/ob
 
 
  Home      Products      Services      About us      Contact      Publicity      Legal      Wallpapers      TV free online      Spanish  
 

 
     Free AntiVirus
     Free AntiSpyware
     Free Firewalls
     Free AntiSpam
     Free AntiDialer
      Free AntiPopup
      Free AntiRootkit
      Free Utilities
     Creator of Image


 
    Antivirus On line
     AntiHackers Online
    AntiSpyware Online
    Test Ports Online
    Test Speed On line
    Show True IP


 
    Boot Disk
    Disk Manager
    Tools Antivirus


 
    Concept of Virus
     Concept of Spyware
    Concept of Hackers
    Concept of Dialers
    Concept of Rootkits
    Concept of Spam
    Concept of Exploit
     Concept of Phishing
    Concept of Hoax


 
    To buy a PC
    To install Windows
     The Prevention
    The Disinfection
    The Recovery
    Useful indication
    Gmail Hard disk


 
    Critical Patches
    New Alerts
     The new News

 
 CONCEPT OF PHISHING

Phishing consists of the shipment of electronic mails that, pretending to come from trustworthy sources (For example, banking organizations), they try to collect confidential data of the user. For it, usually they include a connection that, to the pressed being, it takes to falsified pages Web.

This way, the user, believing to be in a site of all confidence, it introduces the asked for information that, in fact, it is going to stop at hands of the swindler.

An ample fan of software exists and applications of everything  class that they are classified within the category of robbery of  personal or financial information, some of really complex them, as the use of a window Javascript floating on the bar of directions of the navigator with the purpose of confusing the user.

Some of more common characteristics that they present/display this type of messages of electronic mail they are: 
 
  • Use of names of already existing companies. Instead of creating from zero the Web site of a fictitious company, the transmitters of post office with fraudulent intentions they adopt the corporative image and functionality of the site of Web of an existing company, with the purpose of confusing still more to the receiver of the message.
  • Use the name of a real employee of a company like sender of the false mail . This way, if the receiver tries to confirm the veracity of the mail calling to the company,  from this one they will be able to confirm to him that the person that it says to speak in name of the company works in the same one. 
  • Directions Web with the correct appearance. The fraudulent mail usually leads to the reader towards Web sites that they talk back the aspect of the company that is being used in order to rob the information. In fact, as much the contents as the direction Web are false and imitate the real contents.Even the legal information and other links connections  they can direct to trusted usuary to the page the real Web.
  • Factor fear . The window of opportunity of the defraudadores is very brief, since once one inquires to the company into which his clients they are being object of this type of practices, the server who lodges to the fraudulent Web site and it serves for the information collection is closed in the interval of few days. Therefore, the defraudador is fundamental obtaining an immediate answer on the part of the user. In many cases, the best incentive is to threaten a loss, or economic or of the own existing account, if the instructions indicated in the received mail are not followed.
  • Man-in-the-middle (man in means). In this technique, the attacker locates between the user and the real Web site, acting as a proxy. This way, it is able to listen to all the communication between both .

          So that it is successful, must be able to redirigir to the client towards his
          proxy instead of towards the real server. Diverse techniques exist stops 
          to obtain it, as for example the transparent proxies, the DNS
          Cache Poisoning (Poisoned of Caché DNS) 

  • Advantage of type vulnerabilities Cross-Site Scripting in a Web site, that they allow to simulate a safe page Web of a banking organization, without the user can detect anomalies in the direction nor in the certificate of security that appears in the navigator.
  • Advantage of vulnerabilities of Internet Explorer in the client, that they allow by means of the use of  exploits to falsify the direction that appears in the navigator. This way, could be directed the navigator to a fraudulent site, whereas in the bar of directions of the navigator would be the URL of the confidence site. By means of this technique, also it is possible to falsify the windows pop-up opened from an authentic page Web.
  • Some attacks of this type also make use of  exploits in fraudulent Web sites that, taking advantage of some vulnerability of Internet Explorer or the operating system of the client, they allow to unload troyanos of type to keylogger that they will rob confidential information of the user.
  • Another more sophisticated technique is the denominated one Pharming. One is fraudulent tactics that consist of to change the contents of DNS (Domain Name Server) or through the configuration of the protocol TCP/IP or of the file lmhost (that it acts like a local cache of names of servers), in order to direct the navigators to false pages instead of the authentic ones when the user accedes to the same ones through its navigator. In addition, in case that the user affected by pharming sail through proxy in order to guarantee its anonymity, the resolution of names of the DNS of proxy can see affected so that all the users that they use it they are lead to the false server instead of the legitimate one. 

 ¿How it works?  ¿How it is distributed? 

More the habitually used mechanism is generation of a false electronic mail that simulate to come from a certain company, whose clients try themselves to deceive. This message will contain connections that aim at one or several pages Web that talk back in everything or partly the aspect and the functionality of the company, of that one hopes that the receiver maintains a relation commercial. If the receiver of the mail message indeed it has that relation with the company and it trusts that the message really comes from this source, it can end up introducing sensitive information in a false form located in one of those Web sites 

As far as his distribution, also they present/display common characteristics:

  • In the same way that the Spam, it is sent massively and indiscriminately by electronic mail or systems of instantaneous mail:
    • The message insists to the user to press on a connection, that it will take to a page in which will have to introduce its confidential data, with the excuse to confirm them, reactivate its account, etc.
    • It is sent like one it alerts of a financial organization warning of an attack. It includes a connection that is urged to press and in that personal data are asked for. 
  • Since the message is distributed massively, some of the receivers will be indeed client of the organization. In the message it is indicated that, due to some problem of security it is necessary accede to a direction Web where it must confirm its data: user name, password,  number of credit card, PIN, number of social security, etc.
  • Of course, the connection does not direct to any page of the company, but rather to a Web site (similar to the original) developed to intention by the swindlers and whoit reproduces the corporative image of the financial organization at issue. Normally the direction Web contains the name of the legitimate institution reason why the client does not suspect the falsification of the same one.
  • When the user introduces his confidential data, these are stored in a data base and what it happens next does not need a concerted effort of imagination: the swindlers use this information to connect themselves to their account and to have the bottoms freely .

The main damages caused by  phishing they are:

  • Robbery of identity and confidential data of the users (credit cards, access keys, etc).
  • Loss of  productivity. 
  • Consumption of resources of the corporative networks (bandwidth , saturation of the mail, etc.).

¿How I can recognize a message of phishing? 

Distinguish a message of phishing of another legitimate one  it can not be easy for a user who has received a mail of such characteristics, specially when she is indeed client of the financial organization from which supposedly the message comes.

  • The field Of: of the message it shows a direction of the company at issue. Despite, the swindler is simple to modify the origin direction that is  in any client of mail.
  • The message of electronic mail presents/displays logotype or images that have been gathered of the real Web siteto that the fraudulent message makes reference. 
  • The connection that sample looks like to point at the original Web site of the company, but in fact it takes to a fraudulent page Web, in that data of users will be asked for, passwords, etc.
  • Normally these messages of electronic mail  they present/display grammar errors or changed words, that they are not usual in the communications of the organization by that they are being tried to make happen.

Clon page of the Cajamadrid Bank in Spain and  shipment massively by electronic mail to several clients of this institution .

Another example: Bank Viabcp - Paypal

All the users of the electronic mail we run the risk of being victims on these attempts of attacks. Any public direction in Internet (that it has been used in forums, groups of the news or somewhere Web) it will be more susceptible to be victim of an attack due to  spiders that they track the network in search of valid directions of electronic mail. 

This one is the reason that east type exists of malware. An attack of this type is really cheap making and the obtained benefits are numerous with only a smallest percentage of success .

¿How I can be protected of phishing? 

In case that it believes that the received message could be legitimate, something that of entrance must be considered like highly improbable, in the first place it would have to contact with the financial institution, by telephone or through the means that use habitually. Even in affirmative case, always verify the following points before introducing any class of data that can maliciously arrive to be used by third, in order to drastically reduce the risk of undergoing an attack of phishing:

  • Verify the source of the information.  It does not answer any mail automatically that asks for personal or financial information. If it has doubts on if really that organization it needs the type information that it solicits to him, it is enough with telephoning to its habitual contact to make sure the source of the information.
  • The direction writes same you in its navigator of Internet . Instead of clicking in the hyperbond provided in the electronic mail, the direction writes directly Web in the navigator or use a marker that has created previously.Even directions that they pretend to be correct in the electronic mails they can hide to the route towards a fraudulent Web site.
  • Reinforce its security . Those users who make transactions through Internet they would have to form its system with suites of security able to block these threats, apply the last ones security patches  facilitated by the manufacturers and to make sure that they operate in safe way through digital certificates or  safe communication protocols like  https://

  • Verify that the page Web which has entered is a safe direction : it has to begin with https:// and a small one closed padlock it must appear in the state bar of our navigator. 


  • Click double on this padlock to have access to the digital certificate that it confirms that the Web corresponds with which is visiting.

  • Review its accounts periodically.. The monthly abstracts are specially useful in order to detect irregular transferences or transactions, as much operations that have not made and they are reflected in the abstract, like conducted operations online and that does not appear in the abstract.

Fulfilled all these requirements, the user can provide his information with a reasonable security of which this one will not be used against its interests. 

The best way to protect itself of phishing it is to understand the way to act of the suppliers of financial services and other organizations susceptible to receive this type of attacks . The main rule that these organizations do not infringe is the information request sensible through nonsafe channels, like for example the electronic mail. 

IMPORTANT

If it has the necessity to make transactions in line, take into account these recommendations: First it verifies that its PC is frees of nobody malware  (virus, spywares, rootkits, etc.),it never does it in a cabin publishes (cibercafé), and make in a safe Web, these must begin with https:// and they must show a small icon  "padlock" in the right inferior part of the page, that it is the certificate of security and of guarantee (give double click and you can read it).

Gratefulness a : .pandasoftware

 

___________________
 

___________________

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Recommend     Favorites     This Page Your Start Page     Legal     Contact     About us

 Webstats4U - Web site estadØsticas gratuito El contador para sitios web particulares  

SEGURIDADPC.NET© 2005 - 2007