Phishing

High Tech Crime Brief

Research output: Contribution to Newspaper/Magazine/BulletinArticle

Abstract

Australia's Anti-Phishing Working Group (APWG) has obtained data on the scale of e-mail phishing attacks for Australian Internet users. There were 13,141 new distinctive phishing e-mails identified in February 2005, a dramatic increase from the 107 phishing e-mails reported in December 2003. A total of 2,625 separate phishing sites (sites advertised by e-mails) were reported in February 2005. These sites sought information that can be used in identity theft for fraudulent schemes. These sites were maintained for short periods (average of 5.7 days). An example of a phishing strategy is to send spam e-mail that requires a person to "validate" their credit card or their Internet banking account login details. In other cases of phishing, perpetrators use sophisticated techniques to intercept encrypted passwords and capture victim information being transferred online. Another strategy is for phishers to impersonate a legitimate site with which the user may desire to do business, which in turn requires the divulging of personal information that can be used in financial frauds against the victim and other entities. A recommended countermeasure against phishing is to never respond to an e-mail that seeks to verify or confirm online authentication details, even when solicited by a company with which the user has had legitimate dealings in the past. Responding to what appears to be legitimate inquiries may divert the user to malicious sites that can load software onto the customer's computer that will subsequently reveal personal information being transmitted.
Original languageEnglish
Pages1-2
Number of pages2
No.9
Specialist publicationHigh Tech Crime Brief
PublisherAIC
Publication statusPublished - 2005
Externally publishedYes

Fingerprint

Crime
Internet
Authentication
Industry

Cite this

@misc{5056a89520b840cfba71c9a1795f1b86,
title = "Phishing: High Tech Crime Brief",
abstract = "Australia's Anti-Phishing Working Group (APWG) has obtained data on the scale of e-mail phishing attacks for Australian Internet users. There were 13,141 new distinctive phishing e-mails identified in February 2005, a dramatic increase from the 107 phishing e-mails reported in December 2003. A total of 2,625 separate phishing sites (sites advertised by e-mails) were reported in February 2005. These sites sought information that can be used in identity theft for fraudulent schemes. These sites were maintained for short periods (average of 5.7 days). An example of a phishing strategy is to send spam e-mail that requires a person to {"}validate{"} their credit card or their Internet banking account login details. In other cases of phishing, perpetrators use sophisticated techniques to intercept encrypted passwords and capture victim information being transferred online. Another strategy is for phishers to impersonate a legitimate site with which the user may desire to do business, which in turn requires the divulging of personal information that can be used in financial frauds against the victim and other entities. A recommended countermeasure against phishing is to never respond to an e-mail that seeks to verify or confirm online authentication details, even when solicited by a company with which the user has had legitimate dealings in the past. Responding to what appears to be legitimate inquiries may divert the user to malicious sites that can load software onto the customer's computer that will subsequently reveal personal information being transmitted.",
keywords = "Fraud, Criminal methods , Computer privacy and security , Fraud and abuse prevention measures, Fraudulent concealment, Identity Theft",
author = "Tony Krone",
year = "2005",
language = "English",
pages = "1--2",
journal = "High Tech Crime Brief",
issn = "1832-3413",
publisher = "AIC",

}

Phishing : High Tech Crime Brief. / Krone, Tony.

In: High Tech Crime Brief, No. 9, 2005, p. 1-2.

Research output: Contribution to Newspaper/Magazine/BulletinArticle

TY - GEN

T1 - Phishing

T2 - High Tech Crime Brief

AU - Krone, Tony

PY - 2005

Y1 - 2005

N2 - Australia's Anti-Phishing Working Group (APWG) has obtained data on the scale of e-mail phishing attacks for Australian Internet users. There were 13,141 new distinctive phishing e-mails identified in February 2005, a dramatic increase from the 107 phishing e-mails reported in December 2003. A total of 2,625 separate phishing sites (sites advertised by e-mails) were reported in February 2005. These sites sought information that can be used in identity theft for fraudulent schemes. These sites were maintained for short periods (average of 5.7 days). An example of a phishing strategy is to send spam e-mail that requires a person to "validate" their credit card or their Internet banking account login details. In other cases of phishing, perpetrators use sophisticated techniques to intercept encrypted passwords and capture victim information being transferred online. Another strategy is for phishers to impersonate a legitimate site with which the user may desire to do business, which in turn requires the divulging of personal information that can be used in financial frauds against the victim and other entities. A recommended countermeasure against phishing is to never respond to an e-mail that seeks to verify or confirm online authentication details, even when solicited by a company with which the user has had legitimate dealings in the past. Responding to what appears to be legitimate inquiries may divert the user to malicious sites that can load software onto the customer's computer that will subsequently reveal personal information being transmitted.

AB - Australia's Anti-Phishing Working Group (APWG) has obtained data on the scale of e-mail phishing attacks for Australian Internet users. There were 13,141 new distinctive phishing e-mails identified in February 2005, a dramatic increase from the 107 phishing e-mails reported in December 2003. A total of 2,625 separate phishing sites (sites advertised by e-mails) were reported in February 2005. These sites sought information that can be used in identity theft for fraudulent schemes. These sites were maintained for short periods (average of 5.7 days). An example of a phishing strategy is to send spam e-mail that requires a person to "validate" their credit card or their Internet banking account login details. In other cases of phishing, perpetrators use sophisticated techniques to intercept encrypted passwords and capture victim information being transferred online. Another strategy is for phishers to impersonate a legitimate site with which the user may desire to do business, which in turn requires the divulging of personal information that can be used in financial frauds against the victim and other entities. A recommended countermeasure against phishing is to never respond to an e-mail that seeks to verify or confirm online authentication details, even when solicited by a company with which the user has had legitimate dealings in the past. Responding to what appears to be legitimate inquiries may divert the user to malicious sites that can load software onto the customer's computer that will subsequently reveal personal information being transmitted.

KW - Fraud

KW - Criminal methods

KW - Computer privacy and security

KW - Fraud and abuse prevention measures

KW - Fraudulent concealment

KW - Identity Theft

UR - http://www.aic.gov.au/media_library/publications/htcb/htcb009.pdf

UR - http://www.aic.gov.au/publications/current%20series/htcb/1-20/htcb009.html

M3 - Article

SP - 1

EP - 2

JO - High Tech Crime Brief

JF - High Tech Crime Brief

SN - 1832-3413

PB - AIC

ER -