phishing

(redirected from Fake websites)
Also found in: Dictionary, Financial.

phishing

(security)
("brand spoofing", "carding", after "fishing") /fishing/ Sending e-mail that claims to be from some well-known organisation, e.g. a bank, to trick the recipient into revealing information for use in identity theft. The user is told to visit a web site where they are asked to enter information such as passwords, credit card details, social security or bank account numbers. The web site usually looks like it belongs to the organisation in question and may silently redirect the user to the real web site after collecting their data.

For example, a scam started in 2003 claimed that the user's eBay account would be suspended unless he updated his credit card information on a given web site.

phishing

Pronounced "fishing," it is a scam to steal valuable information such as credit card and social security numbers, user IDs and passwords. Also known as "brand spoofing," an official-looking email is sent to potential victims pretending to be from their bank or retail establishment. Emails can be sent to people on selected lists or any list, expecting some percentage of recipients will actually have an account with the organization.

Email Is the "Bait"
The email states that due to internal accounting errors or some other pretext, certain information must be updated to continue your service. A link in the message directs the user to a Web page that asks for financial information. The page looks genuine, because it is easy to fake a valid website. Any HTML page on the Web can be copied and modified to suit the phishing scheme. Rather than go to a Web page, another option is to ask the user to call an 800 number and speak with a live person, who makes the scam seem even more genuine.

Anyone Can Phish
A "phishing kit" is a set of software tools from phishing developers that help the novice phisher copy a target website and make mass mailings. It may even include lists of email addresses (how thoughtful of people to create these kits!). In the meantime, if you suspect a phishing scheme, you can report it to the Anti-Phishing Working Group at www.antiphishing.org. See pharming, vishing, smishing and twishing.

"Spear" Phishing and Longlining
Spear phishing is more targeted and personal. The message supposedly comes from someone in the organization everyone knows, such as the head of human resources. It could also come from someone not known by name, but with an authoritative title such as LAN administrator. If even one employee falls for the scheme and divulges sensitive information, it can be used to gain access to more of the company's resources.

The "longline" variant of spear phishing sends thousands of messages to the same person, expecting that the individual will eventually click a link. The longlining term comes from using a large number of hooks and bait on a long fishing line, and mobile phones are major targets for this approach.
References in periodicals archive ?
The goal of the fake website was to fool unsuspecting users into entering in their usernames and passwords.
It has come to the notice of the Reserve Bank of India that a fake website of the Reserve Bank of India has been created with the URL www.
Qatari official bodies like the Emiri Diwan, the Emiri Guard and the Qatari Interior Ministry intensively founded fake websites and blogs calling for chaos and attacking the social structure to escalate the situation in Bahrain in 2011.
To address this concern, Kaspersky Internet Security and Kaspersky Total Security includd anti-phishing technology to prevent users from falling victim to fake or spam emails, fake websites and fraud.
The commissioner also reiterated warnings about phishing scams and fake websites.
He said in cyber crime cases hackers made fake e-mails address, websites and upload data on fake websites after stealing it from original websites.
Stay safe Black Friday and Cyber Monday can be a peak time for fraudsters, so watch out for fake websites by checking the URLs.
Cyber criminals will create fake websites, clone cards and create malicious apps to steal money," Triveni Singh, a cyber crime investigator and additional superintendent of police with the Uttar Pradesh special task force, told Mail Today .
Citizens Advice warned people are being duped by promises of strong returns by cold calls, online adverts and fake websites.
Crooks use cold calls, online adverts and fake websites to offer promises of big increases in the value of victims' investments.
This includes flea markets, mall kiosks and, of course, the plethora of online marketplaces and fake websites.
The Embassy said the perpetrators of this scam have gotten more sophisticated, even to the extent of setting up fake websites of law firms or agencies that they claim are going to process documents for the employment offer.