Fishing. Equipment or computer crimes

Fishing. Equipment or computer crimes

Fishing, which is also called carding or brand spoofing, has many definitions. Here we must be very careful, as this concept is constantly evolving. Is much more appropriate to consider the methods of computer crimes, the most common of which is the distribution of fake emails using the broadcast program.

These letters send «legitimate» institutions for the purpose of fraudulently extract personal information such as credit card numbers or passwords to bank accounts. In most cases, these letters contain an invitation to go to a Web-site and enter your personal information confidential. To mislead you, crooks make out his fake website so that it looked like a real website of the company that you are using.

Of course, these sites are not sites of legitimate organizations and crooks use the information you entered in the mercenary purposes. Thus, it is understandable why this process is called phishing. In English the word «fishing» means «fish» and the rogues just «fill up the bait», expecting that you will get hooked.

For the first time this phenomenon has attracted attention in 1995 in an incident happened to a company America Online (AOL). Phishers simulated administrator of the company and their victims reported that the alleged problem with the account and need to upgrade your credit card and personal information. At that time, due to the fact that home computers connected to the Internet, were a new phenomenon, this scheme has proved very effective, but it is not practiced as often as today.

In July 2003, passed the message of the sudden phishing attacks aimed at US financial institutions. The most important thing of all was that the attack was carried out on a new, unknown location. She revealed the importance of the human factor, which was previously underestimated. No protective system, or SSL-certificates or IPS-rules, no patch management could not stop the exploitation of unsuspecting Internet users. People trust financial institutions and therefore easy to fall for the bait scams.

For example, to address the naked eye southtrust.com virtually no different from the address southstrust.com. The only difference — is superfluous letter «s» in the second address. If the fraud site looks no different from the site of a financial institution, the bona fide user and would pay attention to a slight difference in the addresses. Partly because of this, phishing and afloat.

Here are some examples of screenshots of phishing sites designed to obtain confidential information from users Sberbank Online

Fishing. Equipment or computer crimes

Фишинг. Или техника компьютерных преступлений

Фишинг. Или техника компьютерных преступлений

Fishing. Equipment or computer crimes

Фишинг. Или техника компьютерных преступлений

The most effective phishing messages are messages that contain in itself something new. These were, for example, the first letter requiring checking bank account or a credit card. When the effectiveness of such a scam fell by 5%, was coined a new message: «Warning of security.» It rose by 10% efficiency level.

From these statistics, we can conclude that, although worked only 5% of all messages the old model, but new post gave rogues additional 10% of mail. It should be noted that the decrease in the efficiency of old letters from 10% to 5% was not caused by the improvement of anti-spam technologies, and increase the care and education of users.

What is the profitability of a single mass mailing? Subscribe to 100 thousand. Letters can cause 5% of the clicks. This 5 th. Of potential victims. But not all people who go to the link, enter their data. Many give false information. Therefore, every single delivery from 10 to 100 real victims. Thus, the efficiency is 0.01-0.1%. But the victim enters all the information that is needed Fischer: names, account numbers, credit card numbers, social security and so on. D.

What is the difference between phishing and spyware newsletters? They have different goals. Send emails made in order to get some specific information about the person. This method is inexpensive, but it brings a considerable profit. The gathered information can be used for months. (Read my article Keyword Selection)

The use of viruses designed to obtain any information from any user. The victims in this case are selected at random and at some point, the findings may not have any value to the fraudster. Implementation of this mechanism is expensive and time restrictions. Virus programs are also ineffective against sophisticated security systems. But phishing e-mails are based only on the human factor and ignore the protection system of any complexity.

So, phishing — is the process of sending fake emails to recipients on behalf of legitimate financial institutions. His goal — to extract a person sensitive personal information, such as data on bank account or credit card number. Today, such activities are illegal only if the detected unauthorized use of confidential information.

Continuing the theme, read — Fischer launder money.

If this article was helpful for you, click on the buttons of social networks, you will not lose anything, and I am pleased, or click on the advertisement, it stimulates me to write new articles :). Recommended reading — Search engine optimization seo. Plan your strategy.

Subscribe to the newsletter of new articles. Keep in mind, I give only good advice that checks on itself.

All the best to you.
Kind regards. Andrew.

Не пропустите мои новые статьи, ПОДПИШИТЕСЬ и будьте в курсе!