Which SSL Reviews

Internet Security

How to Prevent Phishing Scams

November 12, 2014 | By Editor 

Summary

What is Phishing?
Is the act of attempting to ascertain essential data such as usernames, encrypted passwords, and credit and/or debit card details by impersonating as a legitimate entity in an e-communication.

How to Prevent Phishing Scams?

  • Majority of phishing scams occur when a user clicks on a malicious link that is embedded in a mail, social networking website, or adware. The link is then redirected to a site that looks 99 percent similar to the one it is impersonating.
  • Once the user enters the personal details (username, password, Social Security Number (SSN), Credit/debit Card) the hacker captures it and uses it illegally or resells it on the black market. A well-known example is the Google phishing attack that occurred on March, 2014.
  • Hackers used Google Drive to deliver a malicious page via SSL to the victim. What the victim sees in he or she accesses the page, is a near-perfect mirror. Aside from a glitch in the language bar, the rest of the Web page is the identical twin of Google’s own authentication portal. Most users assumed the flawed language section a system bug.

How to Prevent Phishing Scams

If you want your users to know they are on the right website, the best thing to do is to make it impossible to impersonate and easily recognizable.
In order to achieve this:

  • First buy an Extended Validation (EV) SSL certificate.
  • Before issuing the EV SSL certificate, the Certification Authority (CA) will first validate a your firm’s legal existence.
  • The EV SSL certificate turns a client’s address bar green and displays your company’s information when they are the on your website.
  • Once the certificate is correctly installed, using the best security practices is the second step.
  • Practices such as informing your customers about phishing scams and the actions you have taken to prevent them from taking place will bolster your firm’s reputation.
  • Ensure your customers know about EV SSL certificate on your website and never enter any details if the Web browser doesn’t display the green bar.

Some of the Top Phishing Scams of Recent Times

  • In January 2013, a sophisticated system spy operation called Red October was found targeting governments, high-profile diplomats, and power plants.
  • The attack covered 69 countries.
  • In March 2013, hackers wiped the hard drives of PCs in broadcasting firms and banks in South Korea.
  • In August 2013, days before Iran’s national elections, cyber criminals hacked thousands of Gmail user accounts intended to impact the elections.
  • In December 2013, a man was arrested for a phishing scam targeting UK college students. The scam asked students to update their education loan details on a bogus site, taking huge sums from their accounts.
Be part of an IT community with thousands of subscribers. Get the latest news, blogs, and thought leadership articles. Subscribe now
Email *

Posted in Internet Security

Be Sociable, Share!

Leave a Comment


 


* fields are mandatory