[Type text]
[Type text]
[Type text]
A Trip to the Phishing
Hole
By
Joshua Curtis
For
Al Paparoni
A Trip to the Phishing Hole
Joshua Curtis
Table of Contents
Executive Summary....................................................................................................................................... 2
Ethics ............................................................................................................................................................. 3
What is Phishing? .......................................................................................................................................... 4
Usability ........................................................................................................................................................ 5
Phishing Incidents ......................................................................................................................................... 6
Conclusion ..................................................................................................................................................... 7
Bibliography .................................................................................................................................................. 7
1
A Trip to the Phishing Hole
Joshua Curtis
Executive Summary
In this report, the idea of ethics is briefly outlined, and the method of
phishing is related to it. Basically, ethics is the study of right and wrong, and
phishing is definitely wrong. After that, phishing, tricking someone into giving
information is explained; what it is, how it’s done, what it accomplishes, that sort
of thing. In short, phishing is done by sending a fake email that can include a link
to a fake website that convinces victims to give their information. Usually,
successful phishing can result in financial loss or personal violation. A couple of
recent phishing related incidents are outlined following that. These incidents
were very destructive in nature. In conclusion, phishing is a very unethical,
dangerous way of getting information.
2
A Trip to the Phishing Hole
Joshua Curtis
Ethics
Ethics refers to the study of morality and right and wrong. These morals
usually decide a group or person’s behavior and actions. To be ethical is to act
properly and be considerate of others and oneself. An example of ethical behavior
is to, like the famous line, “Give credit where credit is due”. On the other hand,
being unethical is almost like being unfair. Acting without reason, not telling the
truth, et cetera, are all examples of being unethical. In short, ethics is the
difference between right and wrong.
In regards to my report, ethics can refer to how phishing is unethical (which it
is). Obviously, taking someone’s information and using it for oneself is wrong and
terribly unethical. In this report, the information about phishing that I have found
will be presented.
3
A Trip to the Phishing Hole
Joshua Curtis
What is Phishing?
Phishing is the illegal act of stealing ones financial (private) information by
posing as a trustworthy entity. Usually this is done through links to seemingly
legitimate websites or surveys. An example of phishing can be seen below.
Usually, a small error can be seen in a phishing email or message. Like the
misspelling of “received” in this example. But for the most part, phishing is pretty
hard to recognise.
4
A Trip to the Phishing Hole
Joshua Curtis
Usability
From a technical standpoint, phishing is a pretty good way to acquire
information. It’s really useful and can trick quite a few individuals. When people
see something that looks clean, polished, and secure at the first glance, the
phisher has them on a hook and reeled in. Phishing is dangerous in that aspect.
Perhaps the scariest part of phishing is that it’s very easily accessible and
relatively easy to do. All our phisher needs to do is create a website that looks
similar to the original, send an official-looking email with an official-looking link,
and then our information is right at their fingertips. It doesn’t require rocket
science; just some creativity and intuition.
However, phishing is not a perfect method. It relies upon people’s stupidity
and disregard for reading long paragraphs. As soon as someone actually examines
the email or message, the phisher doesn’t get their information. The operation
failed. If a computer user were to discover something that looks fishy and out of
place, the phisher is done. The phisher needs to be very careful. They cannot slip
up.
Phishing can lead to many negative things including; financial loss due to
exposed account information, account loss for the same reason, and even
violence because of given addresses and the like. Phishing may sound tame, but it
can actually be very dangerous if given the chance.
5
A Trip to the Phishing Hole
Joshua Curtis
Phishing Incidents
Phishing is a real threat that businesses and other companies face. Like I
said, phishing is an effective way of getting what one wants. And of course,
people are going to take advantage of it. As a result, there have been several
cases regarding phishing in the past. Allow me to outline a couple of these
destructive happenings.
Back in 2007, there was a national cybercriminal case that regarded
phishing. 47 Egyptians and 53 Americans were charged later on, in 2009, for being
part of “Operation Phish Phry”. Basically, these 100 men and women tricked
thousands of E-mail service customers into giving away their credentials. Mostly,
the members of this operation collected banking information. Luckily the FBI was
able to catch them before they did too much damage. Regarded as the largest
national cybercrime case ever, Operation Phish Phry was a very destructive and
dangerous case of phishing.
In April 2013, a very important journalist fell for a phony phishing email
claiming to be from Twitter. This phisher was able to hack his Twitter account and
put out a tweet, saying that there was an explosion at the White House. Of
course, there really wasn’t, but it caused a chain reaction anyway. Because
everyone trusted that there truly was an explosion, $136.5 billion dollars was
erased from the S&P index’s value. So because of this relatively simple phishing
scandal, the stock markets took a large fall.
6
A Trip to the Phishing Hole
Joshua Curtis
Conclusion
Phishing is a very dangerous method of getting what one wants, and should
be looked out for. It is unethical, and there are better ways of obtaining
information, but people phish anyways because it’s easy to do. In short, phishing
is an unethical, destructive way of getting information for personal gain.
Bibliography
Phishing. (2015, March 5th). Retrieved March 6th, 2015, from Wikipedia, the free encyclopedia:
http://en.wikipedia.org/wiki/Phishing
Phishing. (2015, March 5th). Retrieved March 6th, 2015, from Wikipedia, the free encyclopedia:
http://upload.wikimedia.org/wikipedia/commons/d/d0/PhishingTrustedBank.png
Claburn, T. (2009, June 10th). 100 Phishers Charged In Largest Cybercrime Case. Retrieved March 6th,
2015, from DARKReading: http://www.darkreading.com/attacks-and-breaches/100-phisherscharged-in-largest-cybercrime-case/d/d-id/1083775?
Ethics, M. L. (2014, July 11th). Medical Laboratory Ethics. Retrieved March 6th, 2015, from Linkedin:
https://media.licdn.com/mpr/mpr/p/8/005/072/182/006fb46.jpg
Takahashi, K. (2013, April 30th). How Easy Was it for a Routine Phishing Scam to Rock Global Financial
Markets? Retrieved March 5th, 2015, from Return Path: http://blog.returnpath.com/blog/kentakahashi/how-easy-was-it-for-a-routine-phishing-scam-to-rock-global-financial-markets
7