Phishing (Phishing), the word "Fishing" and "Phone" complex, because hackers ancestor initially by telephone modus, so use the "Ph" to replace the "F", "Phishing", the pronunciation is the same as Phishing and Fishing.
"Phishing" for its part, is not much of an independent means of attack, and more are just scams, like real society some scams. Attackers use spoofed emails and fraudulent Web sites to conduct fraud, deception visitor to provide some personal information such as credit card numbers, account passwords, social security and numbering, and so on (usually mainly those and financial, account-related information, to obtain undue benefits), who have been deceived tend to reveal their financial data. Scammers will often disguised as a well-known Bank yourself, online retailers and credit card companies and other trusted brand, therefore, the phishing victims often are those and e-commerce-related service providers and users. I. Phishing Working principle figure now phishing technology means more and more complex, such as hidden in the picture of malicious code, keyboard loggers, of course, and a legitimate Web site look exactly the same false Web sites, these false website even the browser below the padlock security tags are displayed. Phishing means more and more sophisticated, first of all introduce the phishing work processes. Usually there are five phases: 1. the phisher's invasion of the primary server, steal the user's name and e-mail address of the early phishers use spam to victims to fake Web sites, these sites from their own design, look and legitimate commercial website is extremely similar. Many people have received from phishers, so-called "emergency message," who claim to be a shopping site account representative, threatened that if the user does not log in they provide a fake Web site and provide your own personal information, this user account in the shopping site can be sealed off, of course, many users will be able to see through this type of scam. Now the phishers often through remote attacks some protection weak server, gets the name of the customer database. Then vote by phishing messages sent to specific targets. 2. the phisher send messages against nature now sends anglers fishing message is not a random spam. Their message will write out the user name instead of "Dear customer". This is even more deceptive, easy to obtain the trust of customers. The specific targets of attacks more efficient use of social engineering. Many users have been able to see through the ordinary to spam in the form of phishing e-mail, but they still may on this message, because they often do not expect this kind of messages will be tailored to your company or organization. According to IBM Global Security Guide (GlobalSecurityIndex) report, was intercepted by fishing events from January 2005 onwards the explosive growth of 56 to 60 million in June. 3. the injured victims of counterfeit Web site users access users are fishing mail pilot access fake Web site. The main means of (1) IP address spoofing. Mainly use a string of decimal format, through digital paralysis doesn't make sense, such as IP address the user 202.106.185.75, this IP address after you convert a decimal is 3395991883, Ping this number, we will find that you can Ping Tung, this is the decimal IP address resolution, they are equivalent. (2) link text spoofing. We know that the link text itself does not require the same as the actual Web site, so you can't just look at the link text, but should pay more attention to your browser's status bar's actual Web site. If the Web page in the status bar prompts masks the real Web site, you can also press the right button on the link to view the link of "property". (3) Unicode encoding. Unicode encoding have security vulnerabilities, the encoding itself to identify Web sites brought inconvenience, in the face of the "% 21% 32" the Holy Scriptures, very few people can see it real content. 4. the affected user secrets and user information obtained by the phisher once injured users are fishing mail pilot access counterfeit Web sites, anglers can through technical means allow unwitting users to enter their own "UserName" and "Password", then, by a form for users to enter a name, city, and other general information. Completed. He now wants users to fill out the credit card information and password. Once you obtain the user's account information, the attacker can find a reason to cheat users say "your information updated successfully!", so the user feels "happy". This is a more common form of fraud, some attackers even fabricating company information and certification marks, their invisibility. In General, by default we are using the HTTP protocol is no encryption measures. However, now all of the message is in plaintext sent across the network, a malicious attacker can install a listener to receive us and server communication. 5. the phisher uses the aggrieved user access to another network server the following anglers will use the affected user's identity to other network servers (such as shopping sites) for consumption or when the network send reactionary, pornographic information. Second, Linux users to phishing prevention Linux users access the Internet for two main instruments are the browser and email. Following on from these two aspects. 1. email settings for preventing phishing e-mail software under Linux, which Mozilla Foundation for Thunderbird (Thunderbird) are more popular and safe. (1) upgrade email software Thunderbird to 1.1 above. First of all, it is recommended that you use email software Thunderbird (Thunderbird) to 1.1 above Thunderbird 1.1 versions of new features including the prevention of net fishing (phishing) attack warning system. In the new ThunDerbird function, when users click on my email the URL of the suspected network fish (website), the detectors will open a Web page before the dialog box to remind users that Gemal wrote. When a website has a numeric IP addresses instead of domain name (domainname), or the URL and text links in the network address not the same, the detectors will start. In addition you can also pass a SPF plug-in against phishing, download link: http://taubz.for.net/code/spf/thunderbird-sve.tgz. SPF plug-in installed when the user clicks on a phishing link in the mail, Thunderbird's SPF plugin will detect the address or link text and the actual address do not match, a warning, and pop up a warning dialog box alerts the user. (2) close Thunderbird's Preview Panel many phishing messages only need email program Preview Panel shows can invade your computer. Therefore we suggest user to close the Inbox Preview Panel. In Mozilla Thunderbird, open the "Layout"-> ", clear the check box" Messagespane "(or use the" F8 "shortcut to close the Preview Panel). (3) read as plain text e-mail many phishing emails are HTML code to achieve his ulterior motives, so if you read in plain text messages will let them do. In Mozilla Thunderbird, select "view"-> "MessagebodyAs"-> "Plaintext" check box. (4) don't put characters Unicode encoding Unicode encoding have security vulnerabilities, the encoding itself to identify Web sites brought inconvenience, so don't put the Thunderbird's character set to Unicode encoding.
No comments:
Post a Comment