Q.-> What is Phishing Technique?
A.-> The act of sending mass e-mails to the unknown user of any organization by collecting their details falsely claiming to be an established organization in order to scam their personal information that will be used for identity theft. This e-mail direct the user to visit a website or a link where they are asked to update their personal information such as passwords of credit cards, social security and the bank account number that the legitimate organization already has.
Q.-> How to identify the Phishing mails?
A.-> Phishing mails pretend itself to be from genuine sources like gmail,Paypal and Bank houses to cheat the user and take away his account information these mails usually contain links convincing the customers to change their personal information. Here are the few tips to identify the Phishing mails:-
1.Check for SSL Security:
Email services and payment gateways use SSL security to encrypt password and user information which will show a log icon near the URL box. While phishing email links will not have SSL security.
2.Check incoming mail address:
Emails from original sources will be in proper format. Like an email from PayPal will be something like support@paypal.com. While phishing emails can not mimic this.
3.Find out the location and other details of email sender:
You can track the location and other details of the email sender, from the email itself. So whenever you are asked to verify your Gmail account, just check out the email location. If its from Mountain view CA, probably its a genuine mail.
Q.->Phishing Techniques?
A.-> There are some new techniques of phishing used by the hackers that cannot be detected by anti phishing toolbars are:
Flash phishing
Antiphishing toolbars do not analyze flash objects at al.Hackers know that this and tend to use this to their advantage by using flash to emulate the original website.Users tend to be that the site is clean because their antiphishing toolbar did not react to it.
Social Phishing
Phishers can also use other means of getting sensitive information from the users. We all know that we should contact the company if we have doubts about the website and what if the number was redirecting you to someone in UK, speaking fluent English and asking for verifying your personal information.
There is not a huge market yet but it will grow over time.