Phishing. Security tips
- Phishing (Eng. phishing, from fishing, angling) is the criminal act of attempting to trick victims into giving out information. It is a computer crime that is punishable by law.
- Phisher — a fraudster or a group of scammers who engage in phishing.
An example of a phishing scenario
- A fraudster creates a site that is identical in appearance to the official site of a bank, postal service or social network, and that has almost the very same address (examples), the only difference between the two sites being that the fake site has been equipped to carry out phishing attacks (e.g., infect computers).
- Then a link to this fake site, under the guise of an official letter containing an offer (for example, to receive a prize or read an important message), is sent via email to as many potential victims as possible.
- Next, using different tricks, the scammers succeed in getting their victims to visit the infected site, install software on their computers, open a file, and divulge their passwords, bank account numbers, PIN codes, etc.
- On the compromised site, the victim enters their password to access the system.
- The entered data is sent to the phisher, and the duped user is redirected to the organization’s real web page, never suspecting that something wrong had occurred.
Today phishing is one of the most widespread forms of cybercrime in the world, and is most often used to steal accounts and banking information.