Business Security: Phishing. It needs to be at least 1500 words.
official email from a (fictional) bank, as attempts to trick the banks members into giving away their account information by “confirming” it at the phishers linked website. Phishing is bad and its one of the great enemies of the IT industry and its related industries, which particularly includes the e-commerce,
electronic banking and other electronic finance related services. Wikipedia (2006) considers phishing as a form of criminal activity using social engineering techniques. It explains that phishers attempt fraudulently to acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication. Further, it states that phishing is typically carried out using email or an instant message.
Given therefore the objective of phishers, one would not be surprised to here electronic fund theft or fraud as a result of phishing and the most likely victims are customers with banks accounts, credit card accounts a e-currency and other related accounts. As to what techniques are employed, Wikipedia (2006) said:
Most methods of phishing use some form of technical deception designed to make a link in an email appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers, such as this example URL, http://www.yourbank.com.example.com/. One method of spoofing links used web addresses containing the @ symbol, which were used to include a username and password in a web URL (contrary to the standard Berners-Lee, Tim. (n.d.). For example, the link http://od.com/ might deceive a casual observer into believing that the link will open a page on www.google.com, whereas the link actually directs the browser to a page on members.tripod.com, using a username of www.google.com. were there no such user, the page would open normally.