells it for its profit. Basically there might be many computers in a company which not be secured fully. So, they keep the important data in the secured servers but, these can PC’s can be more easily compromised as the PC’s are used to access such servers. This type of phishing attack is basically used in the business espionage. So, the hacker steal the information like employment details, further business proposals, confidential data etc and sell it to someone like competitors or someone who wants to embarrass the business. This data theft deals with stealing business information and selling it.

DNS-Based Phishing (“PHARMING”): In this type of phishing attack, the hackers interfere with the company’s host file or domain name system such that the communications made between them are directed to the fake websites. The result for this would be: users may not be knowing that the details that they are entering (the details might be confidential too) in the website may not be safe in fact it may be controlled by the attacker or the hacker and also it might not be in the same country as well. The word “PHARMING” is given to the modification of the host file or also for the Domain Name System (DNS)-based phishing.

Content-Injection Phishing: In this type of phishing attack, the hacker in order to force us to enter the personal details, makes some changes with the original website or the genuine website, the changes might be very minor too. Basically this one is developed in order to fool the users who may be unwary of it. Let us an example for this: the hacker may develop where the users would ask to enter the password many times. In this way, the hacker steals the confidential data from the user. They design this by inserting malicious codes for the users to log where they can secretly collect the confidential credentials of the users and deliver it to the hackers or the attackers server.

Read also  Tendersinfo Bidding Consultancy And Facilitation Services Information Technology Essay

Man-in-the-Middle Phishing: In this type of phishing attack, the attacker places themselves in a position where it could be in between the user and the website. It firstly notices the users what all things he is doing in the website. At that time there might not be any transactions, but later on the hacker might sell it or use it when the user might not be active on the system.

Search Engine Phishing: In this type of phishing attack, the hacker designs a website which is very much attractive to the user. This one basically we can find in the websites where we are looking to shop something. This fake website may anytime appear on the screen when we are searching something. The website may say “congrats who have won £15000 and to claim please click here”. They may also create a website with some bank name say NATWEST and say “we are offering very low interest rates and to know more details about this please click here”. In this way they try to steal the personal data else they ask us to transfer amount to make the interest rate less.

These are the different types of the phishing attacks.

419 Scams: Advance fee Fraud or Nigerian Scams and Nigerian 419 is a number which is referred as particular section of Nigerian penal code and was originated because of loss of security in west Africa (Nigeria mainly).it is also one of the part of phishing scam. Due to lot of usage of email these days, people are desperate now than before and losing everything for criminal people instead of them knowing that this activity is going for many years.

This scam is usually done by the people who have much desire to earn quick achievement in their life.” there is no such thing as free money” this saying implies on them.

“419” is having many shapes and forms, which will fool people by tempting them to acquire easy money which the people easily give access to their personal and make the scam for the frauds job very easy…as illustrated in the example…

There are lot of scams have been taking place, but the victims are too scared enough to come front and share their anxieties .for example there are more than 317000 in England in a year. The victims carry out in great secrecy so that it may not lead to violent thing and in turn affect them. They also ignore the warnings in order to lead a life in a proper way.

As this scam involves low risks the best option is for scammers to commit an offence. It is as the scammer can send many emails till the money gets transferred from victims and it is not against the law. There s only less chances to be traced as 419 scams where in account which is 20% of the Nigerian economy.

This scams are usually done through acquiring trust which is done as wined, dined, treated to glamorous hotels, and met with well dressed ‘businessmen’ and ‘officials’ and many other techniques to get a hold on their entire life savings. These cases are rare but we need to think about the risk involved in it.

The solution to these types of scams is to ignore them and not to reply any email which is of no use to you. This will make you and your address as ‘harmful’ and you will receive lots of scams [15 and 16].

Phishing Threats: One of the key and the most vulnerable threat from phishing is identity theft. Users try their best to protect identity and personal information but a single flaw in the security is enough to get them into trouble i.e. how much ever the consumers or the users try to protect their personal information but one single mistake of theirs can expose the user to many threats and also sometimes it may lead to damage of the credit card, unauthorized use of the online bank accounts or also including the credit card fraud. The loop hole in the security parameters lead the people towards losing their identity which may be used in criminal activity, unethical use of bank accounts of the victim and fraud related to the credit cards. One of the most intangible threats is stealing someone’s information rather than stealing money. According to the recent survey done, it takes much time in repairing the damage which is caused by stealing identity i.e. it will take approximately 600 hours or also more than that to completely recover it from the damage caused. If the consumers try to recover, it would be almost equal to lost of their salary. This is not all victims who lose their identity to a phisher. Not only the users lose their bank savings but also go through various physic disorders. He loses his trust in himself and feels embarrassed of himself.

The Phishers made it as a business where they earn millions of money. With this the businesses and also the consumers have to suffer the consequences later. Phishing has its own world as such in Europe, Asia, Middle East and Africa where phishers cash in on the victims account and ultimately the consumers have to suffer.

Most of the phishing attacks take place online and the maximum numbers of victims who get affected are unaware of the computer activities related to these attacks and easily fall in the trap of the phisher. This phishing attacks are not confined to the end user but also many companies get trapped by the phishers leading to huge losses.

Organized crime groups also started using this phishing. Let us assume that if a small group of hackers can steal the bank account information, then only assuming the small percentage of the users being duped can make most of the money neither thousands nor millions but billions of money. These hackers they target most of the users on the online banking. Due to this there is huge loss to many of the banks. The hackers use the pump and dump technique or scheme, where hackers increases the prices of the low priced stock and then later sell them i.e. the shares at higher prices and make interest out of it. So, this phishing is not only a night mare (if not taken necessary steps) to major businesses but also for the consumers. They also affect the businesses running at small scale (they ignore security things just coz of the low budget) and later if phished they need to face the consequences.

Read also  Standard Chartered Bank In Pakistan Information Technology Essay

There will be huge losses for the companies whose brand names have been hijacked. These companies lose money in the form of stolen cash. In this way they also lose their customers who think that the company is responsible for not providing security. With these scams the consumers trust and confidence is eroded especially leaving the company because of the problems with the public relations.

The 9/11 attack on WTC one of the worst day the world has seen brought into lime light the name of Al-Qaeda group which is well known now for it terrorist activities might have indulged in the phishing activities of credit card & calling card frauds. They use them for their own benefit, welfare and funding of their other sister organization to cause destruction in the world.

Because of the increase in victims of phishing, the company faces huge loses. Whether the litigation is successful or not, the damage to the company’s image and also the cost of the local fees is constant. Due to this some companies offer the customers whose accounts have been abused for compensation. This is basically a tactic of maintaining good relationship with the customer.

There is a drastic increase in the phishing in between the year 2005 and 2010. Figure 1shows the graphical representation of phishing reports between 2005 and 2006.

Fig1: phishing reports received in the year 2005-2006 [12].

Fig2: new phishing sites opened [12].

The above figure shows the sites which have been opened in the year 2006. There was a huge increase in the newly opened website. With this representation we can guess how much money would have these hackers have been made.

The Anti Phishing group and some other companies work a lot in order to reduce the phishing attacks. From the recent report from the message labs, they have almost blocked 1 in 444.5 i.e. 0.23 percent in the year 2010 when compared with 1 in 325.2 i.e. 0.31 percent in the year 2009. They projected approximately 95.1 billion phishing emails in the year 2010 [13].

Fig 3: shows the report of the phishing which is been blocked [14].

From the recent analysis of the message block, in the month of august, the phishing activity was increased by 0.10% within 1month i.e. since July. Only 0.275% which is approximately 1 in 363.1 emails was comprised which is a form of phishing attack.

Oman in the month of august was most targeted by the phishing emails i.e. comprising a phishing attack which is 1 in 185.3. Let’s see all the phishing activities i.e. the emails which were blocked in different countries.

Oman: 1 in 185.3, comprising a phishing attack.

US: a phishing level is 1 in 724.7

Canada: the phishing level for this is 1 in 515.8

UK: 1 in 186.5 emails were blocked as the phishing attack.

Germany: the phishing level for this is 1 in 444.2

Denmark: the level of phishing is1 in 703.9

Netherlands: 1 in 742.3

Australia: 1 in 482.9 emails

Hong Kong: 1 in 696.6

Japan: 1 in 701.0 phishing activities were accounted.

Singapore: 1 in 1,478.3 emails.

Among all the phishing attacks, Government/Public sector is one of the most targeted one in august. Let us now see the phishing levels in all sectors.

Government/Public Sector: 1 in 83.5 emails which comprise a phishing attack.

Chemical and Pharmaceutical Sector: a phishing levels is 1 in 471.3.

IT Service Sector: a phishing level for this is 1 in 460.5.

Retail: the phishing level is 1 in 751.0

Education: it is 1 in 201.8.

Finance: the phishing level is 1 in 276.2.

Technical: We need to have an idea about the technology used, the protocols and also the tactics behind the schemes in order to understand the working of phishing. Some of the main elements which are related to phishing are as follows:

SMTP initiates a mail from the sender and delivers it to the recipient. It does not know who the actual sender is. Mechanism is there only to proof whether the desired recipient has received the mail but authenticity of the sender is not checked. R&D is trying hard to include this feature which could drastically reduce the chances of phishing.

HTML is an easier to way for the criminals. A click on the URL is all what they are looking for. To pretend to be credible source they send a lot of brand images along with the URL’s.

HTML forms are tricky way of capturing innocent users. They enter all the required information in the textboxes, checkboxes etc. and click on the “SUBMIT” which actually contains hidden URL relocating the page to a different source. From there they capture the required information.

Domain names are another dangerous source of invalidated information. When a particular website address is typed and for suppose that domain has been hacked to taken control the user seems to be locating to the site which he wishes for but in the background another unknown fishy site is being opened as a malicious content. This also is unknown to the user who is under the impression that “I am going in for the right authenticated website, what is the risk involved” but he is unaware that the domain has been taken control over.

Trojan is usually software programs predefined to do a particular task on the user system once installed. This is relatively static.  These generally are in the form of chat and sample free games offered. Of course “NOTHING COMES FREE”

Browser insecurities are another way similar to the domain names. Here the URL is attached some with some other code but invisible to the user. When he places the cursor on the site address it looks as usual but when clicked will be redirected to the wrong address due to embedded extra code. A lot of research has gone into fixing these but still they prevail.

Malicious JavaScript: In this is the taskbar, menu is used to relocate. When the user types in some information in these, due to the inbuilt programs in these browsers they divert to some unofficial site in the interest of the attacker.

Order Now

Order Now

Type of Paper
Subject
Deadline
Number of Pages
(275 words)