Tips Tricks of Internet and PC - PHISHING and its DETECTION

Have you heard about Phishing Scams??Very popular nowdays....Let me explain you how to detect Phishing sites

What is Phishing?

Phishing is the act of fooling a computer user into submitting personal information by creating a website that looks like a real (and trusted) site. It is a hacker technique of "fishing" for passwords and other secret financial info. According to WordSpy.com, the word was invented by computer hackers in the late 1990's, and it plays off a common hacker word play of changing the letter "f" to "ph", which was seen as early as the seventies with "phone phreaks."

Due to the lack of awareness, many users lose their personal data. This is very common nowdays and it is done through phishing emails. phishing emails usually appear to come from a well-known organization and ask for your personal information — such as credit card number, social security number, account number or password. Often times phishing attempts appear to come from sites, services and companies with which you do not even have an account.

In order for Internet criminals to successfully "phish" your personal information, they must get you to go from an email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via email.

Example of a phishing page:

This page is fake login page which seems to be like login page of facebook.

NOTE: NO LEGITIMATE WEBSITE WILL EVER ASK YOU FOR YOUR USERNAME AND PASSWORD BY SENDING EMAILS. EXAMPLE:

These messages are not coming from MIT

Although these messages may appear to be coming from MIT, they are in fact from an address that has either been hacked or simulated. MIT will never ask you to confirm or supply your passwords. These messages are an attempt to steal your username and password for illegitimate purposes. DO NOT REPLY TO THESE MESSAGES! Just delete them.

Example 1: This email appeared to be coming from "webmaster@mit.edu":

Subject line: System Upgrade
Good day.
This is to inform you that we will be undergoing syetem upgrade and maintenanace of our systems between 5pm-7pm today.As a result you will be required to provide us with your password and other necessary information inorder for us to upgrade your webmail.Once again we are sorry for any inconvienences this might cause you.
Regards,

MIT team.

Example 2: This email appeared to be coming from "accountupgrade@MIT.EDU." There have been various iterations of this same message:

Subject line: Verify Your Mit Account Now
Dear Mit Account Owner,
This message is from Mit messaging center to all Mit email account owners. We are currently upgrading our data base and e-mail account center. We are deleting all Mit email account to create more space for new accounts.
To prevent your account from closing you will have to update it below so that we will know that it's a present used account.

***********************************************************
CONFIRM YOUR EMAIL IDENTITY BELOW
Email Username : ......... .....
EMAIL Password : ...............
Date of Birth : ................Country or Territory : .........
***********************************************************

Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her account permanently.

Thank you for using Mit!
Warning Code:VX2G99AAJ
Thanks,
Mit Team
Mit.edu BETA

Click Here For More Examples

Prevention: Phishing can only be prevented by checking whether the site is original one or not. You can easily learn this. Just go to https://www.phish-no-phish.com/default.aspx and take a quick tutorial. That's easy and interesting too.

PC Tips & Tricks