Phishing

Case Study

Introduction

Phishing is where fraudsters set up fake websites which attempt to get your personal information. These websites look similar to the actual site and are sent out by email. The phishing email is sent to lots of people to get their details. The details are then used to commit identity fraud and buy stuff with your cash.

Why is it called Phishing?

Phishing is when someone is aquiring information through sending out emails at random. The technique is similar to that of fishing hense why it is called phishing.

Example

You get sent an email by your 'bank' saying that you need to update your details. So if you went and put in your details and sent it off, the scammer then has enough information to commit identity fraud. They can siphon money from your account and buy things.

Encryption and Methods of protection

Credit cards and other personal details are now encrypted by banks when sent over the internet to stop data being intercepted and used in identity fraud. Encryption scrambles the information in a certain pattern making it impossible to understand unless you have the specific decryption pattern. Banks also ask security questions such as 'what is your mother's maiden name?' to make sure that you are who you say you are and they also adress you by name as it is unlikely fraudsters will have this information.


It is quite easy to tell real from fake emails from your bank. If the web adress looks suspisious, words are spelt wrong, there's something the bank would not do, the email adress looks suspisious or wrong somehow.