Phishing Mobiles and Emails

There is a saying charity begins at home, so lets digg our own mind and think, “What would you do if you want someones password ?”,

You wont just ask right! Well then you fake him.I have an account is some xyz bank and you know it.You send me an email , which is so real with logos and properly formatted and with the banks manager name under it.

I read the email and at the end you ask me “Please follow the link and confirm your password, as its going to expire today“. Guess now its clear what you mean by phishing

Phishing is termed as “Criminal activity using social engineering techniques. Phishers attempt to fraudulently acquire sensitive information, such as passwords and credit card details, by masquerading as a trustworthy person or business in an electronic communication.(Wikpedia)”

Well now in laymans language Phishing is something that you dont want but somebody fools you to make you do the same thing!

Types of Phishing

SMS Phishing

Unlike an Ip address which doesnt really give personal information of a person to a phisher cellphone or mobile numbers do.Therefor an SMS message designed to scare the recipent into calling a number to enquire about something (like a fake purchase information or a tempting lottery money) would provide the attacker a validation of your number, meaning he knows that this number is valid.

So whats next, as soon as you make the call and find it was bogus, you are spammed with 100’s of messages into your inbox.What can it contain? Lets have a look

• Premium rate advertising.
• Images(could be porn stuffed).
• Viruses( in form of ringtones)

Dangerous enough to make you buy another mobile.Alarming isn’t it!!

Malware

These are serious threat on the mobile, because of the technology itself.As it advances even the crackers get smarter.And there is always a loop hole. There are around 760for the Symbian OS based devices and 17 for Windows CE devices.

How fast they grow and spread is really alarming now.Bluetooth, GPRS, CDMA .They can get into your mobiles in form of wallpapers, ringtones.In short anything we like and is attractive.

Once installed, they can spread themselves again through messages and can access your contact list.So one of the best solution is don’t download or accept these things unless you know you were supposed to get it.

Spear phishing is targeted at a specific group or an enterprise.Hmm lets make it simple.Its like you are an employee of a company and you get an email which looks exactly like your project manager sent it.And what it could ask you is vital information of the company.You don’t mind sending him( after all he is your boss!!). Thats all Job done.

Its intended to get viable information and passwords, and beware they can be containing trojans to knock down your system after you gave given the details!! You cant find the link ever back.

Tags: browser security, email security, phishing