Return to the archive index

Know your Enemy: Phishing

From:  kayodeok <news4kayode@btopenworld.com>
Date:  Sat, 21 May 2005 19:52:41 +0100
Newsgroups:  grc.linkfarm,grc.security

 Know your Enemy: Phishing Behind the Scenes of Phishing Attacks

 http://www.honeynet.org/papers/phishing/

 Phishing is the practice of sending out fake emails, or spam, written to
 appear as if they have been sent by banks or other reputable organisations,
 with the intent of luring the recipient into revealing sensitive
 information such as usernames, passwords, account IDs, ATM PINs or credit
 card details.
 Typically, phishing attacks will direct the recipient to a web page designed
 to mimic a target organisation's own visual identity and to harvest the
 user's personal information, often leaving the victim unaware of the attack.
 Obtaining this type of personal data is attractive to blackhats because it
 allows an attacker to impersonate their victims and make fraudulent financial
 transactions. Victims often suffer significant financial losses or have their
 entire identity stolen, usually for criminal purposes.
 This KYE white paper aims to provide practical information on the practice of
 phishing and draws on data collected by the German Honeynet Project and UK
 Honeynet Project.
 This paper focuses on real world incidents that the Honeynet Project has
 observed in the wild, but does not cover all possible phishing methods or
 techniques. Attackers are constantly innovating and advancing, and there
 are likely to be new phishing techniques already under development or in
 use today.

From Usenet Articles Archive (UAA)
Maintained by gwl
gwl At Home