Fraud warning: Fishing the latest plot and potential threats

As consumers and businesses can create a potential threat of cyber crimes, fishing in the past few years to the spread, the deceptive tricks are endless. The current downturn in the economic form, but also provides a breeding ground for fish, there has been the use of new social engineering to fraud without the knowledge of the phenomenon of consumers and business users.

First, fishing without boundaries

Fishing - to lure computer users to provide sensitive information, identity theft and business data - on both businesses and consumers a very real threat. In the past 10 the next year, the infiltration fishing, fishing in the daily attacks around the world, about 8 million times.




Anti-Phishing Working Group (APWG) reported that, in the second quarter of 2008, light phishing attacks rose by 13%, more than 28,000 times. It also reported that, in the same period, the infected computers to steal the password code, can be used to spread malicious software has been broken on the website 9500 - compared with the same period in 2007, an increase of 258%. Figure 1 shows the fishing - spear phishing in the 16 months of growth.

Second, beware of the latest phishing scheme

* Spear phishing (spear phishing)

Spear phishing attacks only against specific targets, usually the object lock is not a general person, but to a specific company, organization members, such as well-known banks, financial companies and their executives and so on.

Consumers are not the only spear phishing attack target. More and more employees are cunning criminals eyeing. Their goal is to obtain bank information, customer data and other information to support criminal acts of their network.

According to VeriSign iDefense, spear phishing attacks in April 2008 to May during the company launched the attack, reached unprecedented levels. The aim of these attacks is the company's senior management and other important figures. In 15 months, the number of victims of corporate users as much as a staggering 15,000. These victims include Fortune 500 companies, government agencies, financial institutions and law firms.

* Business Services phishing

In addition to spear phishing, the fishing new plot also targeted phishing attacks on commercial services. For example, the use of Yahoo! Introduced relations and Google's AdWords for fishing. According to PhishTank report, AdWords customers will be an e-mail to remind them of accounts need to be updated. , The user will be asked to visit the AdWords interface and a fake credit card information. As many SMEs rely on online advertising to provide site traffic, marketing managers who are vulnerable to anglers eye on.

* The use of economic intimidation launch phishing attacks

Gloomy economic situation, as the criminals phishing attacks launched to provide the facilities. For example, e-mail posing as financial institutions need to obtain from a victim of bank cards, deposits and loans and other financial information, to help deal with bankruptcy or mergers, acquisitions and other matters. A large number of mergers and acquisitions information, so that consumers are confused. To make matters worse, the lack of unified communications, even for those who have nothing to fear of fraud.

* Hybrid Fishing / malware threats

In order to increase the success rate, number of phishing attacks with malicious software, combined manner. For example, a potential victim received phishing e-cards sent by mail, by clicking on the card, the user will not know the conditions in a fake Web site to enter, and the infection site to automatically download over the Trojans . In addition, victims may see a message before viewing the cards need to download the updated software (eg Flash). When the user of the software, when in fact it is a keylogger.

Fishing-based keylogger will track each user access record, and monitor them useful information, such as online shopping, bank card accounts and passwords and other sensitive information.

Another allow phishers to capture sensitive information, Trojans, it is redirected. Redirect the user to enter not make its intended site. At present, based on fishing, keyloggers and redirection are pandemic.

* Middleman SSL penetration attacks

In 2008, the emergence of a new encrypted session enables criminals to deceive the malicious software. This variant of the standard middle attack that allows criminals access to the network transmission unprotected passwords and other sensitive information.

* SMS and phone phishing scams

Phishers may use SMS instead of email to impersonate a financial institution and obtain confidential account information. Known as smishing (short message through phishing attacks), is a typical cellular phone fraud, it will notify the user bank account has been compromised or bank card is disabled, and requested a telephone call to restore banking services. Once cell phone users visit the Web site or through automatic telephone system, will be disclosed fraudulent financial information and bank PIN number.

Third, the impact of fishing on the business

While the financial industry has always been a major target for phishing attacks, but it is not the sole objective of being phishing attacks. Online payment, donation sites, retail and social networking sites often become prey to anglers. Anti-Phishing Working Group (APWG) reported that cell phone providers and manufacturers against phishing attacks also showed a significant growth trend. In other words, no industry or field to escape danger from attack.

Posing as a company's official website phishing attacks, would seriously damage the company's brand image and hurt the confidence of users, allows users to not dare to visit the official website. In addition, the company will be subject to the following effect:

* The impact of customer trust, online revenue and click-through rate will decline

* Once the customer data was leaked, the company should pay compensation

Phishing attacks also cause the user can not easily conduct online transactions, especially for those who do not trust them.

Fourth, to prevent phishing attacks

Although there is no way to deal once and for all phishing attacks, but can still use some techniques to protect your users and your interests.褰撳墠鐨勯挀楸兼妧鏈紝涓昏杩樻槸渚濊禆浜庤浣跨敤鎴风櫥闄嗕吉閫犵綉绔欒幏鍙栫敤鎴蜂俊鎭?璇稿SSL銆丒VSSL绛夋妧鏈湪闃茶寖閽撻奔鍜屽叾浠栧舰寮忕殑缃戠粶鐘姜鏂归潰锛岃繕鏄捣鐫?嚦鍏抽噸瑕佺殑浣滅敤銆?br />
銆??瀹炵幇瀹夊叏鐨勬渶浣冲仛娉曞氨鏄紝寮?惎鏈?珮绾у埆鐨勫姞瀵嗗拰璁よ瘉鎺柦銆係SL锛學eb瀹夊叏鐨勪笘鐣岀骇鏍囧噯锛屽畠鍙互瀵瑰埄鐢℉TTS鍗忚浼犺緭淇℃伅杩涜鍔犲瘑淇濇姢銆傚綋鍓嶇殑缁濆ぇ閮ㄥ垎鎿嶄綔绯荤粺銆乄eb娴忚鍣ㄣ?Internet搴旂敤绋嬪簭鍜屾湇鍔″櫒纭欢閮藉唴缃湁瀵筍SL鐨勬敮鎸併?

銆??涓轰簡甯姪鏈夋晥闃叉閽撻奔鏀诲嚮锛屽苟澧炲己鐢ㄦ埛淇′换锛屽叕鍙镐篃闇?涓?鍙互鍚戠敤鎴疯瘉鏄庡叾涓哄悎娉曠綉绔欑殑鏂规硶銆侲V SSL璇佷功鍙互甯姪浼佷笟瀹炵幇杩欎竴鐩殑銆傚畠鏄叏鐞冮鍏堢殑鏁板瓧璇佷功棰佸彂鏈烘瀯鍜屼富娴佺殑娴忚鍣ㄥ紑鍙戝晢鍏卞悓鍒跺畾鐨勪竴涓柊鐨凷SL璇佷功涓ユ牸韬唤楠岃瘉鏍囧噯锛岃鏂颁竴浠ｅ畨鍏ㄦ祻瑙堝櫒(濡傦細IE7)鑳借瘑鍒嚭 EV SSL 鑰屽湪鍦板潃鏍忔樉绀轰负缁胯壊锛岃鏅?娑堣垂鑰呰兘纭俊姝ｅ湪璁块棶鐨勭綉绔欏氨鏄?杩囨潈濞佺涓夋柟涓ユ牸韬唤楠岃瘉鐨勭幇瀹炰笘鐣岀殑鐪熷疄瀹炰綋锛屼粠鑰屽寮烘秷璐硅?淇″績锛屼績鎴愭洿澶氬湪绾夸氦鏄撱?




銆??铏界劧缃戠粶鐘姜鍒嗗瓙姝ｅ彉寰楄秺鏉ヨ秺浼氭ā浠垮悎娉曠綉绔欙紝浣嗙敱浜庝粬浠病鏈塃V SSL璇佷功锛屽洜姝ゅ湪鍦板潃鏍忎笂 骞朵笉鑳芥樉绀哄嚭浠栦滑鐨勫悎娉曚俊鎭?

銆??闄や簡鍒╃敤EV SSL璇佷功鎶?湳澶栵紝浼佷笟杩樺簲璇ュ鍛樺伐鍜岀敤鎴峰氨缃戠粶琛屼负鍜屽浣曢伩鍏嶆璇堣繘琛屽浼犲拰鏁欒偛銆傛暀瀵间粬浠浣曡瘑鍒豢鍐掔綉绔欙紝濡傦細鎷煎啓閿欒銆佸己鐑堣姹傜敤鎴锋彁渚涗釜浜轰俊鎭?浼?鍩熷悕鎴栬?鏈煡閾炬帴銆?br />
銆??杩樿鏁欒偛浣犵殑瀹㈡埛鍜屽憳宸ワ紝鍦ㄦ彁渚涗换浣曚釜浜轰俊鎭垨鑰呭叾浠栨晱鎰熶俊鎭箣鍓嶅浣曡瘑鍒竴涓湁鏁堢殑銆佸畨鍏ㄧ綉绔欙細

銆??*鏌ョ湅缁胯壊鍦板潃鏍?br />
銆??*纭繚URL涓篐TTPS

銆??*鏌ョ湅瀹夊叏鏁板瓧璇佷功

銆??涓轰簡娑堥櫎閽撻奔鏀诲嚮甯︽潵鐨勬亹鎯э紝鏁欏鍛樺伐鍜屽鎴锋槸鏍戠珛蹇呰鐨勪俊浠荤殑鍏抽敭缁勬垚閮ㄥ垎銆傞?杩囧府鍔╁鎴风悊瑙ｅ浣曠‘璁や粬浠槸鍚︾櫥闄嗗悎娉曠綉绔欙紝浼佷笟鍙互鑾峰緱鏇村鐨勫湪绾夸氦鏄撳拰鐢ㄦ埛璁块棶锛屽苟鎵╁ぇ鐭ュ悕搴﹀拰鏁翠綋閿?噺銆?br />
Summary

銆??缃戠粶閽撻奔浼氱户缁紨鍙樻垚鏂扮殑鑺辨牱锛屽畠浠瘯鍥惧埄鐢ㄤ汉浠浐鏈夌殑鍚屾儏蹇冦?淇′换鎴栬?濂藉蹇冿紝鏉ュ紑灞曚竴杞張涓?疆鐨勯挀楸兼椿鍔ㄣ?鍥犳锛屼繚鎶や紒涓氬搧鐗屽拰瀹㈡埛闇?浼佷笟浠樺嚭涓嶆噲鐨勫姫鍔涖?鍒╃敤鏈?珮绾у埆鐨勫畨鍏ㄩ槻鑼冩帾鏂藉拰EV SSL璇佷功鏁欏鍜屼繚鎶や綘鐨勫鎴凤紝鍙互璁╁鎴峰浼佷笟鐨勫湪绾挎湇鍔″厖婊′俊蹇冦?







相关链接:



3GPP to WMV



XviD to iPhone



ram upgrade how much Is the best for your



TOD CONVERTER