Social engineering
advertisement
9 SearchSecurity r Essential Guide g Se cure We b gate ways, from e valuation to se ale d de al phishing Poste d by Margare t Rouse WhatIs.com c s o n Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. FR OM THE ESSENTIAL GUIDE: Secure Web gateways, from evaluation to sealed deal 0 G UIDE S ECT IO NS 1. SWG basics 2. SWG pros and cons 3. Buying a se cure We b gate way 4. Def initions 1 2 f + Show More Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients. Typically, the messages appear to come from well known and trustworthy Web sites. Web sites that are frequently spoofed by phishers include PayPal, eBay, MSN, Yahoo, BestBuy, and America Online. A phishing expedition, like the fishing expedition it's named for, is a speculative venture: the phisher puts the lure hoping to fool at least a few of the prey that encounter the bait. Phishers use a number of different social engineering and e-mail spoofing ploys to try to trick their victims. In one fairly typical case before the Federal Trade Commission (FTC), a 17-year-old male sent out messages purporting to be from America Online that said there had been a billing problem with recipients' AOL accounts. The perpetrator's e-mail used AOL logos and contained legitimate links. If recipients clicked on the "AOL Billing Center" link, however, they were taken to a spoofed AOL Web page that asked for personal information, including credit card numbers, personal identification numbers (PINs), social security numbers, banking numbers, and passwords. This information was used for identity theft. The FTC warns users to be suspicious of any official-looking e-mail message that asks for updates on personal or financial information and urges recipients to go directly to the organization's Web site to find out whether the request is legitimate. If you suspect you have been phished, forward the e-mail to spam@uce.gov or call the FTC help line, 1-877-FTC-HELP. Pro+ Features Enjoy the benef its of Pro+ membership, learn more and join. 7 E-Han dbook x E-Zin e x E-Zin e The transformation of wireless network security 2014 Security 7 Award Winners Security Readers' Choice Awards 2014 Resources from around the Web Phishing - Wikipedia, the free encyclopedia Explains some common phishing methods and dangers. en.wikipedia.org/wiki/Phishing Anti-Phishing Working Group Our mission is to provide a resource for information on the problem and solutions for phishing and email fraud. www.antiphishing.org/ OnGuard Online - Phishing Phishing section of an informational website run by the US Federal Trade Commission. Offers advice on how to spot, avoid and report phishing attacks. onguardonline.gov/phishing.html Recognize phishing scams and fraudulent e-mails Phishing is a type of e-mail scam designed to steal your identity. Learn more about how this scam works and what a phishing e-mail message may look like. www.microsoft.com/protect/yourself/phishing/identify.mspx Avoid Getting 'Hooked' By Phishers The most common form of phishing is emails pretending to be from a legitimate ... A spam filter can help reduce the number of phishing emails you get. ... www.fraud.org/tips/internet/phishing.htm This was first publishe d in May 2007 qGlossary 'phishing' is part of the: Malware Glossary Security management Glossary View All Def initions Related Terms Operation Phish Phry Ope ration Phish Phry is a cybe rcrime inve stigation carrie d out by the Unite d State s Fe de ral Bure au of Inve stigation (FBI), the ... Se e comple te de finition q spear phishing Spe ar phishing is an e -mail spoofing fraud atte mpt that targe ts a spe cific organization, se e king unauthorize d acce ss to ... Se e comple te de finition q whaling Whaling is a type of fraud that targe ts high-profile e nd use rs such as C-le ve l corporate e xe cutive s, politicians and ce le britie s. Se e comple te de finition q r Essential Guide Se cure We b gat e ways, f rom e valuat ion t o se ale d de al G UIDE S ECT IO NS 1. SWG basics 2. SWG pros and cons 3. Buying a se cure We b gate way 4. Def initions z 1 comment Oldest 5 Share your comment Register or Login E-Mail email@techtarget.com Username / Password Username Password By submitting you agre e to re ce ive e mail from Te chTarge t and its partne rs. If Comment you re side outside of the Unite d State s, you conse nt to having your pe rsonal data transfe rre d to and proce sse d in the Unite d State s. Privacy Genderhayes — 12 May 2014 2:13 AM t Criminal activity of sending emails or having a website that is intended to trick someone into giving away information targeted advertising or the ‘pushing’ of people towards products and services -ADS BY GOOGLE Help Desk Software m anageengine.com /Help_Desk Help desk and IT Asset Management Purchases & Contracts. Try Now! Latest TechTarget resources CLOUD SECURITY SearchCloudSecurity A2 CSA to closely monitor enterprise cloud data privacy issues in 2015 NETWORKING CIO CONSUMERIZATION The Cloud Security Alliance says cloud data privacy has ENTERPRISE DESKTOP emerged as a top issue for industry amid Microsoft's battle with the U.S.... CLOUD COMPUTING 2 An introduction to Docker and its effect on enterprise cloud security COMPUTER WEEKLY Docker provides improvements for application virtualization, but what does it mean for security? Expert Ed Moyle offers an intro ... About Us Adve rtise rs Re prints Contact Us Busine ss Partne rs Archive Privacy Policy Me dia Kit Site Map Vide os Corporate Site Eve nts Photo Storie s Expe rts E-Products Guide s Shon Harris CISSP training All Rights Re se rve d, copyright 2000 - 2015, Te chTarge t
