phishing

(redirected from Anti-phishing)
Also found in: Dictionary, Financial.

phishing

(security)
("brand spoofing", "carding", after "fishing") /fishing/ Sending e-mail that claims to be from some well-known organisation, e.g. a bank, to trick the recipient into revealing information for use in identity theft. The user is told to visit a web site where they are asked to enter information such as passwords, credit card details, social security or bank account numbers. The web site usually looks like it belongs to the organisation in question and may silently redirect the user to the real web site after collecting their data.

For example, a scam started in 2003 claimed that the user's eBay account would be suspended unless he updated his credit card information on a given web site.

phishing

Pronounced "fishing," it is a scam to steal valuable information such as credit card and social security numbers, user IDs and passwords. Also known as "brand spoofing," an official-looking e-mail is sent to potential victims pretending to be from their bank or retail establishment. E-mails can be sent to people on selected lists or any list, expecting some percentage of recipients will actually have an account with the organization.

E-Mail Is the "Bait"
The e-mail states that due to internal accounting errors or some other pretext, certain information must be updated to continue your service. A link in the message directs the user to a Web page that asks for financial information. The page looks genuine, because it is easy to fake a valid website. Any HTML page on the Web can be copied and modified to suit the phishing scheme. Rather than go to a Web page, another option is to ask the user to call an 800 number and speak with a live person, who makes the scam seem even more genuine.

Anyone Can Phish
A "phishing kit" is a set of software tools from phishing developers that help the novice phisher copy a target website and make mass mailings. It may even include lists of e-mail addresses (how thoughtful of people to create these kits!). In the meantime, if you suspect a phishing scheme, you can report it to the Anti-Phishing Working Group at www.antiphishing.org. See pharming, vishing, smishing and twishing.

"Spear" Phishing and Longlining
Spear phishing is more targeted and personal. The message supposedly comes from someone in the organization everyone knows, such as the head of human resources. It could also come from someone not known by name, but with an authoritative title such as LAN administrator. If even one employee falls for the scheme and divulges sensitive information, it can be used to gain access to more of the company's resources.

The "longline" variant of spear phishing sends thousands of messages to the same person, expecting that the individual will eventually click a link. The longlining term comes from using a large number of hooks and bait on a long fishing line, and mobile phones are major targets for this approach.
References in periodicals archive ?
Among the customers of banks and credit card companies that have been victimized recently by phishing are those of Citibank, Visa, First USA, Bank One, NatWest and Westpac Bank, according to the Anti-Phishing Working Group, an organization that provides information about phishing, e-mail and identity fraud.
Symantec is an ideal partner in our fight to end email abuse and preserve trust in the channel," said Ken Takahashi, general manager, anti-phishing solutions at Return Path.
Companies who are part of the Return Path ISP Anti-Phishing Program have access to a global team of email experts who can assist them with handling un-authenticated email, generating feedback reports to domain owners on email that don't pass authentication, reducing domain spoofing and the impact of phishing and fraudulent email messages delivered to end-users.
The newest addition, the Blackfin Anti-Phishing Platform, will provide a similar level of simulation training for end users by mimicking a real-life phishing attack against an organization's employees.
Among the key features of the solution is advanced anti-phishing technology, which ensures customers are always safe when banking, online shopping, surfing the Web, and more.
PhishMe is a leader in anti-phishing training and focuses on educating users on how to best protect themselves from the latest scams.
Key functionalities in the new 2014 products include a new Anti-Phishing module and an improved ESET Social Media Scanner, which extends protection to both Facebook(TM) and Twitter(TM).
Our customers expect the best anti-phishing protection, so in an area where every second counts, CYREN Phishing Intelligence enables us to give them critical early protection.
Fortinet (NASDAQ: FTNT) said it has been awarded an ADVANCED+ rating in AV-Comparative's July 2013 anti-phishing test, earning a 97 % score out of 100%.
ESET, a global pioneer in proactive digital protection, has topped a survey of 16 security products tested in the latest AV-Comparatives Anti-Phishing Report, thus securing the "Advanced+" mark.
of Green Armor Solutions, a leading provider of online security technology, today discussed recent comments by the Anti-Phishing Working Group (APWG) stating that the number of phishing sites is at an all-time high and that “no brand is safe.
That's according to a new report from the Anti-Phishing Working Group, which said its research found that the Avalanche botnet infrastructure went from accounting for two-thirds of all observed phishing attacks in late 2009 to only four this past July.
Full browser ?