|
|
phishing
| Last modified:
Friday, March 11, 2005
|
|
|
(fish´ing) (n.) The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user’s information. For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user’s account was about to be suspended unless he clicked on the provided link and updated the credit card information that the genuine eBay already had. Because it is relatively simple to make a Web site look like a legitimate organizations site by mimicking the HTML code, the scam counted on people being tricked into thinking they were actually being contacted by eBay and were subsequently going to eBay’s site to update their account information. By spamming large groups of people, the “phisher” counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with eBay legitimately.
Phishing, also referred to as brand spoofing or carding, is a variation on “fishing,” the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.
Other forms: phish (v.)
Also see the
All
About Phishing page in the
"Did You Know?
section of Webopedia for more information, including examples, of phishing.
|
|
•E-mail this definition to a colleague•
Sponsored listings
Internet Identity: Internet Security
-
Provide expert consulting and managed services that enable you to quickly implement an effective defense and take immediate action against phishing.
Brandimensions, Inc.: Brand Management Security
-
Offers scalable internet security services to detect and fight phishing attacks, online fraud, and trademark abuses. Protect your brand and customers.
Websense: Employee Internet Management Software
-
Buy software for managing employee internet access and bandwidth. Block P2P file sharing, spyware, malicious code, porn, and employee hacking. US ONLY
DNS-Based Phishing Attacks on The Rise 
This EnterpriseNetworkingPlanet article discusses how phishing fraudsters are using a pair of DNS exploits to help give them the illusion of credible domains, the latest ploy to dupe people into handing over their sensitive information.
How Not to Get Hooked by a Phishing Scam
Valuable information from the Federal Trade Commission, including how to report suspected phishers.
|
|
|
