That’s right folks, its Phish Week here on MyBSOD.com. Throughout this week, I will be posting articles on the topic of Phishing. I hope to give you, the reader, an in depth look at the world of phishing, what it is, how it occurs, who is at risk and how to protect yourselves. The best part is, there is no bloody gory bite marks or drowning associated with phish Week, however, you may wish you had been drowned if you’ve ever had your identity stolen through a phishing scam.
Phish Week, Day 1: What is Phishing?
So some of you are probably sitting there reading this wondering what phishing is and what the heck it has to do with sharks? Well to be perfectly honest with you, phishing has absolutely nothing to do with the sharks that you may see swimming around in the ocean; in fact it has nothing to do with fish at all. Phishing is generally described as the practice of using social engineering techniques to commit fraud or some other type of internet based crime. So what is social engineering? Social engineering is basically the art of using your own wit to trick users into turning over personal information that they would not normally be allowed to or want to give up (if you want to read a good book, I would highly recommend “The Art of Deception” by Kevin Mitnick. It contains some excellent information regarding social engineering). Using social engineering techniques in an online atmosphere is how we get to our topic of phishing. Phishing scams or attacks will usually focus on obtaining data such as user names, passwords, pin numbers and social security numbers from unsuspecting users. These scams are especially dangerous because they often try to gain user trust by targeting websites that seem friendly and familiar to an everyday computer user, such as a local bank or EBay. Often time’s phishers will send out a mass email to a large number of computer users, hoping that in that large group they will hit a few that will be a member of their targeted organization and in turn fall for the scam, unfortunately some users always do. Phishing scams can also take place on standard websites which have been disguised and formatted to look like that of the valid organization that they’re attempting to portray. These emails and websites will almost always include images/logos that correspond to the targeted organization. Even worse, in some cases, there will also be valid links to sites explaining the dangers of phishing scams. All of this is obviously done to gain even more of the users trust. So, how can you positively identify a phishing scam? Well, that information is for another day, tomorrow, when we’ll take an in depth look at what organizations are frequently targeted by phishers and what these scams will look like. Until then, feel free to check out the included video below. This video was created by me and a few of my classmates at college. It will give you a quick, very basic overview of phishing in a very visual form. For a continued look at phishing, be sure to check back tomorrow!
Share This
