This page contains a Flash digital edition of a book.
The golden hour of phishing attacks... Fraud Trends:


I


t is estimated that approximately $1.5b was lost globally last year due to phishing


schemes. Victims of online phishing scams can find their credit card details are used by cyber criminals to purchase goods or services. They can find their bank account is missing funds after fraudsters used their account information, login passwords, personal identification numbers (PINs) and other sensitive financial information to transfer money out of their accounts. And it is not only individuals who are at risk.


Fraudsters target financial organisations and businesses of all sizes to steal money other financial assets.


Phishing involves the use of fraudulent emails to trick users into revealing valuable personal and business information – such as the user’s login credentials, bank account information and more. Fraudsters use this information to impersonate the user, steal the user’s identity, steal money, or all of the above. Criminals continue to improve their methods.


Paving the way with phishing emails, Instant Messaging and fake online ads


Cyber criminals use phishing emails, instant messaging and online ads to manipulate users and steal their credentials. Looking like legitimate emails that are sent by a bank or any other trusted source, phishing emails typically contain links to fake websites that look almost identical to the real websites. The user is requested to login to the fake website and by doing so, the user exposes his/her confidential account login credentials to the attacker.


In other cases, phishing emails, instant messages and online ads can direct the user to a malicious website where the user can be infected with malware that is silently downloaded to the user’s machine.


As more and more users become aware of the problem, fraudsters need to find more creative ways of convincing users to surrender personal information to fraudulent websites. Increasingly, fraudsters are turning to Social Engineering to launch successful phishing attacks. Criminals compromise social networking accounts and then use the account to send phishing emails and messages to other accounts. Because it looks as if the phishing email was sent by a known acquaintance, the recipient is less suspicious and is much more likely to follow the phishing email requests.


16


© CI TY S ECURI TY MAGAZ INE – SUMME R 2013


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36