This kind of threat poses an increasing issue to the online selling or buying of products. Presented in the form of spoof emails and other ploys, this form of identity theft is on the rise.
Phishing, a method of acquiring private information such as banking details, usernames and passwords by disguising as a trustworthy entity online, is estimated to be threatening one million computers worldwide by hackers, explains a study conducted by researchers at the University of Kashmir and Middlesex University. Serious financial loss is the most noteworthy concern, with approximately 1.2 million computer users in the US targeted by phishing, amounting to $929 million in damages in 2004-2005 alone. Other serious consequences include lost customer data files to drastic legal implications for a particular company. In a report by the Korean Internet Security Center, there were 1,266 phishing sites reported worldwide, with an increase in not only the number of sites, but also an increase in hacking attempts with monetary objectives in mind.
Different methods of phishing
Amongst the various ways of data hacking, deceptive phishing is the most common method used. Messages are sent to ask the user to either verify account information or to type the information all together in hopes of the person being willing to comply. Another conventional way of stealing personal information is a method known as maleware-based phishing. This comes in the form of an email attachment with a link to be clicked on or a downloadable file in an email attachment, which particularly poses a threat for small to mid-size businesses (SMBs) who may struggle to keep up to date their software applications. An additional phishing scam involves what’s called session hijacking, an attack which prompts a user upon signing into an account, asking to establish their credentials and then taking over the account to potentially transfer funds or hack information.
Financial sector most targeted
According to the Korean Phishing Activity Report, the venue that hijackers tended to target the most involved e-commerce and online payment gateway companies, accounting for 46% of all phishing scams in 2006. Furthermore, the financial sector accounted for 86% of all phishing attacks in the same year, showing that monetary motifs are a driving force for hackers. Additionally, the United States had the most cases of phishing attacks comprising 83% of scams worldwide, with the United Kingdom (5%), Australia (4%) and Canada (4%) representing other attacks.